Dag-Erling Smørgrav
b4a475937b
Create a pam_ssh(8) man page, based on a repo-copy of pam_unix(8).
...
License modified with original author's permission.
Sponsored by: DARPA, NAI Labs
2001-11-27 00:57:50 +00:00
Dag-Erling Smørgrav
d65e5dfa59
Document the local_pass and nis_pass options, add a few xrefs, and reorder
...
the SEE ALSO section. License modified with original author's permission.
Sponsored by: DARPA, NAI Labs
2001-11-27 00:53:10 +00:00
Dima Dorfman
a48060a2f7
Spelling police: sucessful -> successful.
2001-11-24 23:41:32 +00:00
Maxim Sobolev
bc3a4bf55d
Don't put an extra space after password prompts, because it violates POLA,
...
makes FreeBSD inconsistent with previous releases and "other unices" as well
as with some internal password-asking services (e.g. ftp) within the same
release.
2001-10-25 15:51:50 +00:00
Mark Murray
ce1e0bbc8f
Add library exposed by KDE's use if this module.
2001-10-18 20:05:20 +00:00
Matthew Dillon
ceaf33f537
Add __FBSDID()s to libpam
2001-09-30 22:11:06 +00:00
Mark Murray
6e925e8fc7
1) repair the return value in the PAM_RETURN() macro (Side effects!!).
...
2) canonicalise the options use in pam_options().
Submitted by: Gunnar Kreitz <gunnark@chello.se>
PR: 30250
2001-09-04 17:05:08 +00:00
Mark Murray
a41ad3fca9
Introduce a "noroot_ok" option to make this module ignore authentications
...
to a non-superuser if required.
2001-08-26 18:09:00 +00:00
Mark Murray
f96b705fa7
Introduce better logging, error reporting and use of login_cap data.
2001-08-26 18:05:35 +00:00
Mark Murray
3d55a6c083
Big module makeover; improve logging, standardise variable names,
...
introduce ability to change passwords for both "usual" Unix methods
and NIS.
2001-08-26 17:41:13 +00:00
Mark Murray
ca0bdcdd29
Document the no_warn option.
2001-08-15 20:05:33 +00:00
Mark Murray
b5507a38bc
Fix a couple of cross-references to reflect the reality of the module.
2001-08-15 20:03:26 +00:00
Mark Murray
537db85291
Fix:
...
/usr/src/lib/libpam/modules/pam_ssh/pam_ssh.c has couple of bugs which cause:
1) xdm dumps core
2) ssh1 private key is not passed to ssh-agent
3) ssh2 RSA key seems not handled properly (just a guess from source)
4) ssh_get_authentication_connectionen() fails to get connection because of
SSH_AUTH_SOCK not defined.
PR: 29609
Submitted by: Takanori Saneto <sanewo@ba2.so-net.ne.jp>
2001-08-11 12:37:55 +00:00
Mark Murray
3938427761
Clean up this module very extensively. Fix the logging, the coding
...
standards and the option handling. This module is now much more easy
to maintain as a part of the FreeBSD tree.
2001-08-10 19:24:34 +00:00
Mark Murray
530ebf8e0a
Code clean up; make logging same as other modules and fix warnings.
2001-08-10 19:21:45 +00:00
Mark Murray
34beb374a2
General code clean-up. Sort out warnings, and make the warning and
...
logging work the same as other modules.
2001-08-10 19:18:52 +00:00
Mark Murray
0fa107a3cb
Simplify code. Also verbose logging, verbose overridable error reporting.
2001-08-10 19:15:48 +00:00
Mark Murray
65550d9b5a
Verbose logging, overridable verbose error reporting.
2001-08-10 19:12:59 +00:00
Mark Murray
b04259a5cf
Module clean-up. Verbose logging, Overridable verbose error reporting,
...
FreeBSD pam_prompt() usage to simplify conversation function usage.
2001-08-10 19:10:43 +00:00
Mark Murray
2108fbd748
Verbosely (overridable) report failure to the user.
2001-08-10 19:07:45 +00:00
Mark Murray
ceca323626
Use the FreeBSD pam_prompt() interface to the conversation function
...
instead of home-rolling it. Clean up debugging code and tidy the
module.
2001-08-10 19:05:57 +00:00
Mark Murray
3a9cdcb91f
Verbosely report errors to the user (overridable), and make sure
...
that the correct failure mode is reported.
2001-08-10 19:02:21 +00:00
Mark Murray
27b9f9d4a3
Fix broken logic so that this actually works for the superuser.
...
Verbosely log (properly).
Verbosely report errors to the user.
2001-08-10 14:21:58 +00:00
Mark Murray
13cde2748e
Fix style/consistency in Makefile and repair static module building.
...
Submitted by: bde(partially)
2001-08-04 21:51:14 +00:00
Mark Murray
d5e53157cf
Don't clobber CFLAGS
...
Submitted by: bde
2001-08-04 21:49:30 +00:00
Mark Murray
4447e914e8
Fix the bug where this modulke was not checking the priamry GID, only
...
the GIDS in /etc/group or NIS's group map.
Tested by: sheldonh
PR: 29349
2001-08-04 09:19:31 +00:00
Mark Murray
f950650b78
With the S/KEY removal, this is no longer buildable or necessary.
2001-08-02 19:04:20 +00:00
Mark Murray
c52468e7ef
Don't try to make pam_ssh module if NO_OPENSSH is set.
2001-08-02 19:01:02 +00:00
Mark Murray
f5974d336f
Repair the get/set UID() stuff so this works in both su(1) and login(1)
...
modes.
2001-08-02 10:35:41 +00:00
Mark Murray
7b22794017
(Re)Add an SSH module for PAM, heavily based on Andrew Korty's module
...
from ports.
2001-07-29 18:31:09 +00:00
Ruslan Ermilov
0fa68d89e8
mdoc(7) police: widen width of the options list.
2001-07-18 14:49:32 +00:00
Mark Murray
0eb9c7b357
Update to the same level of debug-logging as the rest of the
...
FreeBSD/PAM modules.
2001-07-17 07:36:51 +00:00
Mark Murray
3741d46458
Update to the same code as in the pam_krb5.so port.
...
According to Peter, the port works - this needs more testing.
2001-07-17 07:34:36 +00:00
Dima Dorfman
f247324df7
Remove whitespace at EOL.
2001-07-15 08:06:20 +00:00
Mark Murray
f042a54245
Use a better method of getting user credentials to account for
...
(legal) UID duplication.
Rename use_uid to auth_as_self for consistency with other modules.
2001-07-14 08:42:39 +00:00
Mark Murray
6fd676c982
Use a better method to get user credentials to account for (legal)
...
duplications of UID's in /etc/*passwd.
2001-07-14 08:38:24 +00:00
Ruslan Ermilov
e8b02a428d
mdoc(7) police: -xwidth has been fold into -width.
2001-07-13 09:09:52 +00:00
Ruslan Ermilov
08ecaa10b2
mdoc(7) police: fixed markup, a little bit.
2001-07-11 08:36:26 +00:00
Ruslan Ermilov
63b81b76ca
mdoc(7) police: fixed markup any numerous typos.
2001-07-11 08:35:34 +00:00
Ruslan Ermilov
625003720a
mdoc(7) police: removed HISTORY info from the .Os call.
2001-07-10 14:16:33 +00:00
Ruslan Ermilov
a307d59838
mdoc(7) police: removed HISTORY info from the .Os call.
2001-07-10 13:41:46 +00:00
Mark Murray
1642eb1a52
Clean up (and in some cases write) the PAM mudules, using
...
o The new options-processing API
o The new DEBUG-logging API
Add man(1) pages for ALL modules. MDOC-Police welcome
to check this.
Audit, clean up while I'm here.
2001-07-09 18:20:51 +00:00
Ruslan Ermilov
5521ff5a4d
mdoc(7) police: sort SEE ALSO xrefs (sort -b -f +2 -3 +1 -2).
2001-07-06 16:46:48 +00:00
Ruslan Ermilov
88de1238eb
mdoc(7) police: fixed formatting.
2001-07-06 07:29:59 +00:00
Chris Costello
8b136a6dde
Convert to mdoc(7).
2001-06-13 21:52:07 +00:00
Mark Murray
084a46829b
Big module cleanup.
...
Move common stuff into Makefile.inc, and tidy up all the Makefiles
as a result.
Build new modules.
Put a commented-out dependancy on libpam for the (shared) modules.
I can't bring this in just yet, as the dependancy (modules->libpam)
is reversed for the static case (libpam->modules).
2001-06-04 19:47:56 +00:00
Mark Murray
bc0105f860
Null file to bring back a file from the dead. This allows the real commit
...
to happen remotely. Damn CVS bugs :-(
2001-06-04 19:25:41 +00:00
Mark Murray
46efbac2ed
Add the "nullok" option that causes this module to succeed if the Unix
...
password is empty/null.
2001-06-04 19:16:57 +00:00
Mark Murray
397fa72521
Add some new utility authenticators.
...
pam_securetty silently succeeds if the user is on a secure tty
as defined by /etc/ttys.
pam_ftp does "anonymous ftp" style authentication with options for
specifying the anonymous user(s).
2001-06-04 18:44:47 +00:00
Mark Murray
4448b21cc6
Add the "auth_as_self" option to the pam_unix module (there is no
...
reason not to add it to others later). This causes the pam_unix
module to check the user's _own_ password, not the password of the
account that the user is authenticating into. This will allow eg:
WHEELSU type behaviour from su(1).
2001-05-24 18:35:52 +00:00