Commit Graph

168 Commits

Author SHA1 Message Date
Robert Watson
2c19b38f62 o Modify NFS rights comment to note that the early credential changes
to test for a home directory don't set up the additional groups, and
  as such may limit users conservatively.  This does not affect the
  eventual credentials selected.
2001-09-15 17:09:39 +00:00
Ruslan Ermilov
cda2a9b2f0 Set BINOWN=root explicitly for setuid root binaries.
This is not "useless", as one may have non-default
setting for BINOWN in make.conf, and we still want
these to be installed setuid root in this case.
2001-09-13 06:48:18 +00:00
Ruslan Ermilov
63462b0c3a mdoc(7) police: tighten label width. 2001-09-04 10:24:52 +00:00
Mark Murray
142277ce04 Like su(1), make PAM use mandatory. Remove parts of the authentication
logic that are handled by PAM. Fix documentation to reflect this.
2001-08-30 11:27:36 +00:00
Mike Barcroft
ede8b1c50a Fix some bogus strncpy(3) to strlcpy(3) changes I made in the previous
revision.  <utmp.h> structures don't leave room for a NUL character.
Also fix "UNKNOWN" which should have just been UNKNOWN.

Pointed out by:	bde
2001-08-13 05:56:27 +00:00
Mike Barcroft
9ab4f41231 o Replace occurrences of strncpy(3) with strlcpy(3); most of
the uses of it were wrong anyway.
o Always check for NULL returns on strdup(3).
o Fix a possible buffer overflow in strcpy(3).
o Fix a format string vulnerability.
o t->ty_type in stypeof() could be NULL and eventually cause
  a segmentation fault in setenv(3), so check for that.

Eyeballed by:	kris
Reviewed by:	murray
MFC after:	3 days
2001-08-12 17:54:49 +00:00
Mark Murray
9567ba9dda Fix the environment handling:
However, there's still a bug in login.c
because you copy the environment *before* the call to pam_open_session,
which won't set the necessary variables set by /usr/ports/security/pam_ssh.

Submitted by:	Volker Stolz <stolz@hyperion.informatik.rwth-aachen.de>
2001-07-28 19:53:10 +00:00
Dima Dorfman
f247324df7 Remove whitespace at EOL. 2001-07-15 08:06:20 +00:00
Ruslan Ermilov
625003720a mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 14:16:33 +00:00
Brian Somers
7bc6d0158f Fix the type of the NULL arg to execl()
Idea from: Theo de Raadt <deraadt@openbsd.org>
2001-07-09 09:24:06 +00:00
Eric Melville
a37b5e8e4c Remove an accidentaly added extra blank line.
Approved by:	murray
2001-05-22 06:20:27 +00:00
Guido van Rooij
5345e89b9d Disable SIGHUP while getting the login name.
Reviewed by:	security-officer
2001-05-21 20:19:59 +00:00
David E. O'Brien
5de20e57b2 Missed a few things. 2001-05-18 05:46:40 +00:00
David E. O'Brien
91a72a92d6 In a word -- style(9). 2001-05-18 05:33:42 +00:00
David E. O'Brien
078ae588ab Add the "prompt" and "passwd_prompt" fields to /etc/login.conf,
which makes lgoin more like getty in its ability to be configured.

Submitted by:	tlambert (code only)
2001-05-18 04:55:16 +00:00
Eric Melville
40c65ba9c7 Check for the expiration of an account and its password in the proper
order.

Reviewed by:	-audit (silence)
Approved by:	murray
Obtained from:	OpenBSD
MFC after:	5 days
2001-05-17 03:10:04 +00:00
Mark Murray
31a651fa98 Clean out some cruft that has been put in a better (central) place. 2001-05-01 10:30:08 +00:00
Mark Murray
289ef82e3c Enable (optional) static linking. 2001-04-28 08:06:33 +00:00
Mark Murray
5bc9d93db3 Add full PAM support for account management and sessions.
The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux
package's PAM patches to the BSD login.c

Submitted by:	"David J. MacKenzie" <djm@web.us.uu.net>
2001-03-27 19:40:51 +00:00
Ruslan Ermilov
dc12be5258 MAN[1-9] -> MAN. 2001-03-27 10:52:19 +00:00
Jacques Vidrine
17ada68462 Fix login so that it exports environmental variables that are set by PAM
modules (via pam_putenv).  The following variables will never be set in
this fashion:

   SHELL, HOME, LOGNAME, MAIL, CDPATH, IFS, PATH
   any variable starting with `LD_'
2001-02-09 13:21:50 +00:00
Jacques Vidrine
8ad2668439 Call pam_setcred.
Reviewed by:	markm, months ago
2001-01-23 21:43:32 +00:00
David E. O'Brien
1a37aa566b Add `_PATH_DEVZERO'.
Use _PATH_* where where possible.
2000-12-09 09:35:55 +00:00
Sheldon Hearn
69f2cf17a3 Add braces to avoid ambiguity in a nested conditional (silences a gcc
warning).
2000-04-26 10:38:19 +00:00
Sheldon Hearn
508d9a5b59 Fix excessive use of parenthesis in previous commit.
Requested by:	bde
2000-04-25 08:59:51 +00:00
Sheldon Hearn
1806a85c5a Do not issue a warning when chflags() fails with EOPNOTSUPP.
PR:		17875
Submitted by:	Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE>
2000-04-13 09:39:29 +00:00
Sheldon Hearn
87faa07bec Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
2000-03-01 12:20:22 +00:00
Andrey A. Chernov
5403e5e3f3 Fix diagnostic printing test condition (was always true)
Approved by:	jkh
2000-02-28 01:48:50 +00:00
Ruslan Ermilov
6861fa8643 Remove option's description that has gone with PAM. 2000-02-27 07:14:33 +00:00
Yoshinobu Inoue
6d939e82e0 Added IPv6 name resolving support for utmp logging.
Approved by: jkh
2000-02-19 15:57:52 +00:00
Chris Costello
111b70aa08 Remove the version information from `.Os FreeBSD' here. Not only
might it confuse people, but it causes a warning message with
nroff, and no version history mentions a 1.2 version of FreeBSD.

If anything, a ``HISTORY'' section should show which version this
appeared in.
2000-02-14 01:47:54 +00:00
Peter Wemm
6e2578e4c4 Revert the libcrypt/libmd stuff back to how it was. This should not have
happened as it was working around problems elsewhere (ie: binutils/ld
not doing the right thing according to the ELF design).  libcrypt has
been adjusted to not need the runtime -lmd.  It's still not quite right
(ld is supposed to work damnit) but at least it doesn't impact all the
users of libcrypt in Marcel's cross-build model.
1999-12-18 13:55:17 +00:00
Marcel Moolenaar
7c99ddf2cc Add libmd (or move it after libcrypt). We don't want the linker to be
smart because it will definitely get it wrong. This popped up during
cross-linking.
1999-12-16 10:55:45 +00:00
Sheldon Hearn
e6d3cf2648 Correct some hard sentence breaks. Only those surrounding the previous
commit and those which cause ugly nroff output have been fixed, since
the purpose of the style guideline which they contravene is to reduce
the sizes of deltas.

Reported by:	bde
1999-09-14 11:46:04 +00:00
Sheldon Hearn
c644db6aa2 Improve shell documentation:
* Consistently misspell built-in as builtin.

* Add a builtin(1) manpage and create builtin(1) MLINKS for all shell
  builtin commands for which no standalone utility exists.  These MLINKS
  replace those that were created for csh(1).

* Add appropriate xrefs for builtin(1) to the csh(1) and sh(1) manpages,
  as well as to the manpages of standalone utilities which are supported
  as shell builtin commands in at least one of the shells. In such
  manpages, explain that similar functionality may be provided as a
  shell builtin command.

* Improve sh(1)'s description of the cd builtin command. Csh(1) already
  describes it adequately. Replace the cd(1) manpage with a builtin(1)
  MLINKS link.

* Clean up some mdoc problems: use Xr instead of literal "foo(n)"; use
  Ic instead of Xr for shell builtin commands.

* Undo English contractions.

Reviewed by:	mpp, rgrimes
1999-09-08 15:40:46 +00:00
Peter Wemm
c3aac50f28 $Id$ -> $FreeBSD$ 1999-08-28 01:08:13 +00:00
Warner Losh
a761a4653a Clear all file flags when taking ownership of devices. Do not ignore
chown failures in some places, but instead log them like we do all
other errors.
1999-08-21 18:19:49 +00:00
Nik Clayton
3be5f1f5ce Add $Id$, to make it simpler for members of the translation teams to
track.

The $Id$ line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;

     .\"    $Id$
     .\"

If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.

Approved by:            bde
1999-07-12 20:24:20 +00:00
Andrey A. Chernov
0514336d66 remove uid switching before login_getpwclass, now done inside libutil
add gid switching before chdir and comment why it needed
1999-04-24 17:26:32 +00:00
Brian Somers
3a6afd0d44 Don't perform the trimdomain() functionality twice,
trimdomain() now works as expected.
1999-04-07 14:05:03 +00:00
Wolfram Schneider
57a476899d Added xref to nologin(5) 1999-02-01 21:04:15 +00:00
John Polstra
4a05a998b2 Force <bsd.libnames.mk> to be included, regardless of the object
format.  This fixes the undefined symbols when building login for
a.out.
1999-01-22 12:44:55 +00:00
John Polstra
e40131079f Allow login to be linked statically even when PAM is used, since
there is now a static version of libpam.
1999-01-20 21:58:46 +00:00
Andrzej Bialecki
11468b741a Add a compile knob to avoid using PAM code (login will use standard Unix
authentication only). This comes handy when you're tight on space.

Submitted by:	mostly John Baldwin <jobaldwi@vt.edu>
Reviewed by:	John D. Polstra <jdp@polstra.com>
1999-01-19 22:59:37 +00:00
Satoshi Asami
16ceea1b93 Move nologin from /etc to /var/run. This means one less file that has
to be written to /etc.

The only essential change is in paths.h, so any third-party software
written correctly will pick it up in the next rebuild.

Reviewed by:	the committers list (actually an old version)
1999-01-11 09:07:42 +00:00
Eivind Eklund
b606e33cb8 Make the timeout handler log any failed logins, to make sure failed
logins get logged.
1999-01-03 23:39:33 +00:00
Matthew Dillon
4bc34f94d6 Obtained from: "Jan B. Koum " <jkb@best.com>
Add a reference to pam(8) in the login(1) and login.access(5) manual
    pages.
1998-12-01 17:05:08 +00:00
John Polstra
cc4b11542b Work around the problem that login won't link if NOSHARED=yes,
because libpam is built shared only.  There is a way to build PAM
into a static library that contains all (or a selected subset) of
the modules.  But our Makefiles don't support that yet.  Until I get
that working, just force NOSHARED=no in login's Makefile.  Of
course, it still won't work if NOPIC is set.

Submitted by:	bde
1998-11-21 18:27:15 +00:00
John Polstra
e83348169b ATTENTION: INSTALL "/etc/pam.conf" FROM "src/etc"!!!
Change login to use PAM for authentication.  I kept the built-in
passwd/NIS authentication support, to handle cases where the system
is missing its "/etc/pam.conf" file.  S/Key and KerberosIV
authentication methods are removed from the login program, but
still available in PAM modules.
1998-11-21 02:22:14 +00:00
John Polstra
6717b4a8dd unifdef -DLOGIN_CAP. After almost 2 years, I think we can assume
it's here to stay.

This code is starting to look almost reasonable again.
1998-11-11 05:47:45 +00:00
John Polstra
8e32ad3bde Remove support for LOGIN_CAP_AUTH. It was never enabled, it was
not complete, and it hasn't been touched for 18 months.  All the
ifdefs obfuscate the code.  I discussed the LOGIN_CAP_AUTH support
with its author and he agreed that it is a dead end.  I am bringing
PAM into the tree within the next two weeks.  It is much more
flexible than LOGIN_CAP_AUTH, and will serve as a superior replacement
for it.
1998-11-11 02:16:01 +00:00
John Polstra
069b715f73 Fix a const-related compiler warning. 1998-11-11 01:53:12 +00:00
Mark Murray
8f176b4353 Use KJH's auth.conf parser to turn on/off Kerberos in userland. 1998-10-09 06:38:33 +00:00
David E. O'Brien
be0cde6f10 Remove useless `BINOWN=root' now that it is the default. 1998-09-19 22:42:06 +00:00
Joseph Koshy
580367f264 Remove hardcoded constant in favour of login.conf value.
PR: 	6529
Submitted by:	Dan Lukes <dan@obluda.cz>
1998-08-17 03:25:07 +00:00
Mark Murray
448bbb5805 Fix LIBDIR (for aout/ELF). 1998-08-06 21:41:13 +00:00
Bruce Evans
e662741c24 Backed out rev.1.31. It was a workaround for bugs in rev.1.4 of
libc/gen/getpass.c.  The old behaviour of blocking SIGINT and not
changing SIGQUIT was restored in rev.1.5 of getpass.c.  The change
here completely restores the old behaviour of not supporting killing
login with keyboard signals (only) at the password prompt.  There
is no reason to support this, since login can be exited normally
by typing a couple of ^D's.  Login certainly shouldn't dump core
in response to user input.  Previously, SIGQUIT killed login
immediately but SIGINT killed it only after the password was
entered.

PR:		7444
1998-07-31 07:22:31 +00:00
John Polstra
79bdd98bf7 Fix a couple of little bugs that prevented login.c from compiling
if LOGIN_CAP_AUTH was defined.  This is kind of silly, because
LOGIN_CAP_AUTH doesn't work anyway, is not defined currently,
probably will never be defined, and IMHO should not be defined.
But I'm sure you'll sleep better tonight, knowing that these bugs
are gone.
1998-07-22 04:33:12 +00:00
Atsushi Murai
89caae2932 Trim a domain part for wtmp as same as showed by "netstat -r".
Here is a some example for avoiding a confusion.

 It asssumes a logged host domain is "spec.co.jp". All
example is longer than UT_HOSTNAMELEN value.

   1) turbo.tama.spec.co.jp: 192.19.0.2  -> trubo.tama
   2) turbo.tama.foo.co.jp : 192.19.0.2  -> 192.19.0.2
   3) specgw.spec.co.jp    : 202.32.13.1 -> specgw

Submitted by:	Atsushi Murai <amurai@spec.co.jp>
1998-06-01 08:47:04 +00:00
Peter Wemm
c8ff18082f *blush*, typo during last minute editing.. 1998-04-30 16:50:07 +00:00
Peter Wemm
159da44105 Change euid while reading the user's .login_cap file in case the homedir
is on a NFS partion without root read access.  Also, flip euid again for
the duration of the chdir() to the homedir for the same reason.

PR: 5145
Submitted by: Joel.Faedi@esial.u-nancy.fr
Also tested by: A Joseph Koshy <koshy@india.hp.com>
1998-04-30 16:48:20 +00:00
Philippe Charnier
306005e78c .Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq. 1998-03-23 07:48:45 +00:00
John Birrell
90836d4e24 gcc on alpha complains about nested comments. A comment in this
file referred to a path ending in "/*" which was reasonable to me,
but gcc wasn't so sure. So now the comment refers to a path ending in
"*".
1998-02-15 04:09:48 +00:00
Andrey A. Chernov
c8b701a4af Fix very rare but dangerous bug:
for some DES passwords
	crypt(real_password, salt)
is equal to
	crypt("", salt);
It means that this user (and not only he) can login without
entering password at all, just pressing Return.
So if empty password entered and crypted password is not empty,
invalidate any crypt result by assigning ":"
1998-02-13 21:02:53 +00:00
Guido van Rooij
e28be89140 Reset SGINT and SIGQUIT handling to default when asking for passwords.
Otherwise, when pressing the INT ke at the password prompt, the password
will be displayed. Now login will be killed.

Probably the same will have to be done for the LOGIN_CAP_AUTH case.
I have not done that.
Reviewed by:	Joerg Wunsch
1998-02-05 18:37:02 +00:00
David E. O'Brien
0cd829f2f9 Mention S/key and the skey /etc files. 1998-01-07 10:42:57 +00:00
Joerg Wunsch
f87ea4059a Fix a fatal typo.
PR:		bin/4801
Submitted by:	mishania@demos.su (Mikhail A. Sokolov)
1997-10-19 09:34:06 +00:00
Mark Murray
7f80a02080 Changes for KTH KerberosIV.
Also quieten -Wall a bit.
1997-09-28 08:57:24 +00:00
Nate Williams
b82359df88 "lmd" -> "-lmd"
Submitted by:	Vincent Poy <vince@venus.gaianet.net>
1997-09-05 18:15:29 +00:00
Peter Wemm
10da1efd82 If building elf, don't link in libmd.a just for libskey.so to use. Under
elf, libskey.so will not expose it's implementation on it's caller.
1997-09-05 12:00:01 +00:00
Philippe Charnier
9c9cb2bffe = -> ==, strcpy -> strncpy from OpenBSD.
update man page. Add usage().
Obtained from: OpenBSD
1997-07-22 07:39:43 +00:00
Masafumi Max NAKANE
d778c2c01b Fix the man page's title (.Dt).
(It has been ``SKEY.ACCESS''.)
1997-06-02 17:24:36 +00:00
Paul Traina
4b2fab7504 Restore backwards compatible default behavior for requirehome 1997-05-23 00:14:27 +00:00
David Nugent
a317d49b93 login_getclass() -> login_getpwclass().
auth_rmfiles() was being called in error without LOGIN_CAP_AUTH defined.
1997-05-10 18:57:16 +00:00
David Nugent
3169e0f139 Use isdialuptty() rather than hard-coded heuristic. 1997-04-13 15:26:04 +00:00
David Nugent
f72b1ff3be Submitted by: Sergei Chechetkin <csl@whale.sunbay.crimea.ua>
Fix incorrect bracket nesting. Closes PR#3144.
1997-04-01 11:54:06 +00:00
Warner Losh
1c8af87873 compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-29 04:34:07 +00:00
David Nugent
1f5367caee Fix for logic in no-password accounts. 1997-03-27 10:09:09 +00:00
David Nugent
4a028a883d Don't bypass password prompt for root logins on insecure tty if
the root password is empty.
1997-03-25 05:15:04 +00:00
David Nugent
d8a7b3477f strdup() value of term to correctly preserve contents.
Rearrange validation logic so that it works correctly when
compiled with kerberos support. Closes PR#3056.
1997-03-24 21:22:12 +00:00
David Nugent
a52c1be6ff Submitted by: Paul Traina <root@shockwave.com> (partially)
Cleanup of #ifdef's for LOGIN_CAP.

  Fixed bug in empty shell (closes PR#2550).

  Refused root logins now displays standard "Login incorrect" and
	exhibits identical backoff behaviour to a failed login.

  Cleaned up logging of refused logins.

  Use #defines for login retries and backoff. Also implemented
	definable variables if LOGIN_CAP is defined, with
	"login-retries" and  "login-backoff" as capabilities
	in the default class (closes PR#2805).

  TERM from previous environment is no longer truncated.
1997-03-18 16:27:12 +00:00
Wolfram Schneider
67022bfc9f Include copyright message from <sys/copyright.h> 1997-03-01 18:02:44 +00:00
Andrey A. Chernov
7adec20804 Back out "shell" / pw_shell change, I was confused by the same
variable name (with different functionality)
1997-02-27 05:09:58 +00:00
Andrey A. Chernov
60797e8797 Fix few bogons with pw_shell / shell variables values mismatch
introduced by LOGIN_CAP
1997-02-27 03:52:22 +00:00
Peter Wemm
c115df18cd Revert $FreeBSD$ to $Id$ 1997-02-22 19:58:13 +00:00
Paul Traina
2ed98aa017 Cruft cleanup to eliminate useless warnings 1997-02-02 21:33:37 +00:00
Jordan K. Hubbard
d87e2a2cc5 Don't dereference NULL pwd on non-existant username (I wonder how long
THAT has been in here!).
1997-01-22 18:36:27 +00:00
David Nugent
5217f56ec6 Fix handling of empty shell field in passwd file (use /bin/sh); problem
was caused by introduction of login classes. Closes PR bin/2550.
Added references to login.conf to manpage, crossreference to login.conf(5).
1997-01-22 02:45:16 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
David Nugent
6acc486b3f Makes login login_cap-savvy.
Note that LOGIN_CAP_AUTH code (login authentication) is not (yet) enabled
and requires /usr/libexec/login_<style> authentication program support to
be added at a later date. The Makefile contains a macro LC_AUTH to turn
it on and prevent unnecessarily linking against skey/krb libs and the
addition of klogin.c module.

All other aspects of login_cap support are fully functional.
1997-01-11 07:16:35 +00:00
Wolfram Schneider
13608f6661 comma typos 1996-12-23 23:09:55 +00:00
Paul Traina
39ea627d62 Fix some compilation warnings. 1996-09-21 18:01:23 +00:00
Mike Pritchard
e830e7f5fe Document login's use of /etc/login.access.
Submitted by:	David E. O'Brien
1996-07-03 01:20:09 +00:00
Andrey A. Chernov
16ac215c11 Write numerical address instead of hostname for hostnames > UT_HOSTSIZE
to keep valid information in utmp and lastlog
1996-06-17 12:27:55 +00:00
Mark Murray
bbff7ca556 #include <kerberosIV/des.h> -> #include <des.h> 1996-02-11 09:18:18 +00:00
Mike Pritchard
4a8d02835c Fix a bunch of spelling errors in a bunch of man pages. 1996-01-30 13:52:50 +00:00
Peter Wemm
a5b996a7ec recording cvs-1.6 file death 1995-12-30 19:02:48 +00:00
Garrett Wollman
656dcd4316 Delete bogus referneces to timezone code internal header file `tzfile.h',
which is no longer bogusly installed in /usr/include.
1995-08-07 19:17:46 +00:00
Rodney W. Grimes
7799f52a32 Remove trailing whitespace. 1995-05-30 06:41:30 +00:00
Guido van Rooij
c8945315ef Set copyright so we can actually distribute and use it.
Reviewed by:	David Greenman
Submitted by:	Wietse Venema
Obtained from:
1995-05-19 09:53:51 +00:00