Bring the description for login_getclassbyname in sync with the function's
arguments. The function has as a second argument a struct passwd * pointer, not a directory name. MFC after: 2 weeks
This commit is contained in:
Diomidis Spinellis
parent
f52e2ef29f
commit
94cf9da03c
@ -175,13 +175,15 @@ function to the authorisation style, according to the requirements
|
||||
of the program handling a login itself.
|
||||
.Pp
|
||||
As noted above, the
|
||||
.Fn get*class
|
||||
.Fn login_get*class
|
||||
functions return a login_cap_t object which is used to access
|
||||
the matching or default record in the capabilities database.
|
||||
The
|
||||
.Fn getclassbyname
|
||||
.Fn login_getclassbyname
|
||||
function accepts two arguments: the first one is the record identifier of the
|
||||
record to be retrieved, the second is an optional directory name.
|
||||
record to be retrieved, the second is an optional pointer to a
|
||||
.Li passwd
|
||||
structure.
|
||||
If the first
|
||||
.Ar name
|
||||
argument is NULL, an empty string, or a class that does not exist
|
||||
@ -189,9 +191,17 @@ in the supplemental or system login class database, then the system
|
||||
.Em default
|
||||
record is returned instead.
|
||||
If the second
|
||||
.Ar dir
|
||||
.Ar pwd
|
||||
parameter is NULL, then only the system login class database is
|
||||
used, but when not NULL, the named directory is searched for
|
||||
used.
|
||||
However,
|
||||
if the
|
||||
.Ar pwd
|
||||
parameter and the value of
|
||||
.Ar pwd->pw_dir
|
||||
are both not NULL, then the directory contained in
|
||||
.Ar pwd->pw_dir
|
||||
is searched for
|
||||
a login database file called ".login_conf", and capability records
|
||||
contained within it may override the system defaults.
|
||||
This scheme allows users to override some login settings from
|
||||
@ -215,6 +225,15 @@ The user's
|
||||
.Pa .login_conf
|
||||
merely provides a convenient way for a user to set up their preferred
|
||||
login environment before the shell is invoked on login.
|
||||
Note that access to the
|
||||
.Pa /etc/login.conf
|
||||
and
|
||||
.Pa .login_conf
|
||||
files will only be performed subject to the security checks documented in
|
||||
.Xr _secure_path 3
|
||||
for the uids 0 and
|
||||
.Ar pwd->pw_uid
|
||||
respectively.
|
||||
.Pp
|
||||
If the specified record is NULL, empty or does not exist, and the
|
||||
system has no "default" record available to fall back to, there is a
|
||||
|
||||
@ -172,9 +172,10 @@ login_close(login_cap_t * lc)
|
||||
* login_getclassbyname() get the login class by its name.
|
||||
* If the name given is NULL or empty, the default class
|
||||
* LOGIN_DEFCLASS (ie. "default") is fetched. If the
|
||||
* 'dir' argument contains a non-NULL non-empty string,
|
||||
* then the file _FILE_LOGIN_CONF is picked up from that
|
||||
* directory instead of the system login database.
|
||||
* 'pwd' argument is non-NULL and contains an non-NULL
|
||||
* dir entry, then the file _FILE_LOGIN_CONF is picked
|
||||
* up from that directory and used before the system
|
||||
* login database.
|
||||
* Return a filled-out login_cap_t structure, including
|
||||
* class name, and the capability record buffer.
|
||||
*/
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user