69 Commits

Author SHA1 Message Date
Jung-uk Kim
644af48df6 Stop hard-coding default directory mode as 0777. 2011-03-08 20:13:29 +00:00
Jung-uk Kim
110df1daa0 Do not let pw.conf(5) or -M option affect creation of basehome, e.g., /home.
When the basehome does not exist, it creates all intermediate directories as
required, which is logically equivalent to mkdir(1) with -m and -p options.
However, it modifies all intermediate directories, not just the final home
directory unlike mkdir.  This problem was introduced in two revisions, i.e.,
r1.59 (SVN r167919) and r1.60 (SVN r168044).

MFC after:	1 month
2011-02-04 19:49:02 +00:00
Jung-uk Kim
85a3024411 Revert the unrelated patch crept in the previous commit. 2010-10-05 18:47:51 +00:00
Jung-uk Kim
e116381d02 Prefer pmap_unmapbios() over pmap_unmapdev(). The binary does not change
after this because pmap_unmapbios() is a macro for pmap_unmapdev() on amd64.
2010-10-05 18:38:23 +00:00
Ed Schouten
41d6f23028 Make pw(8) build without <utmp.h>.
The size of the username record in utmp files should not influence the
maximum username length. Right now ut_user/ut_name is big enough, so in
this case it's dead code anyway.
2009-12-06 01:27:28 +00:00
Andrey A. Chernov
f70f5c2077 Use arc4random_uniform() to avoid "modulo bias"
Remove pw_getrand() unneded now: arc4random_uniform() is stronger then
pw_getrand()'s MD5 tricks (inactive) and its active version, mixing
arc4random() bytes in one, not make things better at all.
2008-08-16 15:41:03 +00:00
Antoine Brodin
e8e8c216d0 - Increase the size of the salt in pw(8) from 8 to 32 (same as in pam_unix(8)).
This makes blowfish password hashes look normal when set using
pw(8)/adduser(8). [1]
- Make it possible to have a '/' in the salt.

PR:		121146 [1]
Submitted by:	Jaakko Heinonen [1]
Approved by:	rwatson (mentor)
MFC after:	1 month
2008-05-27 19:04:31 +00:00
Lukas Ertl
e57f8ca5cd Accept passwords which contain whitespace.
PR:     bin/53434
2007-03-30 12:57:25 +00:00
Lukas Ertl
85204142eb Add home directory creation mode to pw.conf(5) and be a bit
more specific about the effect of the current umask on -M.
2007-03-30 11:23:10 +00:00
Lukas Ertl
eebbeceec9 Introduce the new option -M to allow to set the permissions of
the user's newly created home directory.  If omitted, it's derived
from the current umask.

PR:      bin/16880, bin/83253 (partially), bin/104248
MFC in:  1 month
2007-03-26 23:29:20 +00:00
Pawel Jakub Dawidek
49630c2335 Change /home symbolic link, so it will point to usr/home instead of /usr/home.
Previous symlink was confusing:

	# cd /jails/virtual_system_1/home
	# realpath .
	/usr/home

...and slower.

OK'ed by:	rwatson, phk
2005-07-31 08:25:53 +00:00
Robert Drehmel
b8938b667e Use strlcpy(3) to replace the idiomatic
strncpy(d, s, l);
  d[l - 1] = '\0';

statements.
2004-06-17 14:07:16 +00:00
Robert Drehmel
1040317076 Fix a bug which occurred when the home directory given by the
-d option was equal to the one already saved and which caused
the pw utility to avoid updating values passed by other options
processed before the -d option in the code path.

Spotted by: Richard Caley <rjc@interactive.co.uk>
2004-06-17 10:29:12 +00:00
Ian Dowse
87d6b5caf6 Add a -H <fd>' option that is like -h <fd>', but accepts an already
encrypted password on the specified file descriptor.

PR:		bin/22033
MFC after:	2 weeks
2004-01-11 18:28:08 +00:00
Andrey A. Chernov
c6c9094f0c There is no sense to use random random() and arc4random() in the same program.
Switch to arc4random() completely.
2003-02-11 02:17:11 +00:00
Garance A Drosehn
84a0950aea Changes so the 'pw' command will allow '$' as the last character in a userid
or group name (mainly for the benefit of samba).  This pretty much rewrites
he pw_checkname() routine, but should work exactly the same except for the
above change, and that error messages are somewhat more informative.

PR:		28733 46890
Inspired by:	example patch written by Terry Lambert
Reviewed by:	no objections on freebsd-arch and freebsd-current
MFC plans:	no plans, but will do if people want it in stable.
2003-01-28 01:21:57 +00:00
David Malone
9836536581 Print a long with %ld not %d. (We possibly should be using %j here, but
that can be fixed when the many other warnings here are being fixed.)

PR:		39741
Submitted by:	Dan Lukes <dan@obluda.cz>
MFC after:	1 week
2002-06-24 11:33:17 +00:00
Andrey A. Chernov
b84320f22e Change rmskey() to rmopie() - we don't have skey anymore 2001-10-19 10:45:14 +00:00
Dima Dorfman
2be196f14c For new users, create the home directory before sending the welcome
mail, if configured to do so.  Some sites have setups where the user's
mail is delivered to their home directory, so sending mail before is
exists didn't work.

PR:		29892
2001-09-03 14:12:42 +00:00
Joerg Wunsch
5c6a35107b Properly initialize the random number generator in pw_getpass().
Right now, the automatically generated passwords have been rather
predictable. :-(

MFC after:	1 day
2001-08-21 13:33:20 +00:00
Joerg Wunsch
19c6903f17 Fix a typo in a variable name that made pw(8) coredump when using
USE_MD5RAND.

MFC after:	2 days
2001-08-21 10:29:01 +00:00
Andrey A. Chernov
b01e74b72e Use %c for expire/change dates 2001-03-21 13:46:09 +00:00
Kris Kennaway
27540537e8 Switch from using rand() or random() to a stronger, more appropriate PRNG
(random() or arc4random())

Reviewed by:	bde
2001-03-05 02:15:38 +00:00
Ben Smithurst
d0d78e1303 Convert to use the <sys/queue.h> macros rather than fiddling with the queue
structure internals.

Reviewed by:	markm
2000-12-29 18:04:54 +00:00
Brian Feldman
04c9749ff0 Add working and easy crypt(3)-switching. Yes, we need a whole new API
for crypt(3) by now.  In any case:

Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).

The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)

Reviewed by:	peter
2000-08-22 02:15:54 +00:00
David Nugent
d37861da7a Move test for -w flag outside of the code dealing with -D (defaults).
This should cause -w's argument not to be ignored in the usermod case,
so it will affect modification of the user's password instead of using
the pw.conf (or internal default=no '*') password method.
PR:		bin/11168
2000-07-20 05:11:56 +00:00
David Nugent
f707b0d536 Allow -g with an empty argument in the -D case. This allows -g "" to set
no default group (and thus fall back to user-based groups instead).
PR:		bin/5717
2000-07-20 04:37:00 +00:00
David Nugent
e4ac984548 Fix another missed case where usermod would not set the "modified" flag:
-h - to set no password. But only mark modified if the account is not
already locked (i.e. first char of crypt password field is '*').
PR:		bin/19999
2000-07-20 00:09:29 +00:00
David Nugent
affc28f940 Fix breakage introduced by bypassing update for additional 'mod'
functionality when nothing had actually changed; -d changes would
not set the 'something had changed flag'. Actually test for a
change in homedir.
PR:		bin/19649
2000-07-03 12:13:10 +00:00
Andrey A. Chernov
39610c7229 Localize ctype too.
Add weekday to showuser expired fields
2000-06-24 13:36:13 +00:00
Andrey A. Chernov
e7161f368a Localize time/date.
Use ISO 8601 date in logs.
Fix wrong argument type in ctype functions.
2000-06-22 16:48:41 +00:00
David Nugent
6b13b96dad Fix obvious braino in assignment statement. usermod -g should work again.
PR:		17877
Submitted by:	pius@zyan.com
2000-06-18 02:48:56 +00:00
David Nugent
25fa020ea5 Fix a long-standing bug in the rename case previously masked by another bug
just fixed in .db file updating.
2000-06-18 02:18:15 +00:00
David Nugent
923dc0b2c3 Portability fixes for other bsd4.4 derivatives. 2000-01-15 00:20:22 +00:00
David Nugent
05c30f03e6 Don't try updating the passwd file if no data has changed. This allows things
like "pw usermod <name> -m" to work for non-local NIS users; since no attempt
is made to update the password entry, the home directory will be created and
populated as expected without error.
1999-10-26 15:07:20 +00:00
David Nugent
2399cd14a7 Add new functionality "lock" and "unlock" to provide a simple password
locking mechanism for users. This works by prepending the string
"*LOCKED*" to the password field in master.passwd to prevent successful
decoding.
1999-10-26 08:34:09 +00:00
David Nugent
c190a0f584 Clean up error handling in fileupdate(), which now returns 0 on success
instead of a boolean. This replicated through he front-end sub-functions
relating to add, delete, modify entries in passwd & group files
Errno is now preserved so output of errc()/warnc() will be less obfuscated
by subsequent errors when reporting the problem.

Add more intelligent error handling when attempting to modify/delete NIS
entries with no corresponding local database entry.

[MFC to stable in a couple of weeks to keep both in sync]
1999-10-26 04:27:14 +00:00
Peter Wemm
97d92980a9 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
David Nugent
479bcf69f7 Remove some more warnings. 1999-07-28 12:49:34 +00:00
David Nugent
f35227220f Add the ability to print user records in unix version 7 (old) format. 1999-03-02 00:53:33 +00:00
David Nugent
5f12594a29 1) Do not blindly ignore file update errors which may occur due to concurrent
updating
2) Add -V <etcdir>, which allows maintaining user/group database in alternate
   locations other than /etc.
1999-02-23 07:15:11 +00:00
Dag-Erling Smørgrav
c8e126f7f0 Don't assume a_name is a number just because the first character
is a digit.

PR:		bin/9484
Submitted by:	Matthew D. Fuller <fullermd@futuresouth.com>
1999-02-08 21:26:44 +00:00
Bill Fumerola
9fb99cddfc -Clarification of last commit-
The char that the random letters and numbers are being pulled from is
ended with a '\0'. Using sizeof() includes this '\0' in the 'pool' of
possible characters. This patch decrements by one the size so we don't
accidently end the new password prematurly.
1999-01-04 14:07:53 +00:00
Bill Fumerola
5d1711220c Let's make sure we're at the end of the password string before we apply a \0
and terminate it. This patch ensures passwords will be the correct length of 8,
which is what is implied in the source (but not reflected in the man page).

PR:		bin/7817
Reviewed by:	Alfred Perlstein <bright@hotjobs.com>
Submitted by:	Hiroshi Nishikawa <nis@pluto.dti.ne.jp>
1999-01-02 04:37:46 +00:00
Philippe Charnier
1dcc6ec750 Use err(3) instead of local redefinition. Add rcsid string. 1997-10-10 06:23:42 +00:00
David Nugent
5e779680a9 Fix -p switch. 1997-08-01 15:06:21 +00:00
Andrey A. Chernov
687ee69a2a Remove srandomdev fallback code 1997-06-14 00:27:03 +00:00
David Nugent
57ae32e5e8 Fixes skeleton directory test-it-is-a-directory logic.
PR:		3666
Reviewed by:
Submitted by:	iaint@css.tuu.utas.edu.au
Obtained from:
1997-05-24 10:41:49 +00:00
Andrey A. Chernov
a200d18a76 Initialize RNG only once
Use srandomdev() now
1997-03-24 15:09:41 +00:00
Andrey A. Chernov
f2a6c90b00 Fix srandom arg according to Lite2 1997-03-11 14:11:43 +00:00