Commit Graph

82 Commits

Author SHA1 Message Date
Brian Somers
fbbe016b64 Add full support for determining if a user
is restricted from running a given program.
1997-08-27 20:06:20 +00:00
Brian Somers
889d7d1524 Add prog.deny as a list capability for
denying execution of certain programs.
1997-08-26 23:15:57 +00:00
Bruce Evans
30a72f72d5 -I${DESTDIR}/sys -> -I${.CURDIR}/../../sys. 1997-08-26 14:13:02 +00:00
Joerg Wunsch
1818482d81 Cosmetic: distinguish in diag message between rebuilding and updating
the database.

PR:		3397
Submitted by:	taob@risc.org (Brian Tao)
1997-08-24 18:23:21 +00:00
Steve Price
673b794638 Protect the copyright comments from reformatting by
indent and make this compile -Wall clean like the
Makefile suggests that it should. :)

Pointed out by:	Bruce Evans <bde@zeta.org.au>
1997-08-13 20:42:18 +00:00
Andrey A. Chernov
84dc22996d Implement canonical locking protocol
Suggested by: joerg
1997-08-10 18:42:39 +00:00
Steve Price
febad2fcf4 Observe precedence set by Phillippe Charnier in adding an
rcsid.
1997-08-07 22:28:25 +00:00
Steve Price
d46c1a60d3 Remove #if(n)def BSD_4_4_LITE cruft and sccsid -> rcsid. 1997-08-07 15:33:50 +00:00
Andrey A. Chernov
e1a10354cb Improve weak locking by using flock() 1997-08-05 12:58:02 +00:00
David Nugent
78e4c02479 sleep() after sending 'nologin' file to ensure output is drained before
disconnect.
1997-07-19 04:47:05 +00:00
Satoshi Asami
85cfd1244c Add appropriate ${DESTDIR} in front of absolute paths. 1997-07-18 07:27:56 +00:00
David Nugent
0edf29640b Fix infinite loop.
PR: 3878
Submitted by: roman@rpd.univ.kiev.ua
1997-06-16 23:38:01 +00:00
David Nugent
c2043f40bb Add "break" inadvertently removed in previous update.
PR: 3820
Submitted by: Joseph Stein <joes@spiritone.com>
1997-06-13 22:26:41 +00:00
Julian Elischer
50dab48a5b Submitted by: Whistle Communications (archie Cobbs)
These changes add the ability to specify that a UFS file/directory
cannot be unlinked. This is basically a scaled back version
of the IMMUTABLE flag. The reason is to allow an administrator
to create a directory hierarchy that a group of users
can arbitrarily add/delete files from, but that the hierarchy
itself is safe from removal by them.
If the NOUNLINK definition is set to 0
then this results in no change to what happens normally.
(and results in identical binary (in the kernel)).
It can be proven that if this bit is never set by the admin,
no new behaviour is introduced..
Several "good idea" comments from reviewers plus one grumble
about creeping featurism.

This code is in production in 2.2 based systems
1997-06-02 06:24:52 +00:00
Thomas Gellekum
664b197825 Typo police. 1997-05-22 07:02:01 +00:00
Peter Wemm
d3e0a2504d Now I really understand the reason for the style.9 rule about not having
visible type names in prototypes in user space headers.  libutil.h
generates warnings with -Wall over the use of "const char *ttyname".
It's lucky it wasn't a #define conflict.
Is a single '_' prefix acceptable? or does it need to be two?
1997-05-19 10:04:15 +00:00
David Nugent
ebcea1131c MF2.2: update login_cap api docs.
PR:
Reviewed by:
Submitted by:
Obtained from:
1997-05-18 09:14:11 +00:00
David Nugent
cfd94da5e2 For non-root uids, consider root-owned files also 'secure' unless otherwise
disqualified.
1997-05-15 06:06:32 +00:00
Satoshi Asami
80ec9b23e0 Back out previous revision. Shlib version numbers are supposed to be
bumped only 0.1 or 1.0 between releases.  (See handbook.)

Note that if you have built world in -current in the last 48 hours or
so, you should manually remove /usr/lib/libutil.so.2.3 before
rebuilding world to cleanse your system.
1997-05-13 08:51:49 +00:00
Brian Somers
85b0d75dd9 Make uu_* const correct.
Suggested by:	joerg
1997-05-12 10:36:14 +00:00
David Nugent
210793f753 Add #include <sys/types.h> in synopsis, now required for libutil.h. 1997-05-11 08:50:33 +00:00
David Nugent
ecc5526939 Bump shared lib version to 2.3.
Suggested by: bde
1997-05-11 08:31:43 +00:00
David Nugent
5f3a736739 MF2.2: bugfix in arrayize(). 1997-05-11 08:07:29 +00:00
David Nugent
56c0434453 Summary of login.conf support changes:
o Incorporated BSDI code and enhancements, better logging for error
  checking (which has been shown to be a problem, and is therefore
  justified, imho); also some minor things we were missing, including
  better quad_t math, which checks for under/overflows.

o setusercontext() now allows user resource limit overrides, but
  does this AFTER dropping root privs, to restrict the user to
  droping hard limits and set soft limits within the kernel's
  allowed user limits.

o umask() only set once, and only if requested.

o add _secure_path(), and use in login.conf to guard against
  symlinks etc. and non-root owned or non-user owned files being
  used. Derived from BSDI contributed code.

o revamped authentication code to BSDI's latest api, which
  includes deleting authenticate() and adding auth_check()
  and a few other functions. This is still marked as depecated
  in BSDI, but is included for completeness. No other source
  in the tree uses this anyway, so it is now bracketed with
  #ifdef LOGIN_CAP_AUTH which is by default not defined. Only
  auth_checknologin() and auth_cat() are actually used in
  module login_auth.c.

o AUTH_NONE definition removed (collided with other includes
  in the tree). [bde]

o BSDI's login_getclass() now accepts a char *classname
  parameter rather than struct passwd *pwd. We now do likewise,
  but added login_getpwclass() for (sort of) backwards
  compatiblity, namely because we handle root as a special
  case for the default class. This will require quite a few
  changes elsewhere in the source tree.

o We no longer pretend to support rlim_t as a long type.

o Revised code formatting to be more bsd-ish style.
1997-05-10 18:55:38 +00:00
David Nugent
3564cb62c8 Move login_cap.h from src/include for easier maintenance with
related files.
1997-05-10 12:49:30 +00:00
Daniel O'Callaghan
a6f96c4131 Fix punctuation: "it's" -> "its" 1997-04-17 23:31:47 +00:00
Bruce Evans
c5a44d911a Fixed missing const in synopsis. 1997-04-13 14:12:48 +00:00
Mike Pritchard
134970f671 Grammar police. 1997-04-02 05:52:22 +00:00
Andrey A. Chernov
28804f92db Add Id
Reduce space for error bufer from 512 to 128: there is no such long strings
can be returned from strerror()
1997-04-02 04:24:39 +00:00
Andrey A. Chernov
81d9597ce7 Code space optimization in uu_lockerr() 1997-04-02 03:53:49 +00:00
Andrey A. Chernov
2875419215 Remove unused USE_PERROR define and syslog.h include
Use snprintf instead of sprintf to avoid buffer overflows
Use snprintf in uu_lockerr instead of lots of hardcoded constants
and not null-terminated strncpy
Return "" for OK and "device in use" for INUSE, it allows simple
strcpy(buf, uu_lockerr(retcode)) without testing for special OK
case (NULL was there) and obtaining meaningful result for INUSE
("" was there) without special testing for it too.
1997-04-02 03:38:29 +00:00
Mike Pritchard
698fdb70ff MLINK uu_lockerr(3). 1997-04-01 17:44:58 +00:00
Mike Pritchard
b5ebf1f5cd Mdoc police. 1997-04-01 17:44:31 +00:00
Brian Somers
687d0cdeb3 Remove the syslog stuff, and allow various return values
in uu_lock().  Add uu_lockerr() for turning the results of
uu_lock into something printable.  Remove bogus section in man page
about race conditions allowing both processes to get the lock.
Include libutil.h and use uu_lock() correctly  where it should.

Suggested by:	ache@freebsd.org
1997-03-31 22:51:00 +00:00
Brian Somers
568b59b9df Move uucplock into libutil and create a manual page. 1997-03-30 12:12:20 +00:00
Bruce Evans
d06390f68b Fixed misquoted arg in synopsis. 1997-03-19 02:01:27 +00:00
Andrey A. Chernov
65f50b7f27 "infinity" check was missed from login_getcapsize(), add it
One manifestation of this bug: all networking users have coredumpsize=0
1997-02-27 00:24:05 +00:00
Peter Wemm
7e546392b5 Revert $FreeBSD$ to $Id$ 1997-02-22 15:12:41 +00:00
Peter Wemm
b97fa2ef50 Revert $FreeBSD$ to $Id$ 1997-02-22 14:13:04 +00:00
David Nugent
e9039c38dc Obsolete fgetline() -> fgetln(); and chop off newline if necessary. 1997-02-10 16:32:03 +00:00
Satoshi Asami
d649be870e 1MB is 1048576 bytes, not 1038476 bytes. (I can see that the original
committer wasn't using the MicroSlop Natural keyboard though! :)
1997-02-05 06:06:15 +00:00
David Nugent
2955fda458 Fix free()ing block twice, remove unused function. 1997-01-30 03:37:13 +00:00
David Nugent
f01e39893b Fix typo .->, for default separators in login_getcaplist(). 1997-01-29 06:50:00 +00:00
David Nugent
f9074e29fc Completed fixes with login_getcapsize(). 1997-01-29 06:31:42 +00:00
David Nugent
93aa55544d Added -Wall to CFLAGS, cleaned up (all avoidable) warnings. 1997-01-29 06:11:31 +00:00
David Nugent
51706563c4 1) Fixed bug in free()ing internal string/array where
allocated size not reset to 0 causing NULL dereference
	on call after login_close().
2)	Modify login_capsize() behaviour to match manpage, allow
	concatenated sizes; ie. 10m500k
1997-01-29 06:06:32 +00:00
David Nugent
0df75c02f4 #include <sys/stat.h> for umask() prototype. 1997-01-29 06:02:49 +00:00
Wolfram Schneider
75141cc987 Sort cross references. 1997-01-20 23:23:22 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Peter Wemm
7a19f2366e Bump libutil.so version (2.1 -> 2.2) since a whole heap of new functions
were added with the login class stuff.  This is needed since libutil.so.2.1
is what is used in RELENG_2_2 and well into the release cycle.  We only
bump once per release cycle as needed.
1997-01-13 03:05:04 +00:00