Commit Graph

159 Commits

Author SHA1 Message Date
David Nugent
56c0434453 Summary of login.conf support changes:
o Incorporated BSDI code and enhancements, better logging for error
  checking (which has been shown to be a problem, and is therefore
  justified, imho); also some minor things we were missing, including
  better quad_t math, which checks for under/overflows.

o setusercontext() now allows user resource limit overrides, but
  does this AFTER dropping root privs, to restrict the user to
  droping hard limits and set soft limits within the kernel's
  allowed user limits.

o umask() only set once, and only if requested.

o add _secure_path(), and use in login.conf to guard against
  symlinks etc. and non-root owned or non-user owned files being
  used. Derived from BSDI contributed code.

o revamped authentication code to BSDI's latest api, which
  includes deleting authenticate() and adding auth_check()
  and a few other functions. This is still marked as depecated
  in BSDI, but is included for completeness. No other source
  in the tree uses this anyway, so it is now bracketed with
  #ifdef LOGIN_CAP_AUTH which is by default not defined. Only
  auth_checknologin() and auth_cat() are actually used in
  module login_auth.c.

o AUTH_NONE definition removed (collided with other includes
  in the tree). [bde]

o BSDI's login_getclass() now accepts a char *classname
  parameter rather than struct passwd *pwd. We now do likewise,
  but added login_getpwclass() for (sort of) backwards
  compatiblity, namely because we handle root as a special
  case for the default class. This will require quite a few
  changes elsewhere in the source tree.

o We no longer pretend to support rlim_t as a long type.

o Revised code formatting to be more bsd-ish style.
1997-05-10 18:55:38 +00:00
David Nugent
3564cb62c8 Move login_cap.h from src/include for easier maintenance with
related files.
1997-05-10 12:49:30 +00:00
Daniel O'Callaghan
a6f96c4131 Fix punctuation: "it's" -> "its" 1997-04-17 23:31:47 +00:00
Bruce Evans
c5a44d911a Fixed missing const in synopsis. 1997-04-13 14:12:48 +00:00
Mike Pritchard
134970f671 Grammar police. 1997-04-02 05:52:22 +00:00
Andrey A. Chernov
28804f92db Add Id
Reduce space for error bufer from 512 to 128: there is no such long strings
can be returned from strerror()
1997-04-02 04:24:39 +00:00
Andrey A. Chernov
81d9597ce7 Code space optimization in uu_lockerr() 1997-04-02 03:53:49 +00:00
Andrey A. Chernov
2875419215 Remove unused USE_PERROR define and syslog.h include
Use snprintf instead of sprintf to avoid buffer overflows
Use snprintf in uu_lockerr instead of lots of hardcoded constants
and not null-terminated strncpy
Return "" for OK and "device in use" for INUSE, it allows simple
strcpy(buf, uu_lockerr(retcode)) without testing for special OK
case (NULL was there) and obtaining meaningful result for INUSE
("" was there) without special testing for it too.
1997-04-02 03:38:29 +00:00
Mike Pritchard
698fdb70ff MLINK uu_lockerr(3). 1997-04-01 17:44:58 +00:00
Mike Pritchard
b5ebf1f5cd Mdoc police. 1997-04-01 17:44:31 +00:00
Brian Somers
687d0cdeb3 Remove the syslog stuff, and allow various return values
in uu_lock().  Add uu_lockerr() for turning the results of
uu_lock into something printable.  Remove bogus section in man page
about race conditions allowing both processes to get the lock.
Include libutil.h and use uu_lock() correctly  where it should.

Suggested by:	ache@freebsd.org
1997-03-31 22:51:00 +00:00
Brian Somers
568b59b9df Move uucplock into libutil and create a manual page. 1997-03-30 12:12:20 +00:00
Bruce Evans
d06390f68b Fixed misquoted arg in synopsis. 1997-03-19 02:01:27 +00:00
Andrey A. Chernov
65f50b7f27 "infinity" check was missed from login_getcapsize(), add it
One manifestation of this bug: all networking users have coredumpsize=0
1997-02-27 00:24:05 +00:00
Peter Wemm
7e546392b5 Revert $FreeBSD$ to $Id$ 1997-02-22 15:12:41 +00:00
Peter Wemm
b97fa2ef50 Revert $FreeBSD$ to $Id$ 1997-02-22 14:13:04 +00:00
David Nugent
e9039c38dc Obsolete fgetline() -> fgetln(); and chop off newline if necessary. 1997-02-10 16:32:03 +00:00
Satoshi Asami
d649be870e 1MB is 1048576 bytes, not 1038476 bytes. (I can see that the original
committer wasn't using the MicroSlop Natural keyboard though! :)
1997-02-05 06:06:15 +00:00
David Nugent
2955fda458 Fix free()ing block twice, remove unused function. 1997-01-30 03:37:13 +00:00
David Nugent
f01e39893b Fix typo .->, for default separators in login_getcaplist(). 1997-01-29 06:50:00 +00:00
David Nugent
f9074e29fc Completed fixes with login_getcapsize(). 1997-01-29 06:31:42 +00:00
David Nugent
93aa55544d Added -Wall to CFLAGS, cleaned up (all avoidable) warnings. 1997-01-29 06:11:31 +00:00
David Nugent
51706563c4 1) Fixed bug in free()ing internal string/array where
allocated size not reset to 0 causing NULL dereference
	on call after login_close().
2)	Modify login_capsize() behaviour to match manpage, allow
	concatenated sizes; ie. 10m500k
1997-01-29 06:06:32 +00:00
David Nugent
0df75c02f4 #include <sys/stat.h> for umask() prototype. 1997-01-29 06:02:49 +00:00
Wolfram Schneider
75141cc987 Sort cross references. 1997-01-20 23:23:22 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Peter Wemm
7a19f2366e Bump libutil.so version (2.1 -> 2.2) since a whole heap of new functions
were added with the login class stuff.  This is needed since libutil.so.2.1
is what is used in RELENG_2_2 and well into the release cycle.  We only
bump once per release cycle as needed.
1997-01-13 03:05:04 +00:00
Mike Pritchard
32e43d391c Minor mdoc style fixes. 1997-01-09 07:12:09 +00:00
Mike Pritchard
717feb32a0 Man page police. 1997-01-08 06:51:32 +00:00
David Nugent
1c594de59d Various bugfixes. 1997-01-07 16:28:12 +00:00
David Nugent
273b52cea1 Consistency check: refs to ~/.login.conf should be ~/.login_conf. 1997-01-07 14:29:50 +00:00
David Nugent
65fa0ae191 Commit the right version this time. :-) 1997-01-07 13:32:04 +00:00
David Nugent
2dc7d862d8 Fix for login_getclass(NULL) case. 1997-01-07 13:29:21 +00:00
David Nugent
5023ac7251 Fix typos pointed out by bde (thanks!). 1997-01-05 09:06:32 +00:00
Bruce Evans
b488c451de Don't depend only <stdio.h> bogusly including <sys/types.h>.
(<sys/types.h> is a prerequisite for <login_cap.h> mainly because
the latter wants to typedef rlim_t.  rlim_t is typedefed in
<sys/types.h> in NetBSD.)
1997-01-05 07:12:29 +00:00
David Nugent
561d61ca90 Add missing manpage for login.conf. 1997-01-05 03:24:45 +00:00
David Nugent
68bbf3adb0 Library functions relating to the login class capabilities database,
including manpages.
See also login_cap.h.
1997-01-04 16:50:08 +00:00
Alexander Langer
904259996b Grammatical changes.
Reviewed by:	joerg
1997-01-01 03:29:33 +00:00
Mike Pritchard
cb22292338 Spelling/mdoc police. 1996-12-30 21:08:45 +00:00
Joerg Wunsch
483f4c8371 Finally document the interfaces found in libutil. While being here,
also add the missing declaration of forkpty() to libutil.h.

Btw., the calling interface for login(3) is crude.  Some better
abstraction is needed, perhaps similar to logwtmp(3).

2.2 candidate, but i'll wait for the spelling police first. :)
1996-12-29 18:30:42 +00:00
Steve Price
fb5cb2083a Merge Lite2 mods, and -Wall cleaning. undelete(2) cruft
not yet implemented is protected by a define (BSD4_4_LITE)
that should be removed when this call is supported by the
kernel.
1996-12-14 06:03:29 +00:00
Mike Pritchard
6c65d95969 Some minor man page cleanup. 1996-08-23 20:52:53 +00:00
Jordan K. Hubbard
51295a4d3e General -Wall warning cleanup, part I.
Submitted-By: Kent Vander Velden <graphix@iastate.edu>
1996-07-12 18:57:58 +00:00
Guido van Rooij
79a1b8d9e2 Implement incremental passwd database updates. This is done by ading a '-u'
option to pwd_mkdb and adding this option to utilities invoking it.
Further, the filling of both the secure and insecure databases has been
merged into one loop giving also a performance improvemnet.
Note that I did *not* change the adduser command. I don't read perl
(it is a write only language anyway).
The change will drastically improve performance for passwd and
friends with large passwd files. Vipw's performance won't change.
In order to do that some kind of diff should be made between the
old and new master.passwd and depending the amount of changes, an
incremental or complete update of the databases should be agreed
upon.
1996-07-01 19:38:50 +00:00
Andrey A. Chernov
2fcdb74d96 If hostname > UT_HOSTSIZE, use its numeric address instead to keep
valid entries into utmp and wtmp
1996-06-17 14:49:02 +00:00
Peter Wemm
7350dd84a0 If the two recently added sysctl variables exist, use those rather than
the statically compiled PS_STRINGS and USRSTACK variables.  This prevents
programs using setproctitle from coredumping if the kernel VM is increased,
and stops libkvm users (w, ps, etc) from needing to be recompiled if only
the VM layout changes.
1996-02-24 14:37:30 +00:00
Mike Pritchard
e2cc67ef3c Another round of spelling fixes. 1996-01-30 18:13:11 +00:00
Peter Wemm
3b7e1cc80f Bump libutil revision after recent addition of setproctitle().
Install (optional) libutil.h with prototypes for the functions and
document this in the man page.

minor cleanups to the various routines, include the prototype file, declare
return codes etc.
1996-01-01 08:27:41 +00:00
Peter Wemm
0050777196 Bring in an initial version of setproctitle().. This is intended to
replace the dozen other various hacks in the code that do all sorts
of crude things including spamming the envrionment strings with the new
argv string.

This version is mainly inspired by the sendmail version, with a couple of
ideas taken from the NetBSD implementation as well.
1995-12-26 22:50:08 +00:00
Bruce Evans
1b88e35b80 Update to 4.4lite2 (clean up includes; initialize the name of the master
pty correctly (it was broken for calls to openpty() after the first
successful one)).
Obtained from:	4.4lite2
1995-10-22 19:11:12 +00:00
Bill Paul
d877befa37 Small NIS tweak: frob pw_error() a little so that it can say either
'NIS information unchanged' or '/etc/master.passwd unchanged'
depending on which was is being modified (conditional on -DYP).

This is to save me the trouble of writing a whole other error
routine (nis_error()?) for the upcoming changes to passwd and
chpass.
1995-08-13 16:05:06 +00:00
Rodney W. Grimes
6c06b4e2aa Remove trailing whitespace. 1995-05-30 05:51:47 +00:00
Rodney W. Grimes
709e8f9ae1 Remove trailing whitespace. 1995-05-30 03:57:47 +00:00
Andrey A. Chernov
b603d90c20 Fix suspended vipw hangs
Obtained from: NetBSD
1995-03-09 21:53:12 +00:00
Jordan K. Hubbard
1338e00966 Support for >32 PTYs.
Submitted by:	Heikki Suonsivu <hsu@cs.hut.fi>
1995-02-09 11:11:01 +00:00
David Greenman
89730b290a Added $Id$ 1994-09-24 02:59:15 +00:00
Rodney W. Grimes
58f0484fa2 BSD 4.4 Lite Lib Sources 1994-05-27 05:00:24 +00:00
Rodney W. Grimes
4b88c807ea BSD 4.4 Lite bin Sources 1994-05-26 06:18:55 +00:00
Rodney W. Grimes
dea673e932 BSD 4.4 Lite usr.sbin Sources 1994-05-26 05:23:31 +00:00