Commit Graph

232 Commits

Author SHA1 Message Date
ache
6a842ce994 Implement login classes sepcification as user[/loginclass]
By default inetd run things with the same limits as from /etc/rc
(daemon class) to not break anything as in good old days.
1997-10-27 22:03:47 +00:00
charnier
e9cad8594e Use err(3). 1997-09-19 06:27:30 +00:00
imp
b52523a54a Remove and odd sleep found by David Holland and posted to -security.
Reviewed by:	Theo de Raadt (who put it into OpenBSD)
Submitted by:	David Holland <dholland@eecs.harvard.edu>
1997-08-29 18:00:11 +00:00
davidn
f766bd31c5 login_getclass() -> login_getpwclass(). 1997-05-10 19:02:03 +00:00
wollman
c63d12aeb3 Condition SO_PRIVSTATE twiddling on the definedness of SO_PRIVSTATE.
(This was done as a #ifdef to keep source compatibility between 2.2 and 3.0.)
1997-04-28 13:55:07 +00:00
imp
691010efad compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.
1997-03-31 05:11:47 +00:00
peter
b782f4df30 Revert $FreeBSD$ to $Id$ 1997-02-22 16:15:28 +00:00
julian
f061fa28f5 The "-a" option for inetd specifies a specific IP address for the
server to bind to. This works until you send it a SIGHUP with a
new service defined ... the new service is bound to INADDR_ANY.

This patch fixes this bug (in both RELENG_2_2 and -current).

This is a 2.2 candidate..(i.e. pure bug fix)

Submitted by:	Archie Cobbs (archie@whistle.com)
1997-02-05 19:50:04 +00:00
wosch
3c5e4a3bbe Sort cross references. 1997-01-20 00:03:00 +00:00
jkh
808a36ef65 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
peter
7251a7b426 Implement minimal login class support (ie: does a setusercontext()).
Enabled by defining LOGIN_CAP in Makefile, on by default.
1997-01-13 02:52:30 +00:00
julian
f447087e68 Reviewed by: Bill fenner
Submitted by:	Archie Cobbs (Archie@whistle.com)

Changes to allow inted to control the number of servers to
start on each service. This is a defence against a denial of service attack
in which the system is made unusable by
an external party. It also allows the behaviour of
small memory systems to be more accuratly predicted, by
bounding the extent to which processes can multiply.
1996-11-10 21:12:44 +00:00
julian
5278ea869e Reviewed by: Bill fenner
Submitted by:	 Archie Cobbs (archie@whistle.com)

changes to make inetd compile cleaner under -Wall
1996-11-10 21:07:27 +00:00
alex
8d80515b00 Fix incorrect length argument to memset() function. Closes PR#1937.
Submitted by:	Archie Cobbs <archie@whistle.com>
1996-11-01 01:42:08 +00:00
joerg
e9e54bcde4 Do not modify a malloc()ed pointer; instead, use memmove().
Detected by: phkmalloc - AJ :)
1996-10-28 23:02:38 +00:00
julian
53ead71d81 Reviewed by: various
Submitted by:	archie@whistle.com

changes to allow inetd to bind to a single interface
for more complicated options see xinetd in ports.

Obtained from: whistle.com
1996-08-09 22:20:24 +00:00
dg
a811461f7d Increased listen() queue-depth limit to 64. 1996-07-17 15:00:28 +00:00
gpalmer
3829b6d0e8 Add $Id$ 1996-05-07 03:16:43 +00:00
wollman
41f00ad7a0 Call setsockopt(SO_PRIVSTATE) to renounce SS_PRIV on all the sockets
we create.  (Nothing being called from inetd should use it anyway,
but you can never be too careful.)

Translate the man page back into -mdoc.
1996-02-07 17:15:01 +00:00
mpp
511d4f82b2 Fix a bunch of spelling errors in a bunch of man pages. 1996-01-30 13:52:50 +00:00
peter
eb8e89ecaf Make inetd use setproctitle from libutil instead of it's own version.
The old code can probably still be compiled with #define OLD_SETPROCTITLE
1996-01-01 08:42:23 +00:00
peter
40d1117791 Workaround for the setlogin()-in-same-session-as-inetd bug.
This causes:
1: inetd to clear it's getlogin() name at startup (in case the sysadmin
	logged in and su'ed to root and restarted inetd)
2: inetd to start each spawned process in it's own session.
3: inetd to call setlogin() on non-root processes (eg: uucp for uucico)
4: log failures more extensively

This means that root spawned processes from inetd remain responsible for
setting their login name if they change their uid. (eg: rshd, login, etc).

If they do not do so, it is safer for them to have no "login name" than a
wrong one (like "root") because the getlogin() system call is documented
as "secure" on 4.4BSD.  inetd when started from /etc/rc would have no login
name anyway, so this isn't really a change - it's making it consistant with
the bootup state...

The setsid() change *may* cause something to break that is doing a setsid()
itself and checking the result - it will fail now because it's already been
done.  The consensis seems to be that this is unlikely. David G. thinks
this is acceptable as it is cleaner from an architectural point of view.
1995-11-03 09:30:13 +00:00
adam
04b5326448 Implement simple quoting for command args.
Previously "abc xyz" became 2 args split at the space.
1995-10-30 14:03:00 +00:00
wollman
4012c9269a Record PID in /var/run/inetd.pid and document same. 1995-10-12 16:43:27 +00:00
dg
78aea1ad2e Correct the "default rate" - it's 256/minute not 1000/minute. 1995-10-09 23:34:07 +00:00
rgrimes
1b1ee55538 Merge RELENG_2_0_5 into HEAD 1995-06-11 19:33:05 +00:00
rgrimes
4f960dd75f Remove trailing whitespace. 1995-05-30 03:57:47 +00:00
wollman
d067a90a1c Disable UDP service looping attack. 1994-12-21 19:08:45 +00:00
csgr
f146ba5a9b - increase TOOMANY, in line with 1.x
- add logging option from 1.x
1994-09-11 11:16:32 +00:00
csgr
88dbb490c7 Bring in handling of RPC services from 1.x
(Guess who forgot to replace his inetd until today ;-)
1994-09-11 10:48:02 +00:00
wollman
d7fca5c189 Get rid of update. Make man page installation work with our scheme
(and rename a few in the process).
1994-08-05 16:31:05 +00:00
rgrimes
862fdf11a2 BSD 4.4 Lite usr.sbin Sources 1994-05-26 05:23:31 +00:00