550 Commits

Author SHA1 Message Date
des
c1d3d1a5fd Switch the default password hash from md5 to sha512.
MFC after:	1 week
2012-06-19 14:46:18 +00:00
bapt
4d9f5b8227 Revert user comparison back to user names as some user can share uids (root/toor
for example)

get the username information from old_pw structures to still allow renaming of a
user.

Reported by:	Claude Buisson <clbuisson@orange.fr>
Approved by:	des (mentor)
MFC after:	3 weeks
2012-06-19 11:39:56 +00:00
des
24379c8402 Finally nuke auth.conf, nine years after it was deprecated. The only
thing it was still used for was to set the "global default" password
hash.  Since the stock auth.conf contained nothing but comments, the
global default was actually the first algorithm in crypt(3)'s list,
which happens to be DES; I take the fact that nobody noticed as proof
that it was not used outside of crypt(3).

The only other use in our tree was in the Kerberos support code in
in tinyware's passwd(1).  I removed that code in an earlier commit;
it would not have compiled anyway, as it only supported Kerberos IV.

The auth_getval() function is now a stub that always returns NULL,
which has the same effect as a functional auth_getval() with an
empty auth.conf.

MFC after:	3 weeks
2012-06-12 17:02:53 +00:00
des
b7f9eb54a9 Document that we also support sha256 and sha512.
MFC after:	1 week
2012-06-08 12:36:08 +00:00
gjb
67d88d49d4 General mdoc(7) and typo fixes.
PR:		167804
Submitted by:	Nobuyuki Koganemaru (kogane!jp.freebsd.org)
MFC after:	3 days
2012-05-12 15:08:22 +00:00
joel
bd3242adc9 mdoc: terminate quoted strings. 2012-03-30 12:34:34 +00:00
joel
f1a6c7f032 mandoc complains loudly when <TAB>s are misused in columnated lists. Fix
this syntax violation and while I'm here also convert <TAB> to Ta and adjust
quotation marks in order to prevent this problem in the future.
2012-03-29 16:02:40 +00:00
eadler
1ef5fe44d3 Remove trailing whitespace per mdoc lint warning
Disussed with:	gavin
No objection from:	doc
Approved by:	joel
MFC after:	3 days
2012-03-29 05:02:12 +00:00
joel
56f5938296 mdoc: sort prologue macros. 2012-03-26 19:23:57 +00:00
joel
4ff32e1521 This string should be quoted.
Noticed by:	brueffer
2012-03-26 15:29:02 +00:00
joel
4234591b03 mdoc: terminate quoted strings.
Reviewed by:	brueffer
2012-03-26 15:18:14 +00:00
gjb
9761e3fdaf Fix various typos in manual pages.
Submitted by:	amdmi3
PR:		165431
MFC after:	1 week
2012-02-25 14:31:25 +00:00
ghelmer
ee9aa86ad6 Set the O_CLOEXEC flag when opening the pidfile to avoid leaking the
file descriptor via exec(3).

Now that daemon(8) has been fixed to resolve the issue noted by trociny,
the consensus is that this change should be OK.
2012-02-20 13:59:24 +00:00
ed
a03b3637dd Detect file modification properly by using tv_nsec.
POSIX 2008 standardizes st_mtim, meaning we can simply use nanosecond
precision to detect file modification.

MFC after:	2 weeks
2012-02-10 13:40:32 +00:00
eadler
c8d9c45343 Fix NULL ptr dereference in setusercontext if pwd is null,
LOGIN_SETPRIORITY is set, and setting the priority (rtprio or
setpriority) fails.

PR:		kern/164238
Submitted by:	Alexander Wittig <alexander@wittig.name>
Reviewed by:	des
Approved by:	cperciva
MFC after:	1 month
2012-02-09 21:06:47 +00:00
pjd
62f39c08bc Add a comment to the example that pidfile_* functions can handle pfh being NULL.
MFC after:	3 days
2012-02-08 08:49:30 +00:00
pjd
b87f041277 Note that calling pidfile_write(3) multiple times is fine.
MFC after:	3 days
2012-02-08 08:43:41 +00:00
ghelmer
10fb6673e8 Using the O_CLOEXEC flag on open(2) caused the pidfile lock to be lost
when the child process execs daemon's target program thanks to flock(2)
semantics. So, we apparently have to leak the open pidfile's file
descriptor to keep the lock for the pidfile(3) functions to work properly.

Test case demonstrated by trociny:

ref8-amd64:/home/trociny% uname -r
8.2-STABLE
ref8-amd64:/home/trociny% daemon -p /tmp/sleep.pid sleep 10
ref8-amd64:/home/trociny% daemon -p /tmp/sleep.pid sleep 10
daemon: process already running, pid: 19799

kopusha:~% uname -r
10.0-CURRENT
kopusha:~% daemon -p /tmp/sleep.pid sleep 10
kopusha:~% daemon -p /tmp/sleep.pid sleep 10
kopusha:~%
2012-02-06 14:11:24 +00:00
ghelmer
0c19567ee4 Consensus between bde and pjd seemed to be that if the function names
are lined up, then any * after a long type should appear after the
type instead of being in front of the function name on the following
line.
2012-01-26 20:40:22 +00:00
ghelmer
fd695d2710 Make the comments consistent (capitalization, punctuation, and
format).

Requested by bde
2012-01-26 20:35:01 +00:00
ghelmer
3e2a0771d8 Restore the parenthesis that are necessary around the constant values.
Requested by bde.
2012-01-26 20:33:08 +00:00
ghelmer
06b861e15c Remove unnecessary includes from these libutil man pages.
Requested by bde (as was the previous commit).
2012-01-16 21:25:41 +00:00
ghelmer
05bff00124 Fix more disorder in prototypes and constants.
Fix header comments for each section of constants.
Fix whitespace in #define lines.
Fix unnecessary parenthesis in constants.
2012-01-16 21:19:23 +00:00
ghelmer
7e48086a86 Move struct pidfh definition into pidfile.c, and leave a forward declaration
for pidfh in libutil.h in its place.
This allows us to hide the contents of the pidfh structure, and also
allowed removal of the "#ifdef _SYS_PARAM_H" guard from around the
pidfile_* function prototypes.

Suggested by pjd.
2012-01-12 22:49:36 +00:00
ghelmer
7f1af3a697 Fix disorder in MAN and MLINKS lists.
Requested by bde.
2012-01-12 15:45:08 +00:00
ghelmer
182f703420 More prototype formatting fixes, struct member formatting fixes,
and namespace fix for property_find() prototype.

Provided by bde.
2012-01-12 14:40:25 +00:00
ghelmer
6295f4a536 pidfile_open() no longer uses fcntl() to set the close-on-exec flag. 2012-01-12 14:13:49 +00:00
ghelmer
74567f2f6d Fix prototype formatting (indentation, long lines, and continued lines).
Requested by bde.
2012-01-11 22:45:15 +00:00
ghelmer
48d9161861 Fix namespace issues with prototype parameter names.
Add missing prototype parameter names.

Requested by bde.
2012-01-11 22:33:41 +00:00
ghelmer
32c9b865ae Fix forward structure declaration and prototype disorder.
Requested by bde.
2012-01-11 22:12:45 +00:00
ghelmer
5f5cbaa5f6 jilles pointed out that O_CLOEXEC could be used in the open(2) flags
rather than using fcntl(2) later, and in addition to saving a system
call, removes a possible race with fork/exec from threads or signal
handlers.
2012-01-11 16:35:26 +00:00
pjd
37abda7926 Constify arguments. 2012-01-11 00:31:04 +00:00
ghelmer
cd69e2328d Add link for pidfile_fileno.3 to pidfile.3 - thanks again pjd! 2012-01-10 22:22:35 +00:00
ghelmer
80ebde6f3d Style fixes courtesy of pjd. 2012-01-10 21:47:58 +00:00
ghelmer
10c35ce6a7 Document that pidfile_open() now sets the FD_CLOEXEC flag on the open
file descriptor, and that errors can be returned as a result of the
fcntl(2) system call.
2012-01-10 21:39:43 +00:00
ghelmer
9446d41409 Add pidfile_fileno() to obtain the file descriptor for an open
pidfile.
2012-01-10 19:53:25 +00:00
ghelmer
f6e21fcb26 Set the FD_CLOEXEC flag on the open pidfile file descriptor.
Discussed with: pjd, des
2012-01-10 18:43:27 +00:00
uqs
f699659cf8 Convert files to UTF-8 and add some copyright markers where missing. 2012-01-07 16:13:56 +00:00
bapt
a00247bc12 Add new pw_make_v7 to make a passwd line (in v7 format) out of a struct passwd
while here, fix missing parentheses of the return statement of pw_make.

Approved by:	des (mentor)
2012-01-05 10:40:24 +00:00
ed
e7e5b53bf1 Replace index() and rindex() calls with strchr() and strrchr().
The index() and rindex() functions were marked LEGACY in the 2001
revision of POSIX and were subsequently removed from the 2008 revision.
The strchr() and strrchr() functions are part of the C standard.

This makes the source code a lot more consistent, as most of these C
files also call into other str*() routines. In fact, about a dozen
already perform strchr() calls.
2012-01-03 18:51:58 +00:00
bapt
b5cd6ab67f Modify pw_copy:
- if pw is NULL and oldpw is not NULL then the oldpw is deleted
- if pw->pw_name != oldpw->pw_name but pw->pw_uid == oldpw->pw_uid
then it renames the user

add new gr_* functions so now gr_util API is similar to pw_util API,
this allow to manipulate groups in a safe way.

Reviewed by:	des
Approved by:	des
MFC after:	1 month
2011-12-15 22:07:36 +00:00
pjd
770f64229c In pidfile_open(), if the pidfile is locked, but empty (PID is not stored yet)
and the caller requested other process' PID by passing non-NULL pidptr
argument, we will wait at most 100ms for the PID to show up in the file and if
it won't, we will store -1 in *pidptr.

From now on, pidfile_open() function never sets errno to EAGAIN on failure.

In collaboration with:	des
MFC after:		1 week
2011-10-16 21:30:15 +00:00
trasz
4624538173 Add missing "swapuse" resource limit. 2011-07-09 08:42:23 +00:00
stas
5f9f795476 - Commit work from libprocstat project. These patches add support for runtime
file and processes information retrieval from the running kernel via sysctl
  in the form of new library, libprocstat.  The library also supports KVM backend
  for analyzing memory crash dumps.  Both procstat(1) and fstat(1) utilities have
  been modified to take advantage of the library (as the bonus point the fstat(1)
  utility no longer need superuser privileges to operate), and the procstat(1)
  utility is now able to display information from memory dumps as well.

  The newly introduced fuser(1) utility also uses this library and able to operate
  via sysctl and kvm backends.

  The library is by no means complete (e.g. KVM backend is missing vnode name
  resolution routines, and there're no manpages for the library itself) so I
  plan to improve it further.  I'm commiting it so it will get wider exposure
  and review.

  We won't be able to MFC this work as it relies on changes in HEAD, which
  was introduced some time ago, that break kernel ABI.  OTOH we may be able
  to merge the library with KVM backend if we really need it there.

Discussed with:	rwatson
2011-05-12 10:11:39 +00:00
obrien
260ac2ee26 Don't duplicate define the stdint types. 2011-05-05 14:45:24 +00:00
delphij
c14cd58282 Add support for IEE/IEC (and now also SI) power of two notions of
prefixes (Ki, Mi, Gi...) for humanize_number(3).

Note that applications has to pass HN_IEC_PREFIXES to use this
feature for backward compatibility reasons.

Reviewed by:	arundel
MFC after:	2 weeks
2011-04-12 22:48:03 +00:00
pluknet
6e5f09a222 Add missing resource limits:
- RLIMIT_NPTS
- RLIMIT_SWAP

MFC after:	1 week
2011-03-24 16:06:57 +00:00
delphij
0ad5e9d9f0 humanize_number(3) multiply the input number by 100, which could cause an
integer overflow when the input is very large (for example, 100 Pi would
become about 10 Ei which exceeded signed int64_t).

Solve this issue by splitting the division into two parts and avoid the
multiplication.

PR:		bin/146205
Reviewed by:	arundel
MFC after:	1 month
2011-03-23 22:08:01 +00:00
gjb
0d69b2025b s/buffer/buf as is used in the code.
Submitted by:	arundel (via doc@)
MFC after:	3 days
2011-03-21 23:59:20 +00:00
pjd
8bca3d08d5 expand_number() needs uint64_t, declare it here if not already declared.
MFC after:	3 days
2011-03-06 17:46:06 +00:00