d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
63,194 Commits 4 Branches 49 Tags
Commit Graph

106 Commits

Author SHA1 Message Date
markm
6d1911d4af Verbosely (overridable) report failure to the user. 2001-08-10 19:07:45 +00:00
markm
d6d9a9d422 Use the FreeBSD pam_prompt() interface to the conversation function 
instead of home-rolling it. Clean up debugging code and tidy the
module.
 2001-08-10 19:05:57 +00:00
markm
cda9e6f687 Verbosely report errors to the user (overridable), and make sure 
that the correct failure mode is reported.
 2001-08-10 19:02:21 +00:00
markm
fef690379a Fix broken logic so that this actually works for the superuser. 
Verbosely log (properly).
Verbosely report errors to the user.
 2001-08-10 14:21:58 +00:00
markm
12c08f0451 Rework this to prevent a nasty problem involving different modules' 
option interacting with each other.
 2001-08-10 14:16:47 +00:00
markm
9768c83960 Declare the new user-error reporting macro. 
This is a macro to allow use of the __FILE__ and __FUNCTION__
macros.
 2001-08-10 14:15:00 +00:00
markm
7b1059217e Add a routine for providing feedback via the conversation mechanism 
(usually to stderr) for user-reportable errors.
 2001-08-10 14:13:16 +00:00
markm
3b25221320 Fix style/consistency in Makefile and repair static module building. 
Submitted by:	bde(partially)
 2001-08-04 21:51:14 +00:00
markm
1f44b5f4e9 Don't clobber CFLAGS 
Submitted by:	bde
 2001-08-04 21:49:30 +00:00
markm
edba6eee5e Fix the bug where this modulke was not checking the priamry GID, only 
the GIDS in /etc/group or NIS's group map.

Tested by:	sheldonh
PR:		29349
 2001-08-04 09:19:31 +00:00
markm
79a9463a45 With the S/KEY removal, this is no longer buildable or necessary. 2001-08-02 19:04:20 +00:00
markm
9bd038a011 Don't try to make pam_ssh module if NO_OPENSSH is set. 2001-08-02 19:01:02 +00:00
markm
78112d8985 Repair the get/set UID() stuff so this works in both su(1) and login(1) 
modes.
 2001-08-02 10:35:41 +00:00
markm
2754e9c466 Making this major bump was a BAD idea. The API change is internal (to PAM) 
and it caused problems without solving any.
 2001-07-30 09:56:38 +00:00
markm
6b3146187f (Re)Add an SSH module for PAM, heavily based on Andrew Korty's module 
from ports.
 2001-07-29 18:31:09 +00:00
ru
b2f5024e3b mdoc(7) police: widen width of the options list. 2001-07-18 14:49:32 +00:00
markm
208d8e13d4 Update to the same level of debug-logging as the rest of the 
FreeBSD/PAM modules.
 2001-07-17 07:36:51 +00:00
markm
b179f8e35f Update to the same code as in the pam_krb5.so port. 
According to Peter, the port works - this needs more testing.
 2001-07-17 07:34:36 +00:00
dd
911ca14c87 Remove whitespace at EOL. 2001-07-15 08:06:20 +00:00
markm
ada1f4d477 Use a better method of getting user credentials to account for 
(legal) UID duplication.

Rename use_uid to auth_as_self for consistency with other modules.
 2001-07-14 08:42:39 +00:00
markm
921b216c2d Use a better method to get user credentials to account for (legal) 
duplications of UID's in /etc/*passwd.
 2001-07-14 08:38:24 +00:00
ru
5001e16d30 mdoc(7) police: -xwidth has been fold into -width. 2001-07-13 09:09:52 +00:00
ru
80f926caa5 mdoc(7) police: fixed markup, a little bit. 2001-07-11 08:36:26 +00:00
ru
36e83f27aa mdoc(7) police: fixed markup any numerous typos. 2001-07-11 08:35:34 +00:00
markm
a8b501863a Fix a horrible bug introduced by myself where the options collection 
keeps on growing as the module stack is parsed.
 2001-07-10 16:59:30 +00:00
ru
36f138439b mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 14:16:33 +00:00
ru
317b7d8e37 mdoc(7) police: removed HISTORY info from the .Os call. 2001-07-10 13:41:46 +00:00
markm
88dfad0475 Clean up (and in some cases write) the PAM mudules, using 
o The new options-processing API
o The new DEBUG-logging API

Add man(1) pages for ALL modules. MDOC-Police welcome
to check this.

Audit, clean up while I'm here.
 2001-07-09 18:20:51 +00:00
markm
ff28ba8b35 Bump the major number. The libraries API has changed incompatibly. 2001-07-09 18:16:33 +00:00
markm
1b8cb1cd38 Almost completely rewrite the PAM module options processing 
routines, and provide a more extended API for doing this.

Provide an API for debug logging.

Audit and clean up the code.
 2001-07-09 18:14:43 +00:00
ru
05e503d80a mdoc(7) police: sort SEE ALSO xrefs (sort -b -f +2 -3 +1 -2). 2001-07-06 16:46:48 +00:00
ru
fd9d23bf28 mdoc(7) police: fixed formatting. 2001-07-06 07:29:59 +00:00
peter
dcb4453375 Fix libpam's linker set stuff to use the new API (unbreak world), and get 
rid of gensetdefs from here as well.
 2001-06-14 01:13:30 +00:00
chris
bf91fbcc4d Convert to mdoc(7). 2001-06-13 21:52:07 +00:00
markm
4e8273f82f Big module cleanup. 
Move common stuff into Makefile.inc, and tidy up all the Makefiles
as a result.

Build new modules.

Put a commented-out dependancy on libpam for the (shared) modules.
I can't bring this in just yet, as the dependancy (modules->libpam)
is reversed for the static case (libpam->modules).
 2001-06-04 19:47:56 +00:00
markm
bb5c80b440 Null file to bring back a file from the dead. This allows the real commit 
to happen remotely. Damn CVS bugs :-(
 2001-06-04 19:25:41 +00:00
markm
cafc16591f Add the "nullok" option that causes this module to succeed if the Unix 
password is empty/null.
 2001-06-04 19:16:57 +00:00
markm
c5ba97baf9 Tidy up the options list (and make it more extendable), and add some 
extra "standard" options.
 2001-06-04 19:12:08 +00:00
markm
a28a87bd61 Add some new utility authenticators. 
pam_securetty silently succeeds if the user is on a secure tty
as defined by /etc/ttys.

pam_ftp does "anonymous ftp" style authentication with options for
specifying the anonymous user(s).
 2001-06-04 18:44:47 +00:00
markm
f6fb59fd55 Add the "auth_as_self" option to the pam_unix module (there is no 
reason not to add it to others later). This causes the pam_unix
module to check the user's _own_ password, not the password of the
account that the user is authenticating into. This will allow eg:
WHEELSU type behaviour from su(1).
 2001-05-24 18:35:52 +00:00
markm
8f01d4f9a2 Bring in a few useful PAM modules. 
pam_krb5 is a Kerberos 5 (Heimdal) authentication module.

pam_nologin checks for /etc/nologin and does the "usual stuff"
	if it is found, otherwise it silently succeeds.

pam_rootok silently succeeds if the user is root, otherwise
	it fails.

pam_wheel silently succeeds if the user is a member of group
	"wheel" (or another nominated group), and fails
	otherwise.

There is an issue with kerberosIV and kerberos5 - if both are
being built, then static linking fails with duplicate symbols.
This will take a bit of work to sort out in the kerberii.
 2001-05-14 11:23:58 +00:00
green
95ca151349 Finish disconnecting pam_ssh from the build. 2001-05-04 20:40:53 +00:00
green
5b85c0e3b3 I've been meaning to take pam_ssh out of the base system for a while now. 
Finally do it.
 2001-05-04 03:53:48 +00:00
markm
ac445d2404 Update for (Linux-)PAM 0.75 2001-05-03 10:55:48 +00:00
ru
03fd77f5a8 mdoc(7) police: uppercase document title. 2001-04-18 08:25:26 +00:00
ru
25ef23ac1c MAN[1-9] -> MAN. 2001-03-27 17:27:19 +00:00
jhb
da015457f3 Use a unified libgcc rather than a seperate one for threaded and 
non-threaded programs.  This provides threaded programs with the
needed exception frame symbols.

parts submitted by:	Max Khon <fjoe@iclub.nsu.ru>
PR:	23252
 2001-01-06 18:59:46 +00:00
obrien
9ecd859376 Use a unified libgcc rather than a seperate one for threaded and 
non-threaded programs.  This provides threaded programs with the
needed exception frame symbols.

parts submitted by:	Max Khon <fjoe@iclub.nsu.ru>
PR:	23252
 2001-01-06 06:16:31 +00:00
ru
8ba4187688 Prepare for mdoc(7)NG. 2000-12-29 14:08:20 +00:00
ru
c23c39b3a4 mdoc(7) police: removed history info from the .Os FreeBSD call. 2000-12-14 11:52:05 +00:00