historic behavior (create the default base directory in pw.conf) before
I came up with a better fix for this.
Requested by: nwhitehorn
Approved by: re (kib)
When the basehome does not exist, it creates all intermediate directories as
required, which is logically equivalent to mkdir(1) with -m and -p options.
However, it modifies all intermediate directories, not just the final home
directory unlike mkdir. This problem was introduced in two revisions, i.e.,
r1.59 (SVN r167919) and r1.60 (SVN r168044).
MFC after: 1 month
The size of the username record in utmp files should not influence the
maximum username length. Right now ut_user/ut_name is big enough, so in
this case it's dead code anyway.
Remove pw_getrand() unneded now: arc4random_uniform() is stronger then
pw_getrand()'s MD5 tricks (inactive) and its active version, mixing
arc4random() bytes in one, not make things better at all.
sanity check by invoking "pwd_mkdb -C". However, if this failed it
silently returned success. Fix this so it fails the update operation
instead.
MFC after: 1 week
This makes blowfish password hashes look normal when set using
pw(8)/adduser(8). [1]
- Make it possible to have a '/' in the salt.
PR: 121146 [1]
Submitted by: Jaakko Heinonen [1]
Approved by: rwatson (mentor)
MFC after: 1 month
from a group without the need to perform the same operation by replacing
the existing list via the '-M' option. The '-M' option requires someone
to fetch the existing members with pw, deleting the undesired members from
the list and sending the altered list back to pw.
Approved by: wes (mentor)
MFC after: 5 days
the user's newly created home directory. If omitted, it's derived
from the current umask.
PR: bin/16880, bin/83253 (partially), bin/104248
MFC in: 1 month
-d option was equal to the one already saved and which caused
the pw utility to avoid updating values passed by other options
processed before the -d option in the code path.
Spotted by: Richard Caley <rjc@interactive.co.uk>
data buffering issue that corrupts files if two pw(8)'s run at the
same time as well as changing pw(8) so it uses the same locking
mechanism as PAM, vipw(8), pwd_mkdb(8), etc.
PR: bin/23501
Submitted by: Alex Kapranoff <alex (at) kapran (dot) bitmcnit (dot) bryansk (dot) su>
Approved by: rwatson (mentor)
MFC after: 5 days
or group name (mainly for the benefit of samba). This pretty much rewrites
he pw_checkname() routine, but should work exactly the same except for the
above change, and that error messages are somewhat more informative.
PR: 28733 46890
Inspired by: example patch written by Terry Lambert
Reviewed by: no objections on freebsd-arch and freebsd-current
MFC plans: no plans, but will do if people want it in stable.
This patch explains -F for usershow and groupshow. Because "groupmod
... -F" doesn't do anything, the patch also drops that from groupmod's
command line args.
PR: 35955
Submitted by: Mike DeGraw-Bertsch <mbertsch@radioactivedata.org>
mail, if configured to do so. Some sites have setups where the user's
mail is delivered to their home directory, so sending mail before is
exists didn't work.
PR: 29892
assignment of `l' in `gr_update' to the return value of snprintf. It
claimed to have fixed the case where snprintf returned -1--in fact, it
broke the entire routine. Not setting `l' here causes fileupdate() to
invariably fail with EINVAL because it does its own check to assert
that the parameter isn't -1.
for crypt(3) by now. In any case:
Add crypt_set_format(3) + documentation to -lcrypt.
Add login_setcryptfmt(3) + documentation to -lutil.
Support for switching crypt formats in passwd(8).
Support for switching crypt formats in pw(8).
The simple synopsis is:
edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :)
Reviewed by: peter
This should cause -w's argument not to be ignored in the usermod case,
so it will affect modification of the user's password instead of using
the pw.conf (or internal default=no '*') password method.
PR: bin/11168
functionality when nothing had actually changed; -d changes would
not set the 'something had changed flag'. Actually test for a
change in homedir.
PR: bin/19649
a full reindex in this case to remove the old record. #ifdef -u capability
since this is available on FreeBSD only.
PR: bin/16418
Problem pointed out by: Masachika ISHIZUKA <ishizuka@ish.org>
pw(8) was calling pwd_mkdb -u oldusername instead of newusername, so
the update appears to have failed until the next full pwd_mkdb
syncronization.
PR: bin/16418
happened as it was working around problems elsewhere (ie: binutils/ld
not doing the right thing according to the ELF design). libcrypt has
been adjusted to not need the runtime -lmd. It's still not quite right
(ld is supposed to work damnit) but at least it doesn't impact all the
users of libcrypt in Marcel's cross-build model.
like "pw usermod <name> -m" to work for non-local NIS users; since no attempt
is made to update the password entry, the home directory will be created and
populated as expected without error.
instead of a boolean. This replicated through he front-end sub-functions
relating to add, delete, modify entries in passwd & group files
Errno is now preserved so output of errc()/warnc() will be less obfuscated
by subsequent errors when reporting the problem.
Add more intelligent error handling when attempting to modify/delete NIS
entries with no corresponding local database entry.
[MFC to stable in a couple of weeks to keep both in sync]
The char that the random letters and numbers are being pulled from is
ended with a '\0'. Using sizeof() includes this '\0' in the 'pool' of
possible characters. This patch decrements by one the size so we don't
accidently end the new password prematurly.
and terminate it. This patch ensures passwords will be the correct length of 8,
which is what is implied in the source (but not reflected in the man page).
PR: bin/7817
Reviewed by: Alfred Perlstein <bright@hotjobs.com>
Submitted by: Hiroshi Nishikawa <nis@pluto.dti.ne.jp>
consider it a exit failure if it doesn't work. This means that root
processes can safely get the lock, but normal processes can still use
the 'pw' utility to get information (which may change out from under
them.)
from PR/6787, but allow non-root users to use pw to get password
information. However, this should be safe since the fixes for
disallowing multiple instances from modifying the DB are still intact.
Bug noted by: dima@best.net (Dima Ruban)
run at the same time.
Notes:
The fileupdate function is still somewhat broken. Instead of
returning a failure code if it can't modify the original file it
renames the .new file and continues as though nothing is wrong.
This will cause the lock on the original file to be lost and could
lead to a similar race condition. I left that portion of the code
alone since I feel that the maintainer of the code would have a
better concept of how he wants to handle errors in that function
than I do.
PR: bin/6787
Submitted by: Craig Spannring <cts@internetcds.com>
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.
useradd -m or useradd -D -b are used.
2) Hyphen allowed in username if not first character. Fix trivial
bug in error fmt string.
3) /etc/skeykeys updating changed to do 'inplace' update, commenting
out a username rather than removing it completely.
will handle lines of any length in /etc/group.
2) Fixed bug with usermod -d not updating user's home
directory.
3) Minor formatting display changes/fixes with *show -P.
(/dev/urandom used by default under FreeBSD), and implemented a
"portable" but less secure generator for other systems.
Add display of expiry/password change dates in -P user display.
sysinstall's new User&group menu will use it, hence it's a 2.2
candidate despite of providing new functionality.
Submitted by: David L. Nugent, <davidn@blaze.net.au>
