325 Commits

Author SHA1 Message Date
kientzle
48517ca7da Back out the "clean_environment()" function from libutil.
Further contemplation has convinced me that this was
not going to really solve the problem of environment-poisoning
without raising serious administrative headaches.  There
must be a better way...
2004-02-29 22:13:28 +00:00
kientzle
7aa85c4e5f Add the clean_environment call to libutil.h also.
MFC after: 2 weeks
2004-02-26 22:44:11 +00:00
kientzle
8b8fb9aae5 Add a clean_environment call to libutil.
This function removes all environment variables except
the ones listed on a "whitelist."

The function accepts two whitelist arguments.
If the first is NULL, a built-in default list will be
used.  This allows callers to get a variety of behaviors:
  * Default screening: provide NULL for both lists
  * Custom screening: provide a custom list for the first argument
  * Modified default screening: provide NULL for first arg,
     list of additional variables to preserve in the second arg

Idea from: Jacques Vidrine

MFC after: 2 weeks
2004-02-26 22:41:47 +00:00
rwatson
ba0d21ac7c Bump the major version on libtuil. libutil now relies on the mac_*
symbols exported by newer versions of libc, and so we want applications
depending on the newer library code to be required to link against the
newer libc.

Discussed with:	scottl, kris, imp
2003-11-12 21:56:07 +00:00
tjr
f2e37a2394 Remove __NETBSD_SYSCALLS. 2003-10-29 10:55:56 +00:00
peter
79a9b01a78 (mostly) Clean up some const warnings here. The code takes some liberties
because it is the originator of various const strings and knows that they
came from malloc.
2003-10-26 03:51:47 +00:00
markm
3f45792057 ANSIfy, WARNSify, CONSTify. Bit of style(9)-ify. 2003-10-18 10:04:16 +00:00
markm
4d1565cf18 Remove a GCC specifig CFLAG. We should be using WARNS=? for this.
WARNS=? is not added here at this point, because I've not tested
it on enough platforms, and I don't want to break builds.
2003-10-18 09:58:39 +00:00
ru
1edcd1b018 mdoc(7): Properly mark C headers. 2003-09-10 19:24:35 +00:00
obrien
372364ee0f style.Makefile(5) 2003-08-18 15:25:39 +00:00
gordon
5901302929 Stage 3 of dynamic root support. Make all the libraries needed to run
binaries in /bin and /sbin installed in /lib. Only the versioned files
reside in /lib, the .so symlink continues to live /usr/lib so the
toolchain doesn't need to be modified.
2003-08-17 08:28:46 +00:00
markm
924232818d Tidy up. Sort headers. 2003-06-14 18:42:37 +00:00
murray
d7153c6134 Backout last commit. It is redundant in -CURRENT.
Pointed out by:	David Schultz
2003-05-05 06:25:03 +00:00
murray
292bedae8d Note that the idletime setting is not enforced.
PR:		docs/40952
MFC After:	3 days
2003-05-04 21:35:41 +00:00
murray
24d926fd08 Document the login-backoff and login-retries capabilities.
PR:		docs/51397
MFC After:	3 days
2003-05-04 06:43:24 +00:00
trhodes
10e8cd48a8 Add vmemoryuse to the list.
PR:		50796
Submitted by:	Dmitry Sivachenko <mitya@cavia.pp.ru>
2003-04-26 15:15:05 +00:00
des
dcecf33e14 Brucify. 2003-04-10 10:26:18 +00:00
des
f514349f09 Correctly detect the case where a password entry was changed while we were
preparing to edit it.

PR:		bin/50563
2003-04-09 18:20:51 +00:00
des
12196b5a56 Apply the correct fix for bin/50679: don't mess around with process groups
or the tty, just block selected signals in the parent like system(3) does.
Many thanks to bde for his assistance in finding the correct solution.

PR:		bin/50679
2003-04-09 16:39:47 +00:00
des
1d2413048f Band-aid for the "^C kills the editor" problem. I haven't yet found the
proper way to fix this.  The way this works is to prepend "exec " to
the editor command to eliminate the "shell in the middle" which prevents
us from properly reawakening the editor after a SIGTSTP.

PR:		bin/50679
2003-04-08 18:04:30 +00:00
charnier
f0ffe0ef9f The .Fn function 2003-03-24 16:02:05 +00:00
das
f1bbc8cde6 Make pw_edit() use /bin/sh to interpret the EDITOR environment
variable.

PR:		48748
Reviewed by:	mike (mentor)
2003-03-17 02:12:55 +00:00
das
ead4a3adcb Re-document unimplemented capabilities that were removed in the last
revision of this file, but note that they are not supported in the
base system.

Requested by:	ache
Reviewed by:	ache, mike (mentor)
2003-03-05 00:21:35 +00:00
das
1b88f49a56 - Document the fact that we now use pam_passwdqc(8) to check
password quality, not login.conf(5).
- Move warnexpire and warnpasswd from the ``Accounting Limits''
  section to ``Authentication'', and nix everything else in the
  former section.  The accounting knobs are not available in
  the base system, and the subset of them available in ports
  should be documented in the ports' manpages.

PR:		47960
Reviewed by:	mike (mentor), doc
2003-03-03 05:09:24 +00:00
ru
8b5b8ec6a7 mdoc(7) police: markup laundry. 2003-02-23 01:47:49 +00:00
ache
5c5994bd15 Now return NULLified struct in case of empty config file
(previous variant return NULL pointer for both empty file case and error case,
so caller can't sense error properly).

It not affect existen programs because property_find() now returns NULL
for both NULL pointer and NULLified struct.
2003-01-27 03:39:33 +00:00
ache
779e19d000 Handle read errors 2003-01-27 03:14:04 +00:00
ache
c60183cc58 Add (unsigned char) cast to ctype macros
Handle NULL return from malloc and strdup
2003-01-19 03:05:01 +00:00
schweikh
86f7487fb6 Fix typos, mostly s/ an / a / where appropriate and a few s/an/and/
Add FreeBSD Id tag where missing.
2002-12-30 21:18:15 +00:00
schweikh
fec6546e12 english(4) police. 2002-12-27 12:15:40 +00:00
chris
a52def4e3f Document the `label' capability.
Approved by:	re
Sponsored by:	DARPA, Network Associates Labs
Obtained from:	TrustedBSD Project
2002-11-22 22:22:10 +00:00
peter
570525a6c7 Oops. Some ut_time stuff slipped through the cracks. These turned out
to be non-fatal due to stack alignment roundups.
2002-11-17 23:46:45 +00:00
rwatson
b942ef4ae6 Add LOGIN_SETMAC to the list of flags that can't be set without class
information, since we rely on the pwd entry to know what MAC labels
to set as part of the login process.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-12 22:30:01 +00:00
sheldonh
9dcd1c6c1d Use "deprecated" instead of "depreciated" where appropriate. 2002-10-30 07:49:11 +00:00
des
e0746634a5 Don't forget to '\n'-terminate new entries. This unbreaks chpass -a.
Submitted by:	joerg
2002-10-29 13:58:42 +00:00
rwatson
7b9f8f277b If LOGIN_SETMAC is set and MAC is enabled in the kernel, then see
if the user has a 'label' entry in their login class.  If so, attempt
to set that label on the process as part of the credential setup.  If
we're unable to parse the label, or unable to set the label, fail.
In the future, we may also want to warn if a label is set but the
kernel doesn't support MAC.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-23 03:17:22 +00:00
peter
0a7f0ba37e Zap now-unused SHLIB_MINOR 2002-09-28 00:25:32 +00:00
charnier
4966efff7b Replace various spelling with FALLTHROUGH which is lint()able 2002-08-25 13:10:45 +00:00
rwatson
672aa78ecb Add LOGIN_SETMAC, which will indicate to the user context management code
that it should also set the user's default MAC label, if available and
permitted.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-16 02:14:21 +00:00
rwatson
c455dcde64 Whitespace cleanup--it's not style(9), but it is consistent. Prep
for MAC-related commits to the login infrastructure.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-11 01:48:43 +00:00
ru
dd72b72c9a mdoc(7) police: spelling. 2002-08-09 12:08:47 +00:00
ache
47681d4a8a Add additional field 'overwrite' to login_vars. It mainly needed to handle
"term" according to manpage, i.e. not overwrite it, if already present in
environment.
2002-06-28 14:45:30 +00:00
sobomax
43c345ecb4 Backout previous delta (addition of -I${.CURDIR}/../../sys).
Submitted by:	bde
2002-06-26 13:25:23 +00:00
sobomax
d2858dfb8c Add -I${.CURDIR}/../../sys into CFLAGS, which should fix the world broken
by RLIMIT_VMEM addition.
2002-06-26 10:33:10 +00:00
dillon
f3f62e5297 Add documentation for vmemoryuse 2002-06-26 03:58:31 +00:00
dillon
90195bf296 Make libutil aware of vmemoryuse in its login.conf cap processing (aka
sshd, /usr/bin/login, etc)
2002-06-26 03:54:18 +00:00
n_hibma
e8868912eb Be more clear in error messages.
Distinguish between a held lock and a failed lock op.

If rpc.lockd is not running on a diskless client this makes clearer
what the problem is.
2002-06-23 19:23:46 +00:00
ume
41a722805a Return HOSTNAME_INVALIDADDR when reverse lookup is fail.
Submitted by:	Sergey Zorin <sergey@cc.tpu.edu.ru>
2002-06-07 17:25:19 +00:00
wollman
303c628e35 Add used include of <string.h>. 2002-05-30 19:38:07 +00:00
des
0e558b0a7a If no old_pw was passed to pw_copy, compare just the name.
Sponsored by:	DARPA, NAI Labs
2002-05-08 14:52:32 +00:00