Update documentation for pam, and don't accept flags that we don't support

anymore.
This commit is contained in:
christos 2005-11-01 15:47:43 +00:00
parent 1421f4d030
commit 4f38beeb43
2 changed files with 14 additions and 18 deletions

View File

@ -1,4 +1,4 @@
.\" $NetBSD: login.1,v 1.24 2004/11/19 18:41:00 wiz Exp $
.\" $NetBSD: login.1,v 1.25 2005/11/01 15:47:43 christos Exp $
.\"
.\" Copyright (c) 1980, 1990, 1993
.\" The Regents of the University of California. All rights reserved.
@ -29,7 +29,7 @@
.\"
.\" @(#)login.1 8.2 (Berkeley) 5/5/94
.\"
.Dd November 14, 2004
.Dd November 1, 2005
.Dt LOGIN 1
.Os
.Sh NAME
@ -80,6 +80,8 @@ option, but also indicates to \fBlogin\fR
that it should attempt to rewrite an existing kerberos5 credentials cache
(specified by the KRB5CCNAME environment variable) after dropping
permissions to the user logging in.
This flag is not supported under
.Xr pam 8 .
.It Fl f
The
.Fl f
@ -108,6 +110,8 @@ Require a secure authentication mechanism like
or
.Tn S/Key
to be used.
This flag is not supported under
.Xr pam 8 .
.El
.Pp
If a user other than the superuser attempts to login while the file
@ -180,7 +184,8 @@ makes login quieter
.Xr passwd.conf 5 ,
.Xr utmp 5 ,
.Xr environ 7 ,
.Xr kerberos 8
.Xr kerberos 8 ,
.Xr pam 8
.Sh HISTORY
A
.Nm

View File

@ -1,4 +1,4 @@
/* $NetBSD: login_pam.c,v 1.9 2005/09/21 12:24:11 christos Exp $ */
/* $NetBSD: login_pam.c,v 1.10 2005/11/01 15:47:43 christos Exp $ */
/*-
* Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994
@ -40,7 +40,7 @@ __COPYRIGHT(
#if 0
static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94";
#endif
__RCSID("$NetBSD: login_pam.c,v 1.9 2005/09/21 12:24:11 christos Exp $");
__RCSID("$NetBSD: login_pam.c,v 1.10 2005/11/01 15:47:43 christos Exp $");
#endif /* not lint */
/*
@ -122,9 +122,8 @@ main(int argc, char *argv[])
{
extern char **environ;
struct stat st;
int ask, ch, cnt, fflag, hflag, pflag, sflag, quietlog, rootlogin;
int ask, ch, cnt, fflag, pflag, quietlog, rootlogin;
int auth_passed;
int Fflag;
uid_t uid, saved_uid;
gid_t saved_gid, saved_gids[NGROUPS_MAX];
int nsaved_gids;
@ -167,7 +166,6 @@ main(int argc, char *argv[])
* login so that it may be placed in utmp/utmpx and wtmp/wtmpx
* -a in addition to -h, a server my supply -a to pass the actual
* server address.
* -s is used to force use of S/Key or equivalent.
*/
domain = NULL;
if (gethostname(localhost, sizeof(localhost)) < 0)
@ -176,10 +174,10 @@ main(int argc, char *argv[])
domain = strchr(localhost, '.');
localhost[sizeof(localhost) - 1] = '\0';
Fflag = fflag = hflag = pflag = sflag = 0;
fflag = pflag = 0;
have_ss = 0;
uid = getuid();
while ((ch = getopt(argc, argv, "a:Ffh:ps")) != -1)
while ((ch = getopt(argc, argv, "a:fh:p")) != -1)
switch (ch) {
case 'a':
if (uid) {
@ -192,9 +190,6 @@ main(int argc, char *argv[])
sizeof(struct sockaddr_storage), "%a", (void *)&ss);
#endif
break;
case 'F':
Fflag = 1;
/* FALLTHROUGH */
case 'f':
fflag = 1;
break;
@ -203,7 +198,6 @@ main(int argc, char *argv[])
errno = EPERM;
err(EXIT_FAILURE, "-h option");
}
hflag = 1;
if (domain && (p = strchr(optarg, '.')) != NULL &&
strcasecmp(p, domain) == 0)
*p = '\0';
@ -212,9 +206,6 @@ main(int argc, char *argv[])
case 'p':
pflag = 1;
break;
case 's':
sflag = 1;
break;
default:
case '?':
usage();
@ -841,7 +832,7 @@ void
usage(void)
{
(void)fprintf(stderr,
"Usage: %s [-Ffps] [-a address] [-h hostname] [username]\n",
"Usage: %s [-fp] [-a address] [-h hostname] [username]\n",
getprogname());
exit(EXIT_FAILURE);
}