diff --git a/usr.bin/login/login.1 b/usr.bin/login/login.1 index a7e03e6e9ff6..cd3a4435060f 100644 --- a/usr.bin/login/login.1 +++ b/usr.bin/login/login.1 @@ -1,4 +1,4 @@ -.\" $NetBSD: login.1,v 1.24 2004/11/19 18:41:00 wiz Exp $ +.\" $NetBSD: login.1,v 1.25 2005/11/01 15:47:43 christos Exp $ .\" .\" Copyright (c) 1980, 1990, 1993 .\" The Regents of the University of California. All rights reserved. @@ -29,7 +29,7 @@ .\" .\" @(#)login.1 8.2 (Berkeley) 5/5/94 .\" -.Dd November 14, 2004 +.Dd November 1, 2005 .Dt LOGIN 1 .Os .Sh NAME @@ -80,6 +80,8 @@ option, but also indicates to \fBlogin\fR that it should attempt to rewrite an existing kerberos5 credentials cache (specified by the KRB5CCNAME environment variable) after dropping permissions to the user logging in. +This flag is not supported under +.Xr pam 8 . .It Fl f The .Fl f @@ -108,6 +110,8 @@ Require a secure authentication mechanism like or .Tn S/Key to be used. +This flag is not supported under +.Xr pam 8 . .El .Pp If a user other than the superuser attempts to login while the file @@ -180,7 +184,8 @@ makes login quieter .Xr passwd.conf 5 , .Xr utmp 5 , .Xr environ 7 , -.Xr kerberos 8 +.Xr kerberos 8 , +.Xr pam 8 .Sh HISTORY A .Nm diff --git a/usr.bin/login/login_pam.c b/usr.bin/login/login_pam.c index 3c39a16fce8a..54a60f00dae9 100644 --- a/usr.bin/login/login_pam.c +++ b/usr.bin/login/login_pam.c @@ -1,4 +1,4 @@ -/* $NetBSD: login_pam.c,v 1.9 2005/09/21 12:24:11 christos Exp $ */ +/* $NetBSD: login_pam.c,v 1.10 2005/11/01 15:47:43 christos Exp $ */ /*- * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994 @@ -40,7 +40,7 @@ __COPYRIGHT( #if 0 static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94"; #endif -__RCSID("$NetBSD: login_pam.c,v 1.9 2005/09/21 12:24:11 christos Exp $"); +__RCSID("$NetBSD: login_pam.c,v 1.10 2005/11/01 15:47:43 christos Exp $"); #endif /* not lint */ /* @@ -122,9 +122,8 @@ main(int argc, char *argv[]) { extern char **environ; struct stat st; - int ask, ch, cnt, fflag, hflag, pflag, sflag, quietlog, rootlogin; + int ask, ch, cnt, fflag, pflag, quietlog, rootlogin; int auth_passed; - int Fflag; uid_t uid, saved_uid; gid_t saved_gid, saved_gids[NGROUPS_MAX]; int nsaved_gids; @@ -167,7 +166,6 @@ main(int argc, char *argv[]) * login so that it may be placed in utmp/utmpx and wtmp/wtmpx * -a in addition to -h, a server my supply -a to pass the actual * server address. - * -s is used to force use of S/Key or equivalent. */ domain = NULL; if (gethostname(localhost, sizeof(localhost)) < 0) @@ -176,10 +174,10 @@ main(int argc, char *argv[]) domain = strchr(localhost, '.'); localhost[sizeof(localhost) - 1] = '\0'; - Fflag = fflag = hflag = pflag = sflag = 0; + fflag = pflag = 0; have_ss = 0; uid = getuid(); - while ((ch = getopt(argc, argv, "a:Ffh:ps")) != -1) + while ((ch = getopt(argc, argv, "a:fh:p")) != -1) switch (ch) { case 'a': if (uid) { @@ -192,9 +190,6 @@ main(int argc, char *argv[]) sizeof(struct sockaddr_storage), "%a", (void *)&ss); #endif break; - case 'F': - Fflag = 1; - /* FALLTHROUGH */ case 'f': fflag = 1; break; @@ -203,7 +198,6 @@ main(int argc, char *argv[]) errno = EPERM; err(EXIT_FAILURE, "-h option"); } - hflag = 1; if (domain && (p = strchr(optarg, '.')) != NULL && strcasecmp(p, domain) == 0) *p = '\0'; @@ -212,9 +206,6 @@ main(int argc, char *argv[]) case 'p': pflag = 1; break; - case 's': - sflag = 1; - break; default: case '?': usage(); @@ -841,7 +832,7 @@ void usage(void) { (void)fprintf(stderr, - "Usage: %s [-Ffps] [-a address] [-h hostname] [username]\n", + "Usage: %s [-fp] [-a address] [-h hostname] [username]\n", getprogname()); exit(EXIT_FAILURE); }