Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
142,924 Commits 606 Branches 0 Tags 3.1 GiB
090e596149
Commit Graph

86 Commits

Author SHA1 Message Date
christos
ba9fdf89e5 Add all the modules to the static pam. This is required, otherwise pam does 
not work on non pic builds because it does not find modules listed in
/etc/pam.d.
 2006-01-20 16:52:55 +00:00
christos
7768338003 Declare what we services provide, otherwise pam assumes that we provide 
everything and this breaks static linking.
 2006-01-20 16:51:15 +00:00
tsarna
9b412b7436 Implement PAM_REFRESH_CRED / PAM_REINITIALIZE_CRED 
support in pam_sm_setcred()

With this and a suitably pam-aware screen locker (eg xscreensaver built
with PAM), you now get the nice Windows-style behavior of having
your tickets refreshed (and tokens, with pam_afslog) when you unlock
your screen.
 2005-09-27 14:38:19 +00:00
wiz
d61c7b6e74 Remove trailing whitespace. Punctuation nits. Use .Nm more. 
Use .An. Sort SEE ALSO.
 2005-09-23 19:56:16 +00:00
tsarna
4019a4212f pam_afslog is used in conjunction with pam_krb5 to obtain AFS tokens and 
create a PAG if necessary.

Especially important for home directories on AFS.
 2005-09-21 14:19:08 +00:00
christos
98785bd85a Get rid of pam debugging. 
XXX: We should do this on the 3.0 branch too.
 2005-08-28 07:41:41 +00:00
matt
ae59c445be Remove CPPFLAGS 2005-04-25 17:21:31 +00:00
matt
51ba88ed0f Add ${DESTDIR}/usr/include/krb5 to CPPFLAGS so <parse_units.h> can be found. 2005-04-25 15:43:34 +00:00
matt
bb1ca526b7 Don't cast the lvalue; cast the rhs instead. 2005-04-25 15:42:46 +00:00
yamt
8c79aa408b s!/var/run/nologin!/etc/nologin!g to match with the code. 2005-04-25 10:24:06 +00:00
christos
b4073cddaf Fix getgrnam -> getgrnam_r 2005-04-19 13:04:38 +00:00
christos
e640241b82 fix getgrnam -> getgrnam_r and add a forgotten getpwnam -> gepwnam_r 
From john nemeth
 2005-04-19 13:04:19 +00:00
lukem
01cf9d0263 Safety boots: don't depend upon getpwnam_r() to set pwd to NULL on all 
failures, especially if we're going to ignore the return result.
 2005-04-19 03:40:16 +00:00
lukem
a767f5ec9c getpw*_r() may return 0 and set pwd==NULL 2005-04-19 03:38:08 +00:00
christos
2a62e4e1ad check for pwd != in getpw*_r functions. 2005-04-19 03:15:34 +00:00
christos
b4eda329f4 Don't print an error if we are doing authentication. 2005-04-05 18:24:17 +00:00
thorpej
59cbc9e205 Use getpwnam_r(). 2005-03-31 15:11:54 +00:00
christos
611fb1aa58 Make S/Key prompt compliant with RFC 2289. Patch supplied by Dave Huang 
in PR bin/23167.
 2005-03-20 16:48:47 +00:00
christos
dbf71d82fb remove debugging printf's 2005-03-17 01:14:40 +00:00
christos
99186ebfc8 Clear the authorization token at the entry of each loop, so that 
we get a chance to re-enter.
 2005-03-17 01:13:59 +00:00
christos
52ffc9e55d remove code to deal with authorized keys. it has no place here. 2005-03-14 23:39:26 +00:00
christos
041bcdce98 Go back to rev-1.5. This is better than what was there before, but I am 
still uncertain about the proper way to dealing what keys to accept.
 2005-03-14 05:45:48 +00:00
christos
56cc440468 Revert previous. This is not the right fix. 2005-03-14 05:40:35 +00:00
christos
adb433f9e5 Do not let keys that are not listed in authorized_keys participate 
in authentication. Problem reported by Maximum Entropy.
 2005-03-14 05:35:23 +00:00
christos
811c70b5c5 Free the prompt response. 2005-03-05 20:33:40 +00:00
christos
a3df4155fc PR/29566: Izumi Tsutsui: login(1) shows wrong last-login-from host 
Caused by improper initialization of struct lastlogx. Code has been
completely restructured, and we also now use pam_prompt() instead of
printf().
cvs: ----------------------------------------------------------------------
 2005-03-05 20:32:41 +00:00
christos
fde63d0ea8 If authentication failed because the user was not in wheel, say so like 
the old su did. From John Nemeth
 2005-03-05 15:39:43 +00:00
he
21b1464ae4 Build openpam_free_envlist as part of libpam, and install it's man 
page.  This is required for ports not yet supporting shared libraries.
 2005-03-03 22:40:49 +00:00
christos
3d37b7e762 Document the no_nested option. 2005-03-03 02:11:49 +00:00
christos
fa02801fbd - Fix the quiet option; use login_cap to determine if we should print or not. 
- Add nested user handling, including a no_nested option to control it.
 2005-03-03 02:11:40 +00:00
wiz
15a3d47d36 Improve wording of the BUGS section to make it easier to understand. 
Ok'd by christos.
 2005-02-28 15:21:25 +00:00
wiz
49d2a708c0 Bump date for previous. Remove trailing whitespace. Sort SEE ALSO. 
Remove superfluous .Pp.
 2005-02-28 10:34:17 +00:00
wiz
e368145667 Bump date for new SECURITY CONSIDERATIONS section. 2005-02-28 10:31:41 +00:00
christos
d747ae24a0 Document that this is broken and not used. 2005-02-28 01:25:01 +00:00
thorpej
a4e3f97482 Add a SECURITY CONSIDERATIONS section. 2005-02-27 21:33:02 +00:00
thorpej
80ea74d85d Add a SECURITY CONSIDRATIONS section. 2005-02-27 21:32:46 +00:00
thorpej
11b55133f0 Add an S/Key PAM module. 2005-02-27 21:01:59 +00:00
christos
901ebd51aa NetBSD does not allow setuid(user) when euid=user, and ruid=0. Change 
the logic for setting the uid/gid/groups for the agent around and also
add error checking. I.e. Don't exec the agent, if we could not set
the proper environment for it. Add a few more debugging lines. Now ssh
authentication works through xdm.
 2005-02-27 01:16:27 +00:00
christos
783ec0bc09 Remove local copy of openpam_free_envlist. 2005-02-26 22:45:52 +00:00
thorpej
55d1dd0979 Place some limits on the creds acquired for password change. Other 
minor cleanup inspired by passwd(1).
 2005-02-26 18:25:28 +00:00
thorpej
b41692728e Use the more familar princ@realm style of password prompt. 2005-02-26 18:10:35 +00:00
thorpej
a2d3bf486f Check for PAM_PRELIM_CHECK and simply do nothing. (Did this even work 
in FreeBSD?)
 2005-02-26 18:03:37 +00:00
wiz
03a04bd58b Add article. 2005-02-26 16:37:46 +00:00
wiz
b055ab330f Sort SEE ALSO. 2005-02-26 16:36:53 +00:00
thorpej
7331ee2083 Merge PAM20050226. 
XXX Hack here until we import OpenPAM Feterita.
 2005-02-26 16:03:58 +00:00
thorpej
4251f117ba Merge PAM20050226. 2005-02-26 15:57:57 +00:00
wiz
cbc550d45c Drop trailing whitespace. 2005-02-26 15:39:50 +00:00
wiz
9b82a3d7c1 Bump date for previous. 2005-02-26 15:39:23 +00:00
thorpej
28836513c3 Remove references to local_pass and nis_pass. Add description of 
passwd_db option of the password management module.
 2005-02-26 15:33:24 +00:00
thorpej
2f6bdc4a7b Minor wording consistency nit. 2005-02-26 15:11:26 +00:00