Commit Graph

148 Commits

Author SHA1 Message Date
wiz
ea548d35a5 Sort options. 2009-05-18 09:37:44 +00:00
lukem
98e5374ccb Remove the \n and tabs from the __COPYRIGHT() strings.
Tweak to use a consistent format.
2008-07-21 14:19:20 +00:00
lukem
050e20c6d5 Be consistent about making USE_PAM!=no be exclusive to USE_SKEY!=no. 2008-04-06 09:54:37 +00:00
christos
327d0b0912 call setprogname(), from Anon Ymous 2008-04-05 15:59:39 +00:00
christos
b4403619e0 bump date. 2007-10-27 18:43:37 +00:00
christos
59604b5887 uncomment the group handling documentation. 2007-10-27 18:42:42 +00:00
christos
3670ce19dd - move grutil code to newgrp.
- enable user:group and :group code.
2007-10-27 15:37:45 +00:00
christos
40a10c757f From Anon Ymous:
- Fix a memory leak in newgrp().  (Noted by ginsbach@.)

- If the new and old groups are the same, addgrp() does nothing so
  exit early.  (Noted by ginsbach@.)

- In newgrp(), if the new group isn't found in the in-core, check the
  group membership list anyway as the in-core list may be full or
  /etc/groups may have been edited since login.  (Requested by
  ginsbach@.)

- Deal with a full in-core group[] array in addgid() rather than
  silently ignoring it and ending up with a group[] array that is
  inconsistent with the current group.

- More explicit error handling in addgroup().
2007-10-27 15:33:25 +00:00
christos
1b946384ef Make the license match to grutil.c 2007-10-18 15:41:50 +00:00
christos
e16da7f1bc Put the proper license on this file, using the newgrp.c one. 2007-10-18 13:04:06 +00:00
christos
40d5720e00 From Anon Ymous:
- general cleanup [e-funcs, lint fixes, exit values, more error checking]
- add the ability to change the primary group group as login:group, or :group
  *disabled*, until it is discussed.
- remove krb4 code since there is no more krb4 code in the tree.
- also make the old su behave like the pam su: su to the same user, does
  not ask for a password.
- split out shared code into a separate file.
2007-10-17 21:05:39 +00:00
tls
4147a3c54a Add new Makefile knob, USE_FORT, which extends USE_SSP by turning on the
FORTIFY_SOURCE feature of libssp, thus checking the size of arguments to
various string and memory copy and set functions (as well as a few system
calls and other miscellany) where known at function entry.  RedHat has
evidently built all "core system packages" with this option for some time.

This option should be used at the top of Makefiles (or Makefile.inc where
this is used for subdirectories) but after any setting of LIB.

This is only useful for userland code, and cannot be used in libc or in
any code which includes the libc internals, because it overrides certain
libc functions with macros.  Some effort has been made to make USE_FORT=yes
work correctly for a full-system build by having the bsd.sys.mk logic
disable the feature where it should not be used (libc, libssp iteself,
the kernel) but no attempt has been made to build the entire system with
USE_FORT and doing so will doubtless expose numerous bugs and misfeatures.

Adjust the system build so that all programs and libraries that are setuid,
directly handle network data (including serial comm data), perform
authentication, or appear likely to have (or have a history of having)
data-driven bugs (e.g. file(1)) are built with USE_FORT=yes by default,
with the exception of libc, which cannot use USE_FORT and thus uses
only USE_SSP by default.  Tested on i386 with no ill results; USE_FORT=no
per-directory or in a system build will disable if desired.
2007-05-28 12:06:17 +00:00
christos
2b91c98c21 remove PAM_DEBUG 2006-07-13 18:18:09 +00:00
mlelstv
bad43188a8 restore elevated priority before launching command in
user context. Fixes PR 33479.
2006-05-14 21:18:31 +00:00
christos
85e611dd01 Goodbye KerberosIV 2006-03-20 04:03:10 +00:00
christos
dcf51e5c6a Use LOGIN_CAP even in the pam case. 2005-12-15 14:03:34 +00:00
christos
04095b6d82 PR/32307: Jason V. Miller: su fails to set umask correctly when using pam
and simulating a full login (-, -d, -l)
2005-12-15 14:01:31 +00:00
hubertf
9df5e26cc9 Give a general description what this command does before going into
all the details.
2005-12-15 05:26:36 +00:00
kleink
99dffcffea Set LOGNAME in the new environment (in addition to USER);
fixes PR bin/30670 from Pavel Cahyna.
2005-07-05 20:15:13 +00:00
wiz
76f0e20b24 Use groff macros instead of troff ones. 2005-06-19 17:34:03 +00:00
wiz
2e770dfdda Drop trailing whitespace. 2005-06-19 17:26:30 +00:00
christos
1246ae1e23 check for pwd != NULL 2005-04-19 03:17:35 +00:00
christos
dac720be4f Update with pam descriptions.
XXX: needs more work.
1. code needs to be added in pam_group.so to handle indirect groups and
   documented.
2. the indirect group description outside before the customization section
   does not work with pam, but could be made to work once [1] is implemented.
2005-04-05 18:46:33 +00:00
he
65525e6df1 Put declaration of pwbuf[] back before any code, so this compiles with
older versions of gcc again.
2005-04-02 16:12:52 +00:00
christos
bbb7e01ae0 - Use the getpw*_r methods.
- KNF.
2005-03-30 01:16:22 +00:00
christos
93bf0b6883 Deal with signals and process groups (from FreeBSD)
Fixes issues with kill -STOP $$ in the su'd shell, and setting up signals
for the child process properly.
2005-03-23 20:02:28 +00:00
he
8e8728c45c Introduce PAM_STATIC_LDADD and PAM_STATIC_DPADD. When compiling
with MKPIC=no, possibly because the target does not support shared
libraries, these include libraries required to resolve all symbols
which end up referenced from PAM-using applications.  The libraries
presently required are -lcrypt, -lrpcsvc and -lutil.

Add use of these variables which are currently set up to use PAM,
so that they compile when MKPIC=no.

Also, in the telnetd case, reorder the order of the libraries, so
that libtelnet.a comes before -ltermcap and -lutil, again to fix
link error when MKPIC=no.

Discussed with thorpej and christos.
2005-03-04 20:41:08 +00:00
christos
c1fe2057f5 Fix unmatched .El warning. 2005-02-28 02:30:54 +00:00
christos
dc9dbb2ac7 Don't wait for any process, just our child. pam sessions can fork other
processes (such as the ssh pam agent handler) and the wrong process ends
up reaped, wreaking havoc.
2005-02-25 21:49:43 +00:00
christos
479c8052bb Add commented out notes on how we support the special compilation options
under pam.
2005-02-01 22:54:33 +00:00
manu
0d884d9738 Remove unneeded \ at the end of line, style 2005-01-18 21:39:11 +00:00
thorpej
c829edc516 Test USE_PAM, not MKPAM. 2005-01-13 00:13:33 +00:00
christos
b2f0c10f07 undo accidental commit with MKPAM=yes 2005-01-12 01:46:03 +00:00
christos
f8b8ae274a Always print pam error in messages 2005-01-12 01:45:32 +00:00
christos
6c0f1bcc27 :x 2005-01-12 01:45:31 +00:00
christos
81b53d0cfa - make LOGIN_CAP mandatory
- eliminate global pamh
- use setusercontext() properly (ideas borrowed from FreeBSD)
- remove stray debugging.

This now works.
2005-01-10 23:33:53 +00:00
christos
6b47b9b52a LOGIN_CAP is mandatory for PAM. 2005-01-10 23:31:34 +00:00
christos
2ef14ae88a Restore su.c to version 1.58, plus minor prototyping. Split pam
into su_pam.c, and turn it off by default in the Makefile until it
is tested and actually works. The current pam version does not set ruid
properly anymore.
2005-01-10 03:11:50 +00:00
manu
d37a5aac85 Rewrite PAMification of su.
- don't try to fallback to plain old authentication. It could lead to unix
  authentication to be used while the administrator wanted to forbid it.
  Moreover, a broken PAM setup can be fixed by just rebooting in single user.
- In order to make the code more readable, make two main(), with and aithout
  PAM.
- Outstanding issues that seem impossible to fix:
  The -K flag die with PAM.
  -c cause PAM credentials to be ignored.
2005-01-09 21:32:38 +00:00
manu
02a0830983 Don't fallback to plain old authentication on "normal" errors such as
authentication failure.
2005-01-08 22:16:23 +00:00
christos
e52488f22f if we are using pam and it succeeded, don't re-initialize kerberos needlessly. 2005-01-08 18:12:35 +00:00
lukem
ed83e0847a add DPADD 2005-01-08 09:54:36 +00:00
christos
68adb09d42 - avoid calling pam_end twice if pam failed in fatal
- make fatal proper macros
- fix typos in comments
- fix logical error initializing pam
XXX: Seems to work now, but the whole process is awkward.
Asking for an ssh passphrase and using this to do unix authentication is wrong.
Falling back to the old style auth is awkward. We should really provide a
pam_rootauth module if we want to support that.
2005-01-08 08:45:53 +00:00
manu
e628e84aaa Add PAM support to su 2005-01-07 22:34:20 +00:00
kleink
7c84af2ef7 Remove a leftover line apparently from rev. 1.17; also from Juha Hyttinen
in PR bin/25347.
2004-04-27 10:26:22 +00:00
cjep
4d862106fe Fix typo (SU_INDIRECT_GROOP -> SU_INDIRECT_GROUP). PR#25347 from
Juha Hyttinen.
2004-04-27 10:12:51 +00:00
jmmv
b635f565e7 Homogenize usage messages: make the 'usage' word all lowercase, as this seems
to be the most common practice in our tree.
2004-01-05 23:23:32 +00:00
dyoung
4758291178 Fix the checkflist for builds without Kerberos 4 (MKKERBEROS4=no)
and without Kerberos 4 & 5 (MKKERBEROS=no). Previously checkflist
complained of missing files.

* move kerberos- and kerberos 4-only files into new flists,
  distrib/sets/lists/*/krb.*

* make the flist generators grok MKKERBEROS{,4} variables

* fix Makefiles which treat MKKERBEROS=no as MKKERBEROS5=no.
  9 out of 10 experts agree that it is ludicrous to build w/
  KERBEROS4 and w/o KERBEROS5.

* fix header files, also, which treat MKKERBEROS=no as MKKERBEROS5=no.

* omit some Kerberos-only subdirectories from the build as
  MKKERBEROS{,4} indicate

(I acknowledge the sentiment that flists are the wrong way to go,
and that the makefiles should produce the metalog directly.  That
sounds to me like the right way to go, but I am not prepared to do
revamp all the makefiles.  While my approach is expedient, it fits
painlessly within the current build architecture until we are
delivered from flist purgatory, and it does not postpone our
delivery. Fair enough?)
2003-12-11 09:46:26 +00:00
atatat
08e63b9e97 Hey, wiz! Doesn't this need a comma? 2003-09-17 05:34:15 +00:00
lha
afad8d1f7c libkrb depends on libdes, patch in private mail from
Harold Gutch logix at foobar franken de
2003-08-23 23:03:42 +00:00