e551462e89
PR/32870: Johan Veenhuizen: login(1) does not obey .hushlogin
2006-02-19 00:12:36 +00:00
5cc6a637b8
Prefer mdoc markup to roff.
2005-11-08 18:54:15 +00:00
07006c8815
Remove trailing whitespace.
2005-11-08 17:59:45 +00:00
4f38beeb43
Update documentation for pam, and don't accept flags that we don't support
...
anymore.
2005-11-01 15:47:43 +00:00
c9f5645213
use getgrnam_r; from Jon Nemeth
2005-09-21 12:24:11 +00:00
0e46a38f38
Terminate variable argument list with NULL, not 0.
2005-04-25 01:33:03 +00:00
9830ed3053
Safety boots: don't depend upon getpwnam_r() to set pwd to NULL on all
...
failures, especially as we're ignoring the return result.
2005-04-19 03:40:58 +00:00
cc3c0f2c9c
Don't report that we don't know the username. We don't want to give out
...
more information that we need to.
2005-04-03 06:56:39 +00:00
13f609d284
- use getpwnam_r
...
- KNF
2005-03-30 01:30:21 +00:00
f9774bdb30
Add a colon before %m in calls to syslog(3) for consistency with other
...
messages in this same file and in many other tools.
2005-03-29 17:00:21 +00:00
f4d67200a3
Make S/Key prompt compliant with RFC 2289. Patch supplied by Dave Huang
...
in PR bin/23167.
2005-03-20 13:20:07 +00:00
8e8728c45c
Introduce PAM_STATIC_LDADD and PAM_STATIC_DPADD. When compiling
...
with MKPIC=no, possibly because the target does not support shared
libraries, these include libraries required to resolve all symbols
which end up referenced from PAM-using applications. The libraries
presently required are -lcrypt, -lrpcsvc and -lutil.
Add use of these variables which are currently set up to use PAM,
so that they compile when MKPIC=no.
Also, in the telnetd case, reorder the order of the libraries, so
that libtelnet.a comes before -ltermcap and -lutil, again to fix
link error when MKPIC=no.
Discussed with thorpej and christos.
2005-03-04 20:41:08 +00:00
3f0344e8e8
1. Restore missing tty action.
...
2. Pass the nested user name to pam.
3. always try to fill in sockaddr.
2005-03-03 02:06:16 +00:00
10cd3dcdb4
- use F_CLOSEM instead of walking the fd list
...
- determine pty name properly for ptyfs ptys
- use setproctitle(NULL) to kill our args
2005-02-28 16:13:02 +00:00
70a8501f05
- deal with ptyfs pty names.
...
- put back chown pty code.
- use setproctitle(NULL) to kill our argument display.
- don't wait for any pid, just the one we forked.
2005-02-28 16:11:36 +00:00
c641ee7f72
Add setting of PAM_SOCKADDR.
2005-02-01 17:57:16 +00:00
3113fa979d
Add PAM support to login(8)
2005-01-23 09:47:43 +00:00
a35b6d287f
Kill __P(), ANSIfy, remove main() prototype, whitespace; WARNS=2
2005-01-20 15:41:14 +00:00
61ae8d8c7b
Kill __P() and ANSIfy, ok christos.
2005-01-12 05:34:23 +00:00
c2e518e56e
Only include Kerberos 4 headers when compiling in a Kerberos enviroment
...
From Jukka Salmi in NetBSD PR misc/28727
2004-12-22 01:28:56 +00:00
a65671d259
Remove some whitespace.
2004-11-19 18:41:00 +00:00
4a9bb0c8f3
Add a -a option to pass the host address of the host we logged in from in
...
addition to the host name. This option is needed by programs suchs as
telnetd, because at the point they invoke login, they already have opened
a pty, and the stdin of login is no longer the socket connected to the
remote host. In addition don't chop the hostname up to the first dot if
the domain matches. These practices are 70's fashion and they only serve
to lose information. These days we have long enough fields in utmpx and
wtmpx to store the full names.
2004-11-14 18:01:21 +00:00
3408fd1acc
Use getprogname(); add -F to usage. From Kouichirou Hiratsuka in PR 26222.
2004-07-13 11:56:24 +00:00
32e6b841fb
Generate the copyright string from sys/conf/copyright rather than
...
replicating it here. Idea from Simon Burge.
2004-01-05 03:53:10 +00:00
a9866938b5
Welcome to 2004!
2004-01-01 00:00:05 +00:00
4758291178
Fix the checkflist for builds without Kerberos 4 (MKKERBEROS4=no)
...
and without Kerberos 4 & 5 (MKKERBEROS=no). Previously checkflist
complained of missing files.
* move kerberos- and kerberos 4-only files into new flists,
distrib/sets/lists/*/krb.*
* make the flist generators grok MKKERBEROS{,4} variables
* fix Makefiles which treat MKKERBEROS=no as MKKERBEROS5=no.
9 out of 10 experts agree that it is ludicrous to build w/
KERBEROS4 and w/o KERBEROS5.
* fix header files, also, which treat MKKERBEROS=no as MKKERBEROS5=no.
* omit some Kerberos-only subdirectories from the build as
MKKERBEROS{,4} indicate
(I acknowledge the sentiment that flists are the wrong way to go,
and that the makefiles should produce the metalog directly. That
sounds to me like the right way to go, but I am not prepared to do
revamp all the makefiles. While my approach is expedient, it fits
painlessly within the current build architecture until we are
delivered from flist purgatory, and it does not postpone our
delivery. Fair enough?)
2003-12-11 09:46:26 +00:00
53284b73d0
snprintf() terminates string with \0, so there's no need for "sizeof(x)-1".
2003-10-16 05:31:47 +00:00
31fd31ccf7
Make getlastlogx have the pathname to the lastlogx database as first
...
argument, to be consistent with updlastlogx.
Approved by christos, reviewed by kleink.
[The lastlogxname function should not be used any longer.]
2003-08-26 16:48:32 +00:00
afad8d1f7c
libkrb depends on libdes, patch in private mail from
...
Harold Gutch logix at foobar franken de
2003-08-23 23:03:42 +00:00
89aaa1bb64
Move UCB-licensed code from 4-clause to 3-clause licence.
...
Patches provided by Joel Baker in PR 22365, verified by myself.
2003-08-07 11:13:06 +00:00
adeab29eca
include des.h, not kerberosIV/des.h
2003-07-23 20:31:18 +00:00
e63468d8cc
split MKKERBEROS4 from MKKERBEROS. based on work by lha at stacken.kth.se
...
(build confirmed with both MKKERBEROS4=yes and MKKERBEROS4=no)
2003-07-23 08:01:24 +00:00
01b2c2d070
simplify by asprintf/strdup
2003-05-15 00:52:53 +00:00
a3acb5bc30
facilty->facility, from Igor Sobrado in PR 19670
2003-03-29 18:05:29 +00:00
d73e77b28c
Update copyright notice.
2003-01-01 00:00:13 +00:00
9593086444
use strlcpy
2002-11-16 04:34:13 +00:00
e91a21c27c
add DPADD.
2002-10-23 01:25:35 +00:00
7798fe3a64
disallow users from alter log file entries by using "login foo".
...
from xs@kittenz.org
2002-09-25 03:45:32 +00:00
129dc41857
make sure to use %s on printf format string. xs@kittenz.org
2002-09-20 21:01:31 +00:00
2994867f8f
remove debugging message leftover
2002-07-30 14:37:38 +00:00
51de4d82f7
make this compile without SUPPORT_UTMPX
2002-07-27 22:58:07 +00:00
48715dcc0c
Factor out the utmp/wtmp/lastlog updating and add utmpx/wtmpx/lastlogx updating.
...
Both are turned on for now.
2002-07-27 20:10:32 +00:00
9c33b55e7c
Split the notion of building Hesiod, Kerberos, S/key, and YP
...
infrastructure and using that infrastructure in programs.
* MKHESIOD, MKKERBEROS, MKSKEY, and MKYP control building
of the infratsructure (libraries, support programs, etc.)
* USE_HESIOD, USE_KERBEROS, USE_SKEY, and USE_YP control
building of support for using the corresponding API
in various libraries/programs that can use it.
As discussed on tech-toolchain.
2002-03-22 18:10:19 +00:00
4929305fb3
when creating a v4 ticket file, name it after the users uid, not our
...
current (should finally fix bin/13040)
2002-02-20 08:17:17 +00:00
57ff912445
Happy New Year!
2002-01-01 09:27:53 +00:00
2a2aa85a8d
update infrastructure for krb4 1.1 and heimdal 0.4e
2001-09-17 12:34:40 +00:00
66bcd97e0c
implement 5to4 (getting v4 tickets from the v5 ones)
...
from the patch in bin/13040 by lha@stacken.kth.se (slightly modified)
2001-09-10 00:02:29 +00:00
2e8e67fc3f
Sort SEE ALSO section, and correct section for kerberos (1 -> 8).
2001-04-04 09:37:51 +00:00
992d55d2a8
* Use krb5_warn() instead of non-functional com_err().
...
* knf patrol
* De-__P()
2001-01-19 21:55:19 +00:00
d594ce939b
comment or delete text after CPP directives.
2001-01-16 02:50:27 +00:00
8ea781a956
LOG_ODELAY is deprecated. use LOG_ERR for fatal errors
2001-01-10 12:24:38 +00:00
df21faf565
don't need to specify facility LOG_AUTH as it's the default
2001-01-10 12:23:57 +00:00
eb80878b1b
Happy new year!
2001-01-01 20:18:34 +00:00
de67766c6a
Don't strcpy the contents of an environment variable into a fixed-size
...
buffer, use strlcpy instead. Should fix security/11550.
2000-12-05 02:19:23 +00:00
631ff3454c
Replace all calls to 'error_message()' with 'krb5_get_err_text()', since
...
error_message() does not seem to display meaningful information, under
Heimdal.
2000-10-28 03:51:26 +00:00
9b22175a26
Remove INSTALLFLAGS=-fschg, as per change to usr.bin/ssh/ssh/Makefile.
2000-10-18 00:24:18 +00:00
b84b9c883a
Check retrieved TGT against local keytab, if it exists.
2000-09-01 03:12:20 +00:00
d35819d6e3
krb5_get_in_tkt() (called by krb5_get_in_tkt_with_password()) may
...
eventually call krb5_free_principal() via krb5_free_creds_contents(),
(when it succeeds, in particular). Check for the creds.server
already being freed, and don't free it again.
2000-08-09 17:44:18 +00:00
6d7f2da1a1
remove -lvers, it's not used
2000-08-03 22:56:29 +00:00
549a4d9cdc
update build infrastructure for heimdal 0.3a
2000-08-03 04:02:29 +00:00
3b5855e58d
Don't syslog that krb5_init_context() failed if it failed due
...
to Kerberos not being configured on the system.
2000-08-02 16:51:17 +00:00
9e2765e474
If neither Kerberos IV or Kerberos V are configured, don't
...
issue "Warning: no Kerberos tickets issued."
2000-08-02 05:58:35 +00:00
676ddec5ac
skey_keyinfo() returns const.
2000-07-28 16:36:53 +00:00
98987090cb
Fix library order.
2000-07-23 22:23:14 +00:00
682d5ce7b8
Xr passwd.conf
2000-07-11 12:12:53 +00:00
df83a2a3cd
Add MK... variables to enable/disable various aspects of building
...
crypto support into the system. See share/mk/bsd.README for more
a full description.
2000-06-23 06:01:10 +00:00
e7d6b96938
Merge a bunch of things from crypto-us and crypto-intl into basesrc,
...
adding support for Heimdal/KTH Kerberos where easy to do so. Eliminate
bsd.crypto.mk.
There is still a bunch more work to do, but crypto is now more-or-less
fully merged into the base NetBSD distribution.
2000-06-20 06:00:24 +00:00
dbb0b2f74d
Backout login_get_kconf function, because it breaks crypto-intl builds.
...
Keep the variables for setting default behaviour with krb4 and krb5
compiled in, even though they act like constants, to facilitate adding
another preference mechanism later.
2000-06-02 03:01:22 +00:00
39d1e5b7fd
Allow krb5 and krb4 to be compiled in to the same login binary at once,
...
krb5 can request a forwardable TGT,
can get both krb4 and krb5 tickets, if explicitely configured to do so
by the krb5.conf.
2000-05-30 06:56:16 +00:00
1d82270b8c
- For root, if ignorenologin is set in login.conf, don't call
...
checknologin (previously, checknologin is called if ignorenologin is set).
- For non-root user, make ignorenologin take effect.
2000-03-07 14:11:22 +00:00
6dccad067d
Cosmetic changes.
2000-03-07 13:59:19 +00:00
d6bf7fdb89
Move include/kerberosIV/com_err.h to include/com_err.h.
2000-02-14 03:21:02 +00:00
0c25a9e4d1
Patch from assar@netbsd.org to make k5login.c work with both MIT and Heimdal
...
kerberos trees.
2000-02-14 03:17:43 +00:00
b3204d536b
Add login_getpwclass to libutil as convenience function for
...
programs originally for FreeBSD.
Add parsing of "setenv" parameter which can be used to set
up an initial environment on login.
2000-02-04 02:17:14 +00:00
8e380b472c
Removed some fallback cases since that is now done in libutil.
2000-01-22 09:48:52 +00:00
eb1d660e28
Clean up changes a bit.
2000-01-13 12:43:19 +00:00
07053cf7c1
Re-enable login_cap processing, now that a non-existing login.conf
...
won't make it crash. Also make it less noisy in that case.
2000-01-13 06:52:47 +00:00
cfdb7e0720
Ack. Disable login caps, until problems are fixed.
2000-01-13 06:30:31 +00:00
4863ee6f07
Add login.conf capability setting.
2000-01-13 06:17:56 +00:00
7ad9ba975f
copyright year change (thanks cgd) so we emit , 2000 now.
2000-01-07 00:00:37 +00:00
1cda1876da
Fixed 'login in free' warning in kdestroy().
1999-12-26 17:47:18 +00:00
5375ac8703
Made login continue without kerberos when there is no krb5.conf present
...
(and KERBEROS5 is defined).
1999-12-05 23:39:11 +00:00
f5241efcfa
make this compile....
1999-08-25 19:58:15 +00:00
ee0dfce003
Make this compile again in an ELF world.
1999-07-30 01:56:49 +00:00
51a96a002f
optionally include CRYPTOPATH Makefile.frag files.
1999-07-20 09:35:18 +00:00
9630ed475e
Use bsd.crypto.mk.
1999-07-12 22:11:37 +00:00
3a4abbe0d1
Kerberos5 changes to login -- now supports forwarded TGTs.
1999-07-12 21:36:10 +00:00
9966d744f2
Don't declare login here. It is declared in <util.h>
1999-06-15 14:19:53 +00:00
9e44e9b578
More and more .Os cleanups. .Os is defined in the tmac.doc-common file,
...
so we shouldn't override it with versions in the manpages. Many more to
come.
1999-03-22 18:16:34 +00:00
0d4599522a
Build domestic login on domestic systems.
...
Incorporated (minor) diff from domestic man page.
1999-03-05 01:07:56 +00:00
8481f548e2
Remove the crypto-related bits until such time as we have a fully-
...
integrated source tree. Export-controlled versions of these are now
built during the domestic build process.
1999-02-18 21:22:51 +00:00
0a35ac96da
Correct documentation of /etc/nologin to note that it does not
...
apply to the superuser, per PR#6328.
Correct some nroff nits in the process.
1999-01-13 10:51:07 +00:00
0c127d7cef
Show year of last login.
1999-01-11 20:20:54 +00:00
0e36738ca6
add copyright 1999
1999-01-06 13:51:09 +00:00
c89a574ffa
Execute ttyaction on termination of rlogind/telnetd sessions.
...
Also, say a little bit about ttyaction in the getty and login manpages.
1998-08-29 17:31:55 +00:00
f670fa10c5
Add { and } to shut up egcs. Reformat the more questionable code.
1998-08-25 20:59:36 +00:00
55ac0c2da3
const poisoning.
1998-07-26 21:58:46 +00:00
95b49ba52b
do _NOT_ use system(3) in setuid programs. KNF.
1998-07-11 08:12:51 +00:00
2beab49a06
- use an array MAXHOSTNAMELEN+1 size to hold hostnames
...
- ensure hostname from gethostname() is nul-terminated in all cases
- minor KNF
- use MAXHOSTNAMELEN over various other values/defines
- be safe will buffers that hold hostnames
1998-07-06 06:45:41 +00:00
3b04f8e0b1
Add .Xr ttyaction 3 per PR#4647
1998-04-10 09:31:55 +00:00
christos