Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
206,347 Commits 606 Branches 0 Tags 3.1 GiB
8f5455bf91
Commit Graph

161 Commits

Author SHA1 Message Date
christos
50873dad9c bump date 2007-03-10 18:31:42 +00:00
christos
6ccceec0a3 tyop 2007-03-10 18:31:07 +00:00
christos
33aa8ab0d0 off by one, reported by jukka salmi. 2007-03-10 18:30:45 +00:00
christos
476933786a PR/35968: Jukka Salmi: add option to pam_krb5(8) to request renewable tickets 2007-03-10 17:47:21 +00:00
hubertf
4d49175215 Remove unneeded #include of <libgen.h> 
From: Slava Semushin <php-coder@altlinux.ru>
 2007-03-09 23:44:50 +00:00
christos
4ed3eb7f90 init the syslog data. 2006-11-03 18:55:40 +00:00
christos
e76ecd93c1 use the re-entrant syslog functions so that we don't depend on the syslog 
settings of the calling program.
 2006-11-03 18:04:20 +00:00
christos
105f63f965 don't include syslog.h if you are not going to use it. 2006-11-03 18:03:23 +00:00
dogcow
f35a70b511 new ssh import requires another include 2006-09-29 04:56:04 +00:00
jnemeth
74cf788741 PR/30730 force changing password via chsh fails 
PR/33502 password aging not working
copy old_pwd to new_pwd before modifying
 2006-05-30 19:48:07 +00:00
christos
d49dbefade Coverity CID 3783: Fix uninit variable. 2006-05-25 15:27:35 +00:00
christos
4d02435f76 Coverity CID 3677: Plug memory leak 2006-05-23 00:58:42 +00:00
christos
ad04b86013 Remove old kerberos library (Jukka Salmi) 2006-03-20 21:22:40 +00:00
christos
85e611dd01 Goodbye KerberosIV 2006-03-20 04:03:10 +00:00
christos
6b8123e7e5 Coverity CID 1909: Prevent memory leak. 2006-03-19 21:21:18 +00:00
christos
e5d241d0e4 Coverity CID 2480: Move variable initialization higher up to prevent 
uninitialized access during error cleanup.
 2006-03-19 21:15:21 +00:00
christos
81cd8f57a4 Coverity CID 2481: Move initialization of variable higher up to prevent 
uninitialized access in error path.
 2006-03-19 21:11:28 +00:00
christos
082737ff51 Coverity CID 2595: Don't call cc_destroy after cc_close because cc_close 
free's the second argument.
 2006-03-19 21:07:55 +00:00
jnemeth
0c47a67596 Fix coverity run 5, issue 2018 -- memory leak. 
Approved by christos.
 2006-03-19 06:52:26 +00:00
jnemeth
216a33af30 Fix Coverity run 5, issue 2022 -- memory leak. 
Approved by christos@.
 2006-03-18 10:53:17 +00:00
jnemeth
f358706242 Fix Coverity run 5, issue 2498 -- uninitialized variable 
Fix Coverity run 5, issue 707 -- unreachable code
Approved by Christos.
 2006-03-18 10:06:16 +00:00
jnemeth
9804398129 PR/30923: Zafer Aydogan: pam too verbose 
Syslog root login failures on insecure terminals.

Approved by christos@.
 2006-03-06 23:08:20 +00:00
christos
e551462e89 PR/32870: Johan Veenhuizen: login(1) does not obey .hushlogin 2006-02-19 00:12:36 +00:00
bouyer
5cd3d133bf Use the class of the user, not then default class, when checking for 
nologin and ignorelogin login.conf(5) capabilities.
 2006-02-15 20:28:32 +00:00
christos
e531452f6f define where the dynamic modules go. 2006-02-05 02:38:25 +00:00
christos
ba9fdf89e5 Add all the modules to the static pam. This is required, otherwise pam does 
not work on non pic builds because it does not find modules listed in
/etc/pam.d.
 2006-01-20 16:52:55 +00:00
christos
7768338003 Declare what we services provide, otherwise pam assumes that we provide 
everything and this breaks static linking.
 2006-01-20 16:51:15 +00:00
tsarna
9b412b7436 Implement PAM_REFRESH_CRED / PAM_REINITIALIZE_CRED 
support in pam_sm_setcred()

With this and a suitably pam-aware screen locker (eg xscreensaver built
with PAM), you now get the nice Windows-style behavior of having
your tickets refreshed (and tokens, with pam_afslog) when you unlock
your screen.
 2005-09-27 14:38:19 +00:00
wiz
d61c7b6e74 Remove trailing whitespace. Punctuation nits. Use .Nm more. 
Use .An. Sort SEE ALSO.
 2005-09-23 19:56:16 +00:00
tsarna
4019a4212f pam_afslog is used in conjunction with pam_krb5 to obtain AFS tokens and 
create a PAG if necessary.

Especially important for home directories on AFS.
 2005-09-21 14:19:08 +00:00
christos
98785bd85a Get rid of pam debugging. 
XXX: We should do this on the 3.0 branch too.
 2005-08-28 07:41:41 +00:00
matt
ae59c445be Remove CPPFLAGS 2005-04-25 17:21:31 +00:00
matt
51ba88ed0f Add ${DESTDIR}/usr/include/krb5 to CPPFLAGS so <parse_units.h> can be found. 2005-04-25 15:43:34 +00:00
matt
bb1ca526b7 Don't cast the lvalue; cast the rhs instead. 2005-04-25 15:42:46 +00:00
yamt
8c79aa408b s!/var/run/nologin!/etc/nologin!g to match with the code. 2005-04-25 10:24:06 +00:00
christos
b4073cddaf Fix getgrnam -> getgrnam_r 2005-04-19 13:04:38 +00:00
christos
e640241b82 fix getgrnam -> getgrnam_r and add a forgotten getpwnam -> gepwnam_r 
From john nemeth
 2005-04-19 13:04:19 +00:00
lukem
01cf9d0263 Safety boots: don't depend upon getpwnam_r() to set pwd to NULL on all 
failures, especially if we're going to ignore the return result.
 2005-04-19 03:40:16 +00:00
lukem
a767f5ec9c getpw*_r() may return 0 and set pwd==NULL 2005-04-19 03:38:08 +00:00
christos
2a62e4e1ad check for pwd != in getpw*_r functions. 2005-04-19 03:15:34 +00:00
christos
b4eda329f4 Don't print an error if we are doing authentication. 2005-04-05 18:24:17 +00:00
thorpej
59cbc9e205 Use getpwnam_r(). 2005-03-31 15:11:54 +00:00
christos
611fb1aa58 Make S/Key prompt compliant with RFC 2289. Patch supplied by Dave Huang 
in PR bin/23167.
 2005-03-20 16:48:47 +00:00
christos
dbf71d82fb remove debugging printf's 2005-03-17 01:14:40 +00:00
christos
99186ebfc8 Clear the authorization token at the entry of each loop, so that 
we get a chance to re-enter.
 2005-03-17 01:13:59 +00:00
christos
52ffc9e55d remove code to deal with authorized keys. it has no place here. 2005-03-14 23:39:26 +00:00
christos
041bcdce98 Go back to rev-1.5. This is better than what was there before, but I am 
still uncertain about the proper way to dealing what keys to accept.
 2005-03-14 05:45:48 +00:00
christos
56cc440468 Revert previous. This is not the right fix. 2005-03-14 05:40:35 +00:00
christos
adb433f9e5 Do not let keys that are not listed in authorized_keys participate 
in authentication. Problem reported by Maximum Entropy.
 2005-03-14 05:35:23 +00:00
christos
811c70b5c5 Free the prompt response. 2005-03-05 20:33:40 +00:00
christos
a3df4155fc PR/29566: Izumi Tsutsui: login(1) shows wrong last-login-from host 
Caused by improper initialization of struct lastlogx. Code has been
completely restructured, and we also now use pam_prompt() instead of
printf().
cvs: ----------------------------------------------------------------------
 2005-03-05 20:32:41 +00:00
christos
fde63d0ea8 If authentication failed because the user was not in wheel, say so like 
the old su did. From John Nemeth
 2005-03-05 15:39:43 +00:00
he
21b1464ae4 Build openpam_free_envlist as part of libpam, and install it's man 
page.  This is required for ports not yet supporting shared libraries.
 2005-03-03 22:40:49 +00:00
christos
3d37b7e762 Document the no_nested option. 2005-03-03 02:11:49 +00:00
christos
fa02801fbd - Fix the quiet option; use login_cap to determine if we should print or not. 
- Add nested user handling, including a no_nested option to control it.
 2005-03-03 02:11:40 +00:00
wiz
15a3d47d36 Improve wording of the BUGS section to make it easier to understand. 
Ok'd by christos.
 2005-02-28 15:21:25 +00:00
wiz
49d2a708c0 Bump date for previous. Remove trailing whitespace. Sort SEE ALSO. 
Remove superfluous .Pp.
 2005-02-28 10:34:17 +00:00
wiz
e368145667 Bump date for new SECURITY CONSIDERATIONS section. 2005-02-28 10:31:41 +00:00
christos
d747ae24a0 Document that this is broken and not used. 2005-02-28 01:25:01 +00:00
thorpej
a4e3f97482 Add a SECURITY CONSIDERATIONS section. 2005-02-27 21:33:02 +00:00
thorpej
80ea74d85d Add a SECURITY CONSIDRATIONS section. 2005-02-27 21:32:46 +00:00
thorpej
11b55133f0 Add an S/Key PAM module. 2005-02-27 21:01:59 +00:00
christos
901ebd51aa NetBSD does not allow setuid(user) when euid=user, and ruid=0. Change 
the logic for setting the uid/gid/groups for the agent around and also
add error checking. I.e. Don't exec the agent, if we could not set
the proper environment for it. Add a few more debugging lines. Now ssh
authentication works through xdm.
 2005-02-27 01:16:27 +00:00
christos
783ec0bc09 Remove local copy of openpam_free_envlist. 2005-02-26 22:45:52 +00:00
thorpej
55d1dd0979 Place some limits on the creds acquired for password change. Other 
minor cleanup inspired by passwd(1).
 2005-02-26 18:25:28 +00:00
thorpej
b41692728e Use the more familar princ@realm style of password prompt. 2005-02-26 18:10:35 +00:00
thorpej
a2d3bf486f Check for PAM_PRELIM_CHECK and simply do nothing. (Did this even work 
in FreeBSD?)
 2005-02-26 18:03:37 +00:00
wiz
03a04bd58b Add article. 2005-02-26 16:37:46 +00:00
wiz
b055ab330f Sort SEE ALSO. 2005-02-26 16:36:53 +00:00
thorpej
7331ee2083 Merge PAM20050226. 
XXX Hack here until we import OpenPAM Feterita.
 2005-02-26 16:03:58 +00:00
thorpej
4251f117ba Merge PAM20050226. 2005-02-26 15:57:57 +00:00
wiz
cbc550d45c Drop trailing whitespace. 2005-02-26 15:39:50 +00:00
wiz
9b82a3d7c1 Bump date for previous. 2005-02-26 15:39:23 +00:00
thorpej
28836513c3 Remove references to local_pass and nis_pass. Add description of 
passwd_db option of the password management module.
 2005-02-26 15:33:24 +00:00
thorpej
2f6bdc4a7b Minor wording consistency nit. 2005-02-26 15:11:26 +00:00
thorpej
610505c88f Fix a markup bug and a minor wording consistency nit. 2005-02-26 15:08:54 +00:00
thorpej
5a2161b24e Minor wording consistency nit. 2005-02-26 15:05:25 +00:00
thorpej
9503750ce5 Oops, one more nit. 2005-02-26 15:04:52 +00:00
thorpej
5f604055a2 Minor wording consistency nit. 2005-02-26 15:04:09 +00:00
thorpej
aa2b566306 Wording consistency nits. 2005-02-26 15:02:15 +00:00
thorpej
d7bb9fc4f2 Minor wording consistency nit. 2005-02-26 14:54:25 +00:00
thorpej
0a40f744b4 Make sure to set yppwd.oldpass. 2005-02-26 02:57:32 +00:00
christos
4274cae273 Don't try to build PIC stuff if we cannot do PIC. 2005-02-25 18:26:00 +00:00
wiz
9086769d81 Fix Xref. 2005-02-20 19:39:09 +00:00
wiz
1d07a19af1 <> -> \*[Lt]\*[Gt]. 2005-02-20 19:38:01 +00:00
wiz
b57f6d2615 Sort SEE ALSO. 2005-02-20 19:37:30 +00:00
christos
6683368b82 Add pam_radius. 2005-02-20 00:37:49 +00:00
he
dcdc758deb Introduce a few more temporary variables, in order to avoid an ugly 
double cast in the pam_get_item() invocations.  The double cast
triggered a "discards qualifier" warning/error from gcc 2.95.3, while
trying to fix that by adding "cost" to the "void *" cast produced
a similar warning from gcc 3.3.  This now compiles without warning
with both compilers.

Approved by christos
 2005-02-04 15:11:35 +00:00
wiz
303329913a We have 2005. 2005-02-02 14:34:25 +00:00
wiz
463db6dc4b Sort SEE ALSO, fix an xref, and s/FreeBSD/.Fx/. 2005-02-02 14:33:20 +00:00
christos
1d6e3b563a Add a new option "authenticate" that requires the user to enter his own 
password to login.
 2005-02-01 22:55:11 +00:00
christos
44d1e6097a Re-write to use both utmp and utmpx properly. 2005-02-01 17:54:48 +00:00
manu
08ad2c449b Set correct default for the nologin file: /etc/nologin 
Handle the ignorenologin capability
 2005-01-23 09:45:02 +00:00
christos
c9cb0c3bbd adapt to pw_gensalt() change. 2005-01-12 03:36:12 +00:00
christos
1a791fa81d eliminate the third copy of pwd_gensalt. 2005-01-11 23:23:33 +00:00
manu
d26d1599e6 Missing man page: login.access(5) 2005-01-08 22:56:21 +00:00
christos
a72527f7ce add -DDEBUG to the build for now 2005-01-08 08:39:48 +00:00
lukem
27313362b5 Build & install pam_ssh.so.0 now that libssh is available for use. 2005-01-03 06:15:42 +00:00
lukem
157353df26 Set NOxxx before including <bsd.own.mk>; we can't rely upon ../mod.mk 
in this situation.
 2005-01-03 06:15:02 +00:00
lukem
474dd6daf5 s/ifndef/ifdef/ for __FreeBSD__ 2005-01-03 03:08:40 +00:00