diff --git a/src/libs/util/Makefile b/src/libs/util/Makefile deleted file mode 100644 index a54747609b..0000000000 --- a/src/libs/util/Makefile +++ /dev/null @@ -1,59 +0,0 @@ -# @(#)Makefile 8.1 (Berkeley) 6/4/93 -# $FreeBSD: src/lib/libutil/Makefile,v 1.63 2006/07/27 12:36:46 yar Exp $ - -SHLIBDIR?= /lib - -.include - -LIB= util -SHLIB_MAJOR= 6 - -SRCS= _secure_path.c auth.c fparseln.c humanize_number.c kld.c login.c \ - login_auth.c login_cap.c login_class.c login_crypt.c login_ok.c \ - login_times.c login_tty.c logout.c logwtmp.c \ - pidfile.c property.c pty.c pw_util.c realhostname.c stub.c \ - trimdomain.c uucplock.c -INCS= libutil.h login_cap.h - -CFLAGS+= -DLIBC_SCCS - -.if ${MK_INET6_SUPPORT} != "no" -CFLAGS+= -DINET6 -.endif - -CFLAGS+= -I${.CURDIR} -I${.CURDIR}/../libc/gen/ - -MAN+= kld.3 login.3 login_auth.3 login_tty.3 logout.3 logwtmp.3 pty.3 \ - login_cap.3 login_class.3 login_times.3 login_ok.3 \ - _secure_path.3 uucplock.3 property.3 auth.3 realhostname.3 \ - realhostname_sa.3 trimdomain.3 fparseln.3 humanize_number.3 \ - pidfile.3 -MAN+= login.conf.5 auth.conf.5 -MLINKS+= kld.3 kld_isloaded.3 kld.3 kld_load.3 -MLINKS+= property.3 properties_read.3 property.3 properties_free.3 -MLINKS+= property.3 property_find.3 -MLINKS+= auth.3 auth_getval.3 -MLINKS+= pty.3 openpty.3 pty.3 forkpty.3 -MLINKS+=login_cap.3 login_getclassbyname.3 login_cap.3 login_close.3 \ - login_cap.3 login_getclass.3 login_cap.3 login_getuserclass.3 \ - login_cap.3 login_getcapstr.3 login_cap.3 login_getcaplist.3 \ - login_cap.3 login_getstyle.3 login_cap.3 login_getcaptime.3 \ - login_cap.3 login_getcapnum.3 login_cap.3 login_getcapsize.3 \ - login_cap.3 login_getcapbool.3 login_cap.3 login_getpath.3 \ - login_cap.3 login_getpwclass.3 login_cap.3 login_setcryptfmt.3 -MLINKS+=login_class.3 setusercontext.3 login_class.3 setclasscontext.3 \ - login_class.3 setclassenvironment.3 login_class.3 setclassresources.3 -MLINKS+=login_times.3 parse_lt.3 login_times.3 in_ltm.3 \ - login_times.3 in_lt.3 login_times.3 in_ltms.3 \ - login_times.3 in_lts.3 -MLINKS+=login_ok.3 auth_ttyok.3 login_ok.3 auth_hostok.3 \ - login_ok.3 auth_timeok.3 -MLINKS+=login_auth.3 auth_checknologin.3 login_auth.3 auth_cat.3 -MLINKS+=uucplock.3 uu_lock.3 uucplock.3 uu_lock_txfr.3 \ - uucplock.3 uu_unlock.3 uucplock.3 uu_lockerr.3 -MLINKS+=pidfile.3 pidfile_open.3 \ - pidfile.3 pidfile_write.3 \ - pidfile.3 pidfile_close.3 \ - pidfile.3 pidfile_remove.3 - -.include diff --git a/src/libs/util/_secure_path.3 b/src/libs/util/_secure_path.3 deleted file mode 100644 index 7efb511279..0000000000 --- a/src/libs/util/_secure_path.3 +++ /dev/null @@ -1,75 +0,0 @@ -.\" Copyright (c) 1997 David Nugent -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, is permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice immediately at the beginning of the file, without modification, -.\" this list of conditions, and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. This work was done expressly for inclusion into FreeBSD. Other use -.\" is permitted provided this notation is included. -.\" 4. Absolutely no warranty of function or purpose is made by the author -.\" David Nugent. -.\" 5. Modifications may be freely made to this file providing the above -.\" conditions are met. -.\" -.\" $FreeBSD: src/lib/libutil/_secure_path.3,v 1.13 2005/01/20 09:17:07 ru Exp $ -.\" -.Dd May 2, 1997 -.Os -.Dt _SECURE_PATH 3 -.Sh NAME -.Nm _secure_path -.Nd determine if a file appears to be secure -.Sh LIBRARY -.Lb libutil -.Sh SYNOPSIS -.In sys/types.h -.In libutil.h -.Ft int -.Fn _secure_path "const char *path" "uid_t uid" "gid_t gid" -.Sh DESCRIPTION -This function does some basic security checking on a given path. -It is intended to be used by processes running with root privileges -in order to decide whether or not to trust the contents of a given -file. -It uses a method often used to detect system compromise. -.Pp -A file is considered -.Sq secure -if it meets the following conditions: -.Bl -enum -.It -The file exists, and is a regular file (not a symlink, device -special or named pipe, etc.), -.It -Is not world writable. -.It -Is owned by the given uid or uid 0, if uid is not -1, -.It -Is not group writable or it has group ownership by the given -gid, if gid is not -1. -.El -.Sh RETURN VALUES -This function returns zero if the file exists and may be -considered secure, -2 if the file does not exist, and --1 otherwise to indicate a security failure. -The -.Xr syslog 3 -function is used to log any failure of this function, including the -reason, at LOG_ERR priority. -.Sh SEE ALSO -.Xr lstat 2 , -.Xr syslog 3 -.Sh HISTORY -Code from which this function was derived was contributed to the -.Fx -project by Berkeley Software Design, Inc. -.Sh BUGS -The checks carried out are rudimentary and no attempt is made -to eliminate race conditions between use of this function and -access to the file referenced. diff --git a/src/libs/util/_secure_path.c b/src/libs/util/_secure_path.c deleted file mode 100644 index 1fb1bed3ea..0000000000 --- a/src/libs/util/_secure_path.c +++ /dev/null @@ -1,74 +0,0 @@ -/*- - * Based on code copyright (c) 1995,1997 by - * Berkeley Software Design, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, is permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice immediately at the beginning of the file, without modification, - * this list of conditions, and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. This work was done expressly for inclusion into FreeBSD. Other use - * is permitted provided this notation is included. - * 4. Absolutely no warranty of function or purpose is made by the authors. - * 5. Modifications may be freely made to this file providing the above - * conditions are met. - */ - -#include -__FBSDID("$FreeBSD: src/lib/libutil/_secure_path.c,v 1.9 2004/12/18 12:31:12 ru Exp $"); - -#include -#include - -#include -#include -#include -#include - -/* - * Check for common security problems on a given path - * It must be: - * 1. A regular file, and exists - * 2. Owned and writable only by root (or given owner) - * 3. Group ownership is given group or is non-group writable - * - * Returns: -2 if file does not exist, - * -1 if security test failure - * 0 otherwise - */ - -int -_secure_path(const char *path, uid_t uid, gid_t gid) -{ - int r = -1; - struct stat sb; - const char *msg = NULL; - - if (lstat(path, &sb) < 0) { - if (errno == ENOENT) /* special case */ - r = -2; /* if it is just missing, skip the log entry */ - else - msg = "%s: cannot stat %s: %m"; - } - else if (!S_ISREG(sb.st_mode)) - msg = "%s: %s is not a regular file"; - else if (sb.st_mode & S_IWOTH) - msg = "%s: %s is world writable"; - else if ((int)uid != -1 && sb.st_uid != uid && sb.st_uid != 0) { - if (uid == 0) - msg = "%s: %s is not owned by root"; - else - msg = "%s: %s is not owned by uid %d"; - } else if ((int)gid != -1 && sb.st_gid != gid && (sb.st_mode & S_IWGRP)) - msg = "%s: %s is group writeable by non-authorised groups"; - else - r = 0; - if (msg != NULL) - syslog(LOG_ERR, msg, "_secure_path", path, uid); - return r; -} diff --git a/src/libs/util/auth.3 b/src/libs/util/auth.3 deleted file mode 100644 index 241f1f101b..0000000000 --- a/src/libs/util/auth.3 +++ /dev/null @@ -1,56 +0,0 @@ -.\" -.\" Copyright (c) 1998 Jordan Hubbard -.\" -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $FreeBSD: src/lib/libutil/auth.3,v 1.10 2005/01/20 09:17:07 ru Exp $ -.\" " -.Dd October 7, 1998 -.Os -.Dt AUTH_GETVAL 3 -.Sh NAME -.Nm auth_getval -.Nd functions for reading values from -.Pa /etc/auth.conf -.Sh LIBRARY -.Lb libutil -.Sh SYNOPSIS -.In sys/types.h -.In libutil.h -.Ft char * -.Fn auth_getval "const char *name" -.Sh DESCRIPTION -The function -.Fn auth_getval -returns the value associated with the field called -.Fa name -or NULL if no such field is found or the auth file cannot be opened. -.Sh FILES -.Pa /etc/auth.conf -contains the name=value pairs looked up by -.Fn auth_getval . -.Sh SEE ALSO -.Xr properties_free 3 , -.Xr properties_read 3 , -.Xr property_find 3 , -.Xr auth.conf 5 diff --git a/src/libs/util/auth.c b/src/libs/util/auth.c deleted file mode 100644 index 2028a17f66..0000000000 --- a/src/libs/util/auth.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Simple authentication database handling code. - * - * Copyright (c) 1998 - * Jordan Hubbard. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer, - * verbatim and that no modifications are made prior to this - * point in the file. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR HIS PETS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, LIFE OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD: src/lib/libutil/auth.c,v 1.6 2003/06/14 18:42:37 markm Exp $"); - -#include -#include -#include -#include -#include -#include - -static properties P; - -static int -initauthconf(const char *path) -{ - int fd; - - if (!P) { - if ((fd = open(path, O_RDONLY)) < 0) { - syslog(LOG_ERR, "initauthconf: unable to open file: %s", path); - return 1; - } - P = properties_read(fd); - close(fd); - if (!P) { - syslog(LOG_ERR, "initauthconf: unable to parse file: %s", path); - return 1; - } - } - return 0; -} - -char * -auth_getval(const char *name) -{ - if (!P && initauthconf(_PATH_AUTHCONF)) - return NULL; - else - return property_find(P, name); -} diff --git a/src/libs/util/auth.conf.5 b/src/libs/util/auth.conf.5 deleted file mode 100644 index a64868c2c2..0000000000 --- a/src/libs/util/auth.conf.5 +++ /dev/null @@ -1,35 +0,0 @@ -.\" Copyright (c) 1998 Jordan Hubbard -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, is permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice immediately at the beginning of the file, without modification, -.\" this list of conditions, and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" $FreeBSD: src/lib/libutil/auth.conf.5,v 1.8 2005/01/21 12:07:46 ru Exp $ -.\" -.Dd October 7, 1998 -.Dt AUTH.CONF 5 -.Os -.Sh NAME -.Nm auth.conf -.Nd authentication capability database -.Sh SYNOPSIS -.Pa /etc/auth.conf -.Sh DESCRIPTION -.Nm -contains various attributes important to the authentication -code, most notably -.Xr crypt 3 -for the time being. -This documentation will be updated as the -.Pa /etc/auth.conf -file, which is very new, evolves. -.Sh SEE ALSO -.Xr auth_getval 3 , -.Xr crypt 3 diff --git a/src/libs/util/fparseln.3 b/src/libs/util/fparseln.3 deleted file mode 100644 index 482d0a9a3a..0000000000 --- a/src/libs/util/fparseln.3 +++ /dev/null @@ -1,158 +0,0 @@ -.\" $NetBSD: fparseln.3,v 1.7 1999/07/02 15:49:12 simonb Exp $ -.\" $FreeBSD: src/lib/libutil/fparseln.3,v 1.11 2005/01/11 20:50:50 ru Exp $ -.\" -.\" Copyright (c) 1997 Christos Zoulas. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by Christos Zoulas. -.\" 4. The name of the author may not be used to endorse or promote products -.\" derived from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd December 1, 1997 -.Dt FPARSELN 3 -.Os -.Sh NAME -.Nm fparseln -.Nd return the next logical line from a stream -.Sh LIBRARY -.Lb libutil -.Sh SYNOPSIS -.In stdio.h -.In libutil.h -.Ft "char *" -.Fo fparseln -.Fa "FILE *stream" "size_t *len" "size_t *lineno" -.Fa "const char delim[3]" "int flags" -.Fc -.Sh DESCRIPTION -The -.Fn fparseln -function -returns a pointer to the next logical line from the stream referenced by -.Fa stream . -This string is -.Dv NUL -terminated and it is dynamically allocated on each invocation. -It is the -responsibility of the caller to free the pointer. -.Pp -By default, if a character is escaped, both it and the preceding escape -character will be present in the returned string. -Various -.Fa flags -alter this behaviour. -.Pp -The meaning of the arguments is as follows: -.Bl -tag -width "lineno" -.It Fa stream -The stream to read from. -.It Fa len -If not -.Dv NULL , -the length of the string is stored in the memory location to which it -points. -.It Fa lineno -If not -.Dv NULL , -the value of the memory location to which is pointed to, is incremented -by the number of lines actually read from the file. -.It Fa delim -Contains the escape, continuation, and comment characters. -If a character is -.Dv NUL -then processing for that character is disabled. -If -.Dv NULL , -all characters default to values specified below. -The contents of -.Fa delim -is as follows: -.Bl -tag -width "delim[0]" -.It Fa delim[0] -The escape character, which defaults to -.Cm \e , -is used to remove any special meaning from the next character. -.It Fa delim[1] -The continuation character, which defaults to -.Cm \e , -is used to indicate that the next line should be concatenated with the -current one if this character is the last character on the current line -and is not escaped. -.It Fa delim[2] -The comment character, which defaults to -.Cm # , -if not escaped indicates the beginning of a comment that extends until the -end of the current line. -.El -.It Fa flags -If non-zero, alter the operation of -.Fn fparseln . -The various flags, which may be -.Em or Ns -ed -together, are: -.Bl -tag -width "FPARSELN_UNESCCOMM" -.It Dv FPARSELN_UNESCCOMM -Remove escape preceding an escaped comment. -.It Dv FPARSELN_UNESCCONT -Remove escape preceding an escaped continuation. -.It Dv FPARSELN_UNESCESC -Remove escape preceding an escaped escape. -.It Dv FPARSELN_UNESCREST -Remove escape preceding any other character. -.It Dv FPARSELN_UNESCALL -All of the above. -.El -.Pp -.El -.Sh RETURN VALUES -Upon successful completion a pointer to the parsed line is returned; -otherwise, -.Dv NULL -is returned. -.Pp -The -.Fn fparseln -function uses internally -.Xr fgetln 3 , -so all error conditions that apply to -.Xr fgetln 3 , -apply to -.Fn fparseln . -In addition -.Fn fparseln -may set -.Va errno -to -.Er ENOMEM -and return -.Dv NULL -if it runs out of memory. -.Sh SEE ALSO -.Xr fgetln 3 -.Sh HISTORY -The -.Fn fparseln -function first appeared in -.Nx 1.4 -and -.Fx 4.0 . diff --git a/src/libs/util/humanize_number.3 b/src/libs/util/humanize_number.3 deleted file mode 100644 index 51eb6e7701..0000000000 --- a/src/libs/util/humanize_number.3 +++ /dev/null @@ -1,151 +0,0 @@ -.\" $NetBSD: humanize_number.3,v 1.4 2003/04/16 13:34:37 wiz Exp $ -.\" $FreeBSD: src/lib/libutil/humanize_number.3,v 1.9 2006/07/15 20:53:36 imp Exp $ -.\" -.\" Copyright (c) 1999, 2002 The NetBSD Foundation, Inc. -.\" All rights reserved. -.\" -.\" This code is derived from software contributed to The NetBSD Foundation -.\" by Luke Mewburn and by Tomas Svensson. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the NetBSD -.\" Foundation, Inc. and its contributors. -.\" 4. Neither the name of The NetBSD Foundation nor the names of its -.\" contributors may be used to endorse or promote products derived -.\" from this software without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS -.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED -.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS -.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR -.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF -.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN -.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -.\" POSSIBILITY OF SUCH DAMAGE. -.\" -.Dd May 25, 2004 -.Dt HUMANIZE_NUMBER 3 -.Os -.Sh NAME -.Nm humanize_number -.Nd format a number into a human readable form -.Sh LIBRARY -.Lb libutil -.Sh SYNOPSIS -.In libutil.h -.Ft int -.Fo humanize_number -.Fa "char *buf" "size_t len" "int64_t number" "const char *suffix" -.Fa "int scale" "int flags" -.Fc -.Sh DESCRIPTION -The -.Fn humanize_number -function formats the signed 64-bit quantity given in -.Fa number -into -.Fa buffer . -A space and then -.Fa suffix -is appended to the end. -The buffer pointed to by -.Fa buffer -must be at least -.Fa len -bytes long. -.Pp -If the formatted number (including -.Fa suffix ) -would be too long to fit into -.Fa buffer , -then divide -.Fa number -by 1024 until it will. -In this case, prefix -.Fa suffix -with the appropriate SI designator. -.Nm -follows the traditional computer science conventions rather than the proposed -SI power of two convention. -.Pp -The prefixes are: -.Bl -column "Prefix" "Description" "1000000000000000000" -offset indent -.It Sy "Prefix" Ta Sy "Description" Ta Sy "Multiplier" Ta Sy "Multiplier 1000x" -.It Li k Ta No kilo Ta 1024 Ta 1000 -.It Li M Ta No mega Ta 1048576 Ta 1000000 -.It Li G Ta No giga Ta 1073741824 Ta 1000000000 -.It Li T Ta No tera Ta 1099511627776 Ta 1000000000000 -.It Li P Ta No peta Ta 1125899906842624 Ta 1000000000000000 -.It Li E Ta No exa Ta 1152921504606846976 Ta 1000000000000000000 -.El -.Pp -The -.Fa len -argument must be at least 4 plus the length of -.Fa suffix , -in order to ensure a useful result is generated into -.Fa buffer . -To use a specific prefix, specify this as -.Fa scale -(multiplier = 1024 ^ scale). -This cannot be combined with any of the -.Fa scale -flags below. -.Pp -The following flags may be passed in -.Fa scale : -.Bl -tag -width ".Dv HN_DIVISOR_1000" -offset indent -.It Dv HN_AUTOSCALE -Format the buffer using the lowest multiplier possible. -.It Dv HN_GETSCALE -Return the prefix index number (the number of times -.Fa number -must be divided to fit) instead of formatting it to the buffer. -.El -.Pp -The following flags may be passed in -.Fa flags : -.Bl -tag -width ".Dv HN_DIVISOR_1000" -offset indent -.It Dv HN_DECIMAL -If the final result is less than 10, display it using one digit. -.It Dv HN_NOSPACE -Do not put a space between -.Fa number -and the prefix. -.It Dv HN_B -Use -.Ql B -(bytes) as prefix if the original result does not have a prefix. -.It Dv HN_DIVISOR_1000 -Divide -.Fa number -with 1000 instead of 1024. -.El -.Sh RETURN VALUES -The -.Fn humanize_number -function returns the number of characters stored in -.Fa buffer -(excluding the terminating -.Dv NUL ) -upon success, or \-1 upon failure. -If -.Dv HN_GETSCALE -is specified, the prefix index number will be returned instead. -.Sh HISTORY -The -.Fn humanize_number -function first appeared in -.Nx 2.0 . diff --git a/src/libs/util/humanize_number.c b/src/libs/util/humanize_number.c deleted file mode 100644 index f7055a6c54..0000000000 --- a/src/libs/util/humanize_number.c +++ /dev/null @@ -1,148 +0,0 @@ -/* $NetBSD: humanize_number.c,v 1.8 2004/07/27 01:56:24 enami Exp $ */ - -/* - * Copyright (c) 1997, 1998, 1999, 2002 The NetBSD Foundation, Inc. - * All rights reserved. - * - * This code is derived from software contributed to The NetBSD Foundation - * by Jason R. Thorpe of the Numerical Aerospace Simulation Facility, - * NASA Ames Research Center, by Luke Mewburn and by Tomas Svensson. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the NetBSD - * Foundation, Inc. and its contributors. - * 4. Neither the name of The NetBSD Foundation nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS - * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED - * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS - * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - * POSSIBILITY OF SUCH DAMAGE. - */ - -#include -__FBSDID("$FreeBSD: src/lib/libutil/humanize_number.c,v 1.2 2004/09/25 14:11:34 pjd Exp $"); - -#include -#include -#include -#include -#include -#include -#include - -int -humanize_number(char *buf, size_t len, int64_t bytes, - const char *suffix, int scale, int flags) -{ - const char *prefixes, *sep; - int b, i, r, maxscale, s1, s2, sign; - int64_t divisor, max; - size_t baselen; - - assert(buf != NULL); - assert(suffix != NULL); - assert(scale >= 0); - - if (flags & HN_DIVISOR_1000) { - /* SI for decimal multiplies */ - divisor = 1000; - if (flags & HN_B) - prefixes = "B\0k\0M\0G\0T\0P\0E"; - else - prefixes = "\0\0k\0M\0G\0T\0P\0E"; - } else { - /* - * binary multiplies - * XXX IEC 60027-2 recommends Ki, Mi, Gi... - */ - divisor = 1024; - if (flags & HN_B) - prefixes = "B\0K\0M\0G\0T\0P\0E"; - else - prefixes = "\0\0K\0M\0G\0T\0P\0E"; - } - -#define SCALE2PREFIX(scale) (&prefixes[(scale) << 1]) - maxscale = 7; - - if (scale >= maxscale && - (scale & (HN_AUTOSCALE | HN_GETSCALE)) == 0) - return (-1); - - if (buf == NULL || suffix == NULL) - return (-1); - - if (len > 0) - buf[0] = '\0'; - if (bytes < 0) { - sign = -1; - bytes *= -100; - baselen = 3; /* sign, digit, prefix */ - } else { - sign = 1; - bytes *= 100; - baselen = 2; /* digit, prefix */ - } - if (flags & HN_NOSPACE) - sep = ""; - else { - sep = " "; - baselen++; - } - baselen += strlen(suffix); - - /* Check if enough room for `x y' + suffix + `\0' */ - if (len < baselen + 1) - return (-1); - - if (scale & (HN_AUTOSCALE | HN_GETSCALE)) { - /* See if there is additional columns can be used. */ - for (max = 100, i = len - baselen; i-- > 0;) - max *= 10; - - for (i = 0; bytes >= max && i < maxscale; i++) - bytes /= divisor; - - if (scale & HN_GETSCALE) - return (i); - } else - for (i = 0; i < scale && i < maxscale; i++) - bytes /= divisor; - - /* If a value <= 9.9 after rounding and ... */ - if (bytes < 995 && i > 0 && flags & HN_DECIMAL) { - /* baselen + \0 + .N */ - if (len < baselen + 1 + 2) - return (-1); - b = ((int)bytes + 5) / 10; - s1 = b / 10; - s2 = b % 10; - r = snprintf(buf, len, "%d%s%d%s%s%s", - sign * s1, localeconv()->decimal_point, s2, - sep, SCALE2PREFIX(i), suffix); - } else - r = snprintf(buf, len, "%lld%s%s%s", - /* LONGLONG */ - (long long)(sign * ((bytes + 50) / 100)), - sep, SCALE2PREFIX(i), suffix); - - return (r); -} diff --git a/src/libs/util/kld.3 b/src/libs/util/kld.3 deleted file mode 100644 index b55fdaa808..0000000000 --- a/src/libs/util/kld.3 +++ /dev/null @@ -1,99 +0,0 @@ -.\"- -.\" Copyright (c) 2006 Dag-Erling Coïdan Smørgrav -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" $FreeBSD: src/lib/libutil/kld.3,v 1.2 2006/07/12 14:33:52 maxim Exp $ -.\" -.Dd February 18, 2006 -.Os -.Dt KLD 3 -.Sh NAME -.Nm kld_isloaded , -.Nm kld_load -.Nd kld utility functions -.Sh LIBRARY -.Lb libutil -.Sh SYNOPSIS -.In libutil.h -.Ft int -.Fn kld_isloaded "const char *name" -.Ft int -.Fn kld_load "const char *name" -.Sh DESCRIPTION -These functions facilitate loading kernel modules from userland -applications. -.Pp -The -.Fn kld_isloaded -function takes a name and returns a non-zero value if a module of that -name is currently loaded. -The name can be either the name of a module file -.Po -.Va cpufreq.ko -.Pc , -the same name without the -.Pa .ko -extension -.Po -.Va cpufreq -.Pc , -or the name of a module contained within that file -.Po -.Va cpu/ichss -.Pc . -Only the latter will return correct results if the module is compiled -into the kernel. -.Pp -The -.Fn kld_load -function is a simple wrapper around the -.Fn kldload -function. -It returns zero if and only if the corresponding -.Fn kldload -call succeeded or returned -.Er EEXIST -(signifying that the requested module was already loaded). -.Sh SEE ALSO -.Xr kldfirstmod 2 , -.Xr kldload 2 , -.Xr kldnext 2 , -.Xr kldstat 2 , -.Xr modfnext 2 , -.Xr modstat 2 , -.Xr kld 4 -.Sh HISTORY -The -.Fn kld_isloaded -and -.Fn kld_load -functions first appeared in -.Fx 7.0 . -.Sh AUTHORS -The -.Fn kld_isloaded -and -.Fn kld_load -functions and this manual page were written by -.An Dag-Erling Sm\(/orgrav Aq des@FreeBSD.org . diff --git a/src/libs/util/kld.c b/src/libs/util/kld.c deleted file mode 100644 index 19be8e626e..0000000000 --- a/src/libs/util/kld.c +++ /dev/null @@ -1,76 +0,0 @@ -/*- - * Copyright (c) 2006 Dag-Erling Coïdan Smørgrav - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer - * in this position and unchanged. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD: src/lib/libutil/kld.c,v 1.2 2006/05/25 04:01:04 delphij Exp $ - */ - -#include -#include -#include - -#include -#include -#include - -int -kld_isloaded(const char *name) -{ - struct kld_file_stat fstat; - struct module_stat mstat; - const char *ko; - int fid, mid; - - for (fid = kldnext(0); fid > 0; fid = kldnext(fid)) { - fstat.version = sizeof(fstat); - if (kldstat(fid, &fstat) != 0) - continue; - /* check if the file name matches the supplied name */ - if (strcmp(fstat.name, name) == 0) - return (1); - /* strip .ko and try again */ - if ((ko = strstr(fstat.name, ".ko")) != NULL && - strlen(name) == (size_t)(ko - fstat.name) && - strncmp(fstat.name, name, ko - fstat.name) == 0) - return (1); - /* look for a matching module within the file */ - for (mid = kldfirstmod(fid); mid > 0; mid = modfnext(mid)) { - mstat.version = sizeof(mstat); - if (modstat(mid, &mstat) != 0) - continue; - if (strcmp(mstat.name, name) == 0) - return (1); - } - } - return (0); -} - -int -kld_load(const char *name) -{ - if (kldload(name) == -1 && errno != EEXIST) - return (-1); - return (0); -} diff --git a/src/libs/util/login.3 b/src/libs/util/login.3 deleted file mode 100644 index 70ff01a251..0000000000 --- a/src/libs/util/login.3 +++ /dev/null @@ -1,67 +0,0 @@ -.\" -.\" Copyright (c) 1996 Joerg Wunsch -.\" -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR -.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES -.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT, -.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF -.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -.\" -.\" $FreeBSD: src/lib/libutil/login.3,v 1.10 2004/07/02 23:52:19 ru Exp $ -.\" " -.Dd December 29, 1996 -.Os -.Dt LOGIN 3 -.Sh NAME -.Nm login -.Nd "log a new login record to the utmp and wtmp files" -.Sh LIBRARY -.Lb libutil -.Sh SYNOPSIS -.In sys/types.h -.In utmp.h -.In libutil.h -.Ft void -.Fn login "struct utmp *ut" -.Sh DESCRIPTION -The function -.Fn login -records the -.Ar ut -entry being passed into the appropriate slot of the -.Xr utmp 5 -file, -and appends it to the -.Xr wtmp 5 -file. -The calling process must have permission to write to both files. -.Sh RETURN VALUES -None. -.Sh SEE ALSO -.Xr logout 3 , -.Xr ttyslot 3 , -.Xr utmp 5 , -.Xr wtmp 5 -.Sh BUGS -The interface provided by -.Fn login -is rather crude. -The caller must know about the details of a -.Va struct utmp . -Some better abstraction needs to be worked out. diff --git a/src/libs/util/login.c b/src/libs/util/login.c deleted file mode 100644 index 3a20f45a86..0000000000 --- a/src/libs/util/login.c +++ /dev/null @@ -1,75 +0,0 @@ -/*- - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - - -#include -__FBSDID("$FreeBSD: src/lib/libutil/login.c,v 1.11 2003/10/18 10:04:16 markm Exp $"); - -#if defined(LIBC_SCCS) && !defined(lint) -#if 0 -static char sccsid[] = "@(#)login.c 8.1 (Berkeley) 6/4/93"; -#endif -#endif /* LIBC_SCCS and not lint */ - -#include - -#include -#include -#include -#include -#include -#include -#include - -void -login(struct utmp *ut) -{ - struct ttyent *ty; - int fd; - int tty; - - setttyent(); - for (tty = 1; (ty = getttyent()) != NULL; ++tty) - if (strcmp(ty->ty_name, ut->ut_line) == 0) - break; - endttyent(); - if (tty > 0 && (fd = open(_PATH_UTMP, O_WRONLY|O_CREAT, 0644)) >= 0) { - (void)lseek(fd, (off_t)(tty * sizeof(struct utmp)), L_SET); - (void)write(fd, ut, sizeof(struct utmp)); - (void)close(fd); - } - if ((fd = open(_PATH_WTMP, O_WRONLY|O_APPEND, 0)) >= 0) { - (void)write(fd, ut, sizeof(struct utmp)); - (void)close(fd); - } -} diff --git a/src/libs/util/login.conf.5 b/src/libs/util/login.conf.5 deleted file mode 100644 index 82f65b00f3..0000000000 --- a/src/libs/util/login.conf.5 +++ /dev/null @@ -1,437 +0,0 @@ -.\" Copyright (c) 1996 David Nugent -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, is permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice immediately at the beginning of the file, without modification, -.\" this list of conditions, and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. This work was done expressly for inclusion into FreeBSD. Other use -.\" is permitted provided this notation is included. -.\" 4. Absolutely no warranty of function or purpose is made by the author -.\" David Nugent. -.\" 5. Modifications may be freely made to this file providing the above -.\" conditions are met. -.\" -.\" $FreeBSD: src/lib/libutil/login.conf.5,v 1.57 2006/04/19 17:46:27 brueffer Exp $ -.\" -.Dd April 19, 2006 -.Dt LOGIN.CONF 5 -.Os -.Sh NAME -.Nm login.conf -.Nd login class capability database -.Sh SYNOPSIS -.Pa /etc/login.conf , -.Pa ~/.login_conf -.Sh DESCRIPTION -.Nm -contains various attributes and capabilities of login classes. -A login class (an optional annotation against each record in the user -account database, -.Pa /etc/master.passwd ) -determines session accounting, resource limits and user environment settings. -It is used by various programs in the system to set up a user's login -environment and to enforce policy, accounting and administrative restrictions. -It also provides the means by which users are able to be -authenticated to the system and the types of authentication available. -Attributes in addition to the ones described here are available with -third-party packages. -.Pp -A special record "default" in the system user class capability database -.Pa /etc/login.conf -is used automatically for any -non-root user without a valid login class in -.Pa /etc/master.passwd . -A user with a uid of 0 without a valid login class will use the record -"root" if it exists, or "default" if not. -.Pp -In -.Fx , -users may individually create a file called -.Pa .login_conf -in their home directory using the same format, consisting of a single -entry with a record id of "me". -If present, this file is used by -.Xr login 1 -to set user-defined environment settings which override those specified -in the system login capabilities database. -Only a subset of login capabilities may be overridden, typically those -which do not involve authentication, resource limits and accounting. -.Pp -Records in a class capabilities database consist of a number of -colon-separated fields. -The first entry for each record gives one or more names that a record is -to be known by, each separated by a '|' character. -The first name is the most common abbreviation. -The last name given should be a long name that is more descriptive -of the capability entry, and all others are synonyms. -All names but the last should be in lower case and contain no blanks; -the last name may contain upper case characters and blanks for -readability. -.Pp -The default -.Pa /etc/login.conf -shipped with -.Fx -is an out of the box configuration. -Whenever changes to this, or -the user's -.Pa ~/.login_conf , -file are made, the modifications will not be picked up until -.Xr cap_mkdb 1 -is used to compile the file into a database. -This database file will have a -.Pa .db -extension and is accessed through -.Xr cgetent 3 . -See -.Xr getcap 3 -for a more in-depth description of the format of a capability database. -.Sh CAPABILITIES -Fields within each record in the database follow the -.Xr getcap 3 -conventions for boolean, type string -.Ql \&= -and type numeric -.Ql \&# , -although type numeric is deprecated in favour of the string format and -either form is accepted for a numeric datum. -Values fall into the following categories: -.Bl -tag -width "program" -.It bool -If the name is present, then the boolean value is true; otherwise, it is -false -.It file -Path name to a data file -.It program -Path name to an executable file -.It list -A list of values (or pairs of values) separated by commas or spaces -.It path -A space or comma separated list of path names, following the usual csh -conventions (leading tilde with and without username being expanded to -home directories etc.) -.It number -A numeric value, either decimal (default), hexadecimal (with leading 0x), -or octal (with a leading 0). -With a numeric type, only one numeric value is allowed. -Numeric types may also be specified in string format (i.e., the capability -tag being delimited from the value by '=' instead of '#'). -Whichever method is used, then all records in the database must use the -same method to allow values to be correctly overridden in interpolated -records. -.It size -A number which expresses a size. -The default interpretation of a value is the number of bytes, but a -suffix may specify alternate units: -.Bl -tag -offset indent -compact -width xxxx -.It b -explicitly selects 512-byte blocks -.It k -selects kilobytes (1024 bytes) -.It m -specifies a multiplier of 1 megabyte (1048576 bytes), -.It g -specifies units of gigabytes, and -.It t -represents terabytes. -.El -A size value is a numeric quantity and case of the suffix is not significant. -Concatenated values are added together. -.It time -A period of time, by default in seconds. -A prefix may specify a different unit: -.Bl -tag -offset indent -compact -width xxxx -.It y -indicates the number of 365 day years, -.It w -indicates the number of weeks, -.It d -the number of days, -.It h -the number of hours, -.It m -the number of minutes, and -.It s -the number of seconds. -.El -Concatenated values are added together. -For example, 2 hours and 40 minutes may be written either as -9600s, 160m or 2h40m. -.El -.Pp -The usual convention to interpolate capability entries using the special -.Em tc=value -notation may be used. -.Sh RESOURCE LIMITS -.Bl -column coredumpsize indent indent -.It Sy "Name Type Notes Description -.It "coredumpsize size Maximum coredump size limit. -.It "cputime time CPU usage limit. -.It "datasize size Maximum data size limit. -.It "filesize size Maximum file size limit. -.It "maxproc number Maximum number of processes. -.It "memorylocked size Maximum locked in core memory size limit. -.It "memoryuse size Maximum of core memory use size limit. -.It "openfiles number Maximum number of open files per process. -.It "sbsize size Maximum permitted socketbuffer size. -.It "vmemoryuse size Maximum permitted total VM usage per process. -.It "stacksize size Maximum stack size limit. -.El -.Pp -These resource limit entries actually specify both the maximum -and current limits (see -.Xr getrlimit 2 ) . -The current (soft) limit is the one normally used, although the user is -permitted to increase the current limit to the maximum (hard) limit. -The maximum and current limits may be specified individually by appending a --max or -cur to the capability name. -.Sh ENVIRONMENT -.Bl -column ignorenologin indent xbinxxusrxbin -.It Sy "Name Type Notes Description -.It "charset string Set $MM_CHARSET environment variable to the specified -value. -.It "hushlogin bool false Same as having a ~/.hushlogin file. -.It "ignorenologin bool false Login not prevented by nologin. -.It "ftp-chroot bool false Limit FTP access with -.Xr chroot 2 -to the -.Ev HOME -directory of the user. -See -.Xr ftpd 8 -for details. -.It "label string Default MAC policy; see -.Xr maclabel 7 . -.It "lang string Set $LANG environment variable to the specified value. -.It "manpath path Default search path for manpages. -.It "nocheckmail bool false Display mail status at login. -.It "nologin file If the file exists it will be displayed and -the login session will be terminated. -.It "path path /bin /usr/bin Default search path. -.It "priority number Initial priority (nice) level. -.It "requirehome bool false Require a valid home directory to login. -.It "setenv list A comma-separated list of environment variables and -values to which they are to be set. -.It "shell prog Session shell to execute rather than the -shell specified in the passwd file. -The SHELL environment variable will -contain the shell specified in the password file. -.It "term string Default terminal type if not able to determine -from other means. -.It "timezone string Default value of $TZ environment variable. -.It "umask number 022 Initial umask. Should always have a leading 0 to -ensure octal interpretation. -.It "welcome file /etc/motd File containing welcome message. -.El -.Sh AUTHENTICATION -.Bl -column passwd_prompt indent indent -.It Sy "Name Type Notes Description -.\" .It "approve program Program to approve login. -.It "copyright file File containing additional copyright information -.It "host.allow list List of remote host wildcards from which users in -the class may access. -.It "host.deny list List of remote host wildcards from which users -in the class may not access. -.It "login_prompt string The login prompt given by -.Xr login 1 -.It "login-backoff number 3 The number of login attempts -allowed before the backoff delay is inserted after each subsequent -attempt. -The backoff delay is the number of tries above -.Em login-backoff -multiplied by 5 seconds. -.It "login-retries number 10 The number of login attempts -allowed before the login fails. -.It "passwd_format string md5 The encryption format that new or -changed passwords will use. -Valid values include "des", "md5" and "blf". -NIS clients using a -.No non- Ns Fx -NIS server should probably use "des". -.It "passwd_prompt string The password prompt presented by -.Xr login 1 -.It "times.allow list List of time periods during which -logins are allowed. -.It "times.deny list List of time periods during which logins are -disallowed. -.It "ttys.allow list List of ttys and ttygroups which users -in the class may use for access. -.It "ttys.deny list List of ttys and ttygroups which users -in the class may not use for access. -.It "warnexpire time Advance notice for pending account expiry. -.It "warnpassword time Advance notice for pending password expiry. -.\".It "widepasswords bool false Use the wide password format. The wide password -.\" format allows up to 128 significant characters in the password. -.El -.Pp -These fields are intended to be used by -.Xr passwd 1 -and other programs in the login authentication system. -.Pp -Capabilities that set environment variables are scanned for both -.Ql \&~ -and -.Ql \&$ -characters, which are substituted for a user's home directory and name -respectively. -To pass these characters literally into the environment variable, escape -the character by preceding it with a backslash '\\'. -.Pp -The -.Em host.allow -and -.Em host.deny -entries are comma separated lists used for checking remote access to the system, -and consist of a list of hostnames and/or IP addresses against which remote -network logins are checked. -Items in these lists may contain wildcards in the form used by shell programs -for wildcard matching (See -.Xr fnmatch 3 -for details on the implementation). -The check on hosts is made against both the remote system's Internet address -and hostname (if available). -If both lists are empty or not specified, then logins from any remote host -are allowed. -If host.allow contains one or more hosts, then only remote systems matching -any of the items in that list are allowed to log in. -If host.deny contains one or more hosts, then a login from any matching hosts -will be disallowed. -.Pp -The -.Em times.allow -and -.Em times.deny -entries consist of a comma-separated list of time periods during which the users -in a class are allowed to be logged in. -These are expressed as one or more day codes followed by a start and end times -expressed in 24 hour format, separated by a hyphen or dash. -For example, MoThSa0200-1300 translates to Monday, Thursday and Saturday between -the hours of 2 am and 1 p.m.. -If both of these time lists are empty, users in the class are allowed access at -any time. -If -.Em times.allow -is specified, then logins are only allowed during the periods given. -If -.Em times.deny -is specified, then logins are denied during the periods given, regardless of whether -one of the periods specified in -.Em times.allow -applies. -.Pp -Note that -.Xr login 1 -enforces only that the actual login falls within periods allowed by these entries. -Further enforcement over the life of a session requires a separate daemon to -monitor transitions from an allowed period to a non-allowed one. -.Pp -The -.Em ttys.allow -and -.Em ttys.deny -entries contain a comma-separated list of tty devices (without the /dev/ prefix) -that a user in a class may use to access the system, and/or a list of ttygroups -(See -.Xr getttyent 3 -and -.Xr ttys 5 -for information on ttygroups). -If neither entry exists, then the choice of login device used by the user is -unrestricted. -If only -.Em ttys.allow -is specified, then the user is restricted only to ttys in the given -group or device list. -If only -.Em ttys.deny -is specified, then the user is prevented from using the specified devices or -devices in the group. -If both lists are given and are non-empty, the user is restricted to those -devices allowed by ttys.allow that are not available by ttys.deny. -.Pp -The -.Em minpasswordlen -and -.Em minpasswordcase -facilities for enforcing restrictions on password quality, which used -to be supported by -.Nm , -have been superseded by the -.Xr pam_passwdqc 8 -PAM module. -.Sh RESERVED CAPABILITIES -The following capabilities are reserved for the purposes indicated and -may be supported by third-party software. -They are not implemented in the base system. -.Bl -column host.accounted indent indent -.It Sy "Name Type Notes Description -.It "accounted bool false Enable session time accounting for all users -in this class. -.It "autodelete time Time after expiry when account is auto-deleted. -.It "bootfull bool false Enable 'boot only if ttygroup is full' strategy -when terminating sessions. -.It "daytime time Maximum login time per day. -.It "expireperiod time Time for expiry allocation. -.It "graceexpire time Grace days for expired account. -.It "gracetime time Additional grace login time allowed. -.It "host.accounted list List of remote host wildcards from which -login sessions will be accounted. -.It "host.exempt list List of remote host wildcards from which -login session accounting is exempted. -.It "idletime time Maximum idle time before logout. -.It "minpasswordlen number 6 The minimum length a local -password may be. -.It "mixpasswordcase bool true Whether -.Xr passwd 1 -will warn the user if an all lower case password is entered. -.It "monthtime time Maximum login time per month. -.It "passwordtime time Used by -.Xr passwd 1 -to set next password expiry date. -.It "refreshtime time New time allowed on account refresh. -.It "refreshperiod str How often account time is refreshed. -.It "sessiontime time Maximum login time per session. -.It "sessionlimit number Maximum number of concurrent -login sessions on ttys in any group. -.It "ttys.accounted list List of ttys and ttygroups for which -login accounting is active. -.It "ttys.exempt list List of ttys and ttygroups for which login accounting -is exempt. -.It "warntime time Advance notice for pending out-of-time. -.It "weektime time Maximum login time per week. -.El -.Pp -The -.Em ttys.accounted -and -.Em ttys.exempt -fields operate in a similar manner to -.Em ttys.allow -and -.Em ttys.deny -as explained -above. -Similarly with the -.Em host.accounted -and -.Em host.exempt -lists. -.Sh SEE ALSO -.Xr cap_mkdb 1 , -.Xr login 1 , -.Xr chroot 2 , -.Xr getcap 3 , -.Xr getttyent 3 , -.Xr login_cap 3 , -.Xr login_class 3 , -.Xr pam 3 , -.Xr passwd 5 , -.Xr ttys 5 , -.Xr ftpd 8 , -.Xr pam_passwdqc 8 diff --git a/src/libs/util/login_auth.3 b/src/libs/util/login_auth.3 deleted file mode 100644 index d388f254a0..0000000000 --- a/src/libs/util/login_auth.3 +++ /dev/null @@ -1,72 +0,0 @@ -.\" Copyright (c) 1995 David Nugent -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, is permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice immediately at the beginning of the file, without modification, -.\" this list of conditions, and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. This work was done expressly for inclusion into FreeBSD. Other use -.\" is permitted provided this notation is included. -.\" 4. Absolutely no warranty of function or purpose is made by the author -.\" David Nugent. -.\" 5. Modifications may be freely made to this file providing the above -.\" conditions are met. -.\" -.\" $FreeBSD: src/lib/libutil/login_auth.3,v 1.14 2001/10/01 16:09:18 ru Exp $ -.\" -.Dd December 29, 1996 -.Os -.Dt LOGIN_AUTH 3 -.Sh NAME -.\" .Nm authenticate -.\" .Nm auth_script -.\" .Nm auth_env -.\" .Nm auth_scan -.\" .Nm auth_rmfiles -.Nm auth_checknologin , -.Nm auth_cat -.\" .Nm auth_ttyok -.\" .Nm auth_hostok -.\" .Nm auth_timesok -.Nd "authentication style support library for login class capabilities database" -.Sh LIBRARY -.Lb libutil -.Sh SYNOPSIS -.In sys/types.h -.In login_cap.h -.\" .Ft int -.\". Fn authenticate "const char *name" "const char *classname" "const char *style" "const char *service" -.\" .Ft int -.\" .Fn auth_script "const char * path" ... -.\" .Ft void -.\" .Fn auth_env "void" -.\" .Ft int -.\" .Fn auth_scan "int ok" -.\" .Ft void -.\" .Fn auth_rmfiles "void" -.Ft void -.Fn auth_checknologin "login_cap_t *lc" -.Ft int -.Fn auth_cat "const char *file" -.\" .Ft int -.\" .Fn auth_ttyok "login_cap_t *lc" "const char *tty" -.\" .Ft int -.\" .Fn auth_hostok "login_cap_t *lc" "const char *hostname" "char const *ip" -.\" .Ft int -.\" .Fn auth_timesok "login_cap_t *lc" "time_t now" -.Sh DESCRIPTION -This set of functions support the login class authorisation style interface provided -by -.Xr login.conf 5 . -.\" .Sh RETURN VALUES -.Sh SEE ALSO -.Xr getcap 3 , -.Xr login_cap 3 , -.Xr login_class 3 , -.Xr login.conf 5 , -.Xr termcap 5 diff --git a/src/libs/util/login_auth.c b/src/libs/util/login_auth.c deleted file mode 100644 index a4bd8ad119..0000000000 --- a/src/libs/util/login_auth.c +++ /dev/null @@ -1,108 +0,0 @@ -/*- - * Copyright (c) 1996 by - * Sean Eric Fagan - * David Nugent - * All rights reserved. - * - * Portions copyright (c) 1995,1997 by - * Berkeley Software Design, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, is permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice immediately at the beginning of the file, without modification, - * this list of conditions, and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. This work was done expressly for inclusion into FreeBSD. Other use - * is permitted provided this notation is included. - * 4. Absolutely no warranty of function or purpose is made by the authors. - * 5. Modifications may be freely made to this file providing the above - * conditions are met. - * - * Low-level routines relating to the user capabilities database - */ - -#include -__FBSDID("$FreeBSD: src/lib/libutil/login_auth.c,v 1.14 2003/06/14 18:42:37 markm Exp $"); - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - - -/* - * auth_checknologin() - * Checks for the existance of a nologin file in the login_cap - * capability . If there isn't one specified, then it checks - * to see if this class should just ignore nologin files. Lastly, - * it tries to print out the default nologin file, and, if such - * exists, it exits. - */ - -void -auth_checknologin(login_cap_t *lc) -{ - const char *file; - - /* Do we ignore a nologin file? */ - if (login_getcapbool(lc, "ignorenologin", 0)) - return; - - /* Note that will be "" if there is no nologin capability */ - if ((file = login_getcapstr(lc, "nologin", "", NULL)) == NULL) - exit(1); - - /* - * *file is true IFF there was a "nologin" capability - * Note that auth_cat() returns 1 only if the specified - * file exists, and is readable. E.g., /.nologin exists. - */ - if ((*file && auth_cat(file)) || auth_cat(_PATH_NOLOGIN)) - exit(1); -} - - -/* - * auth_cat() - * Checks for the readability of ; if it can be opened for - * reading, it prints it out to stdout, and then exits. Otherwise, - * it returns 0 (meaning no nologin file). - */ - -int -auth_cat(const char *file) -{ - int fd, count; - char buf[BUFSIZ]; - - if ((fd = open(file, O_RDONLY)) < 0) - return 0; - while ((count = read(fd, buf, sizeof(buf))) > 0) - (void)write(fileno(stdout), buf, count); - close(fd); - sleep(5); /* wait an arbitrary time to drain */ - return 1; -} diff --git a/src/libs/util/login_cap.3 b/src/libs/util/login_cap.3 deleted file mode 100644 index bf2617a007..0000000000 --- a/src/libs/util/login_cap.3 +++ /dev/null @@ -1,442 +0,0 @@ -.\" Copyright (c) 1995 David Nugent -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, is permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice immediately at the beginning of the file, without modification, -.\" this list of conditions, and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. This work was done expressly for inclusion into FreeBSD. Other use -.\" is permitted provided this notation is included. -.\" 4. Absolutely no warranty of function or purpose is made by the author -.\" David Nugent. -.\" 5. Modifications may be freely made to this file providing the above -.\" conditions are met. -.\" -.\" $FreeBSD: src/lib/libutil/login_cap.3,v 1.35 2005/11/24 11:29:11 ru Exp $ -.\" -.Dd December 27, 1996 -.Os -.Dt LOGIN_CAP 3 -.Sh NAME -.Nm login_close , -.Nm login_getcapbool , -.Nm login_getcaplist , -.Nm login_getcapnum , -.Nm login_getcapstr , -.Nm login_getcapsize , -.Nm login_getcaptime , -.Nm login_getclass , -.Nm login_getclassbyname , -.Nm login_getpwclass , -.Nm login_getstyle , -.Nm login_getuserclass , -.Nm login_setcryptfmt -.Nd "functions for accessing the login class capabilities database" -.Sh LIBRARY -.Lb libutil -.Sh SYNOPSIS -.In sys/types.h -.In login_cap.h -.Ft void -.Fn login_close "login_cap_t *lc" -.Ft login_cap_t * -.Fn login_getclassbyname "const char *nam" "const struct passwd *pwd" -.Ft login_cap_t * -.Fn login_getclass "const char *nam" -.Ft login_cap_t * -.Fn login_getpwclass "const struct passwd *pwd" -.Ft login_cap_t * -.Fn login_getuserclass "const struct passwd *pwd" -.Ft "const char *" -.Fn login_getcapstr "login_cap_t *lc" "const char *cap" "const char *def" "const char *error" -.Ft "const char **" -.Fn login_getcaplist "login_cap_t *lc" "const char *cap" "const char *chars" -.Ft "const char *" -.Fn login_getpath "login_cap_t *lc" "const char *cap" "const char *error" -.Ft rlim_t -.Fn login_getcaptime "login_cap_t *lc" "const char *cap" "rlim_t def" "rlim_t error" -.Ft rlim_t -.Fn login_getcapnum "login_cap_t *lc" "const char *cap" "rlim_t def" "rlim_t error" -.Ft rlim_t -.Fn login_getcapsize "login_cap_t *lc" "const char *cap" "rlim_t def" "rlim_t error" -.Ft int -.Fn login_getcapbool "login_cap_t *lc" "const char *cap" "int def" -.Ft "const char *" -.Fn login_getstyle "login_cap_t *lc" "const char *style" "const char *auth" -.Ft const char * -.Fn login_setcryptfmt "login_cap_t *lc" "const char *def" "const char *error" -.Sh DESCRIPTION -These functions represent a programming interface to the login -classes database provided in -.Xr login.conf 5 . -This database contains capabilities, attributes and default environment -and accounting settings for users and programs running as specific users, -as determined by the login class field within entries in -.Pa /etc/master.passwd . -.Pp -Entries in -.Xr login.conf 5 -consist of colon -.Ql \&: -separated fields, the first field in each record being one or more -identifiers for the record (which must be unique for the entire database), -each separated by a '|', and may optionally include a description as -the last 'name'. -Remaining fields in the record consist of keyword/data pairs. -Long lines may be continued with a backslash within empty entries, -with the second and subsequent lines optionally indented for readability. -This is similar to the format used in -.Xr termcap 5 , -except that keywords are not limited to two significant characters, -and are usually longer for improved readability. -As with termcap entries, multiple records can be linked together -(one record including another) using a field containing tc=. -The result is that the entire record referenced by replaces -the tc= field at the point at which it occurs. -See -.Xr getcap 3 -for further details on the format and use of a capabilities database. -.Pp -The -.Nm login_cap -interface provides a convenient means of retrieving login class -records with all tc= references expanded. -A program will typically call one of -.Fn login_getclass , -.Fn login_getpwclass , -.Fn login_getuserclass -or -.Fn login_getclassbyname -according to its requirements. -Each of these functions returns a login capabilities structure, -.Ft login_cap_t , -which may subsequently be used to interrogate the database for -specific values using the rest of the API. -Once the login_cap_t is of no further use, the -.Fn login_close -function should be called to free all resources used. -.Pp -The structure of login_cap_t is defined in login_cap.h, as: -.Bd -literal -offset indent -typedef struct { - char *lc_class; - char *lc_cap; - char *lc_style; -} login_cap_t; -.Ed -.Pp -The -.Ar lc_class -member contains a pointer to the name of the login class -retrieved. -This may not necessarily be the same as the one requested, -either directly via -.Fn login_getclassbyname , -indirectly via a user's login record using -.Fn login_getpwclass , -by class name using -.Fn login_getclass , -or -.Fn login_getuserclass . -If the referenced user has no login class specified in -.Pa /etc/master.passwd , -the class name is NULL or an empty string. -If the class -specified does not exist in the database, each of these -functions will search for a record with an id of "default", -with that name returned in the -.Ar lc_class -field. -In addition, if the referenced user has a UID of 0 (normally, -"root", although the user name is not considered) then -.Fn login_getpwclass -will search for a record with an id of "root" before it searches -for the record with the id of "default". -.Pp -The -.Ar lc_cap -field is used internally by the library to contain the -expanded login capabilities record. -Programs with unusual requirements may wish to use this -with the lower-level -.Fn getcap -style functions to access the record directly. -.Pp -The -.Ar lc_style -field is set by the -.Fn login_getstyle -function to the authorisation style, according to the requirements -of the program handling a login itself. -.Pp -As noted above, the -.Fn login_get*class -functions return a login_cap_t object which is used to access -the matching or default record in the capabilities database. -The -.Fn login_getclassbyname -function accepts two arguments: the first one is the record identifier of the -record to be retrieved, the second is an optional pointer to a -.Li passwd -structure. -If the first -.Ar name -argument is NULL, an empty string, or a class that does not exist -in the supplemental or system login class database, then the system -.Em default -record is returned instead. -If the second -.Ar pwd -parameter is NULL, then only the system login class database is -used. -However, -if the -.Ar pwd -parameter and the value of -.Ar pwd->pw_dir -are both not NULL, then the directory contained in -.Ar pwd->pw_dir -is searched for -a login database file called ".login_conf", and capability records -contained within it may override the system defaults. -This scheme allows users to override some login settings from -those in the system login class database by creating class records -for their own private class with a record id of `me'. -In the context of a -.Em login , -it should be noted that some options cannot by overridden by -users for two reasons; many options, such as resource settings -and default process priorities, require root privileges -in order to take effect, and other fields in the user's file are -not be consulted at all during the early phases of login for -security or administrative reasons. -See -.Xr login.conf 5 -for more information on which settings a user is able to override. -Typically, these are limited purely to the user's default login -environment which might otherwise have been overridden in shell -startup scripts in any case. -The user's -.Pa .login_conf -merely provides a convenient way for a user to set up their preferred -login environment before the shell is invoked on login. -Note that access to the -.Pa /etc/login.conf -and -.Pa .login_conf -files will only be performed subject to the security checks documented in -.Xr _secure_path 3 -for the uids 0 and -.Ar pwd->pw_uid -respectively. -.Pp -If the specified record is NULL, empty or does not exist, and the -system has no "default" record available to fall back to, there is a -memory allocation error or for some reason -.Xr cgetent 3 -is unable to access the login capabilities database, this function -returns NULL. -.Pp -The functions -.Fn login_getpwclass , -.Fn login_getclass -and -.Fn login_getuserclass -retrieve the applicable login class record for the user's passwd -entry or class name by calling -.Fn login_getclassbyname . -On failure, NULL is returned. -The difference between these functions is that -.Fn login_getuserclass -includes the user's overriding -.Pa .login_conf -that exists in the user's home directory, and -.Fn login_getpwclass -and -.Fn login_getclass -restrict lookup only to the system login class database in -.Pa /etc/login.conf . -As explained earlier, -.Fn login_getpwclass -only differs from -.Fn login_getclass -in that it allows the default class for user 'root' as "root" -if none has been specified in the password database. -Otherwise, if the passwd pointer is NULL, or the user record -has no login class, then the system "default" entry is retrieved. -.Pp -Once a program no longer wishes to use a login_cap_t object, -.Fn login_close -may be called to free all resources used by the login class. -The -.Fn login_close -function may be passed a NULL pointer with no harmful side-effects. -.Pp -The remaining functions may be used to retrieve individual -capability records. -Each function takes a login_cap_t object as its first parameter, -a capability tag as the second, and remaining parameters being -default and error values that are returned if the capability is -not found. -The type of the additional parameters passed and returned depend -on the -.Em type -of capability each deals with, be it a simple string, a list, -a time value, a file or memory size value, a path (consisting of -a colon-separated list of directories) or a boolean flag. -The manpage for -.Xr login.conf 5 -deals in specific tags and their type. -.Pp -Note that with all functions in this group, you should not call -.Xr free 3 -on any pointers returned. -Memory allocated during retrieval or processing of capability -tags is automatically reused by subsequent calls to functions -in this group, or deallocated on calling -.Fn login_close . -.Bl -tag -width "login_getcaplist()" -.It Fn login_getcapstr -This function returns a simple string capability. -If the string is not found, then the value in -.Ar def -is returned as the default value, or if an error -occurs, the value in the -.Ar error -parameter is returned. -.It Fn login_getcaplist -This function returns the value corresponding to the named -capability tag as a list of values in a NULL terminated -array. -Within the login class database, some tags are of type -.Em list , -which consist of one or more comma- or space separated -values. -Usually, this function is not called directly from an -application, but is used indirectly via -.Fn login_getstyle . -.It Fn login_getpath -This function returns a list of directories separated by colons -.Ql \&: . -Capability tags for which this function is called consist of a list of -directories separated by spaces. -.It Fn login_getcaptime -This function returns a -.Em time value -associated with a particular capability tag with the value expressed -in seconds (the default), minutes, hours, days, weeks or (365 day) -years or any combination of these. -A suffix determines the units used: S for seconds, M for minutes, -H for hours, D for days, W for weeks and Y for 365 day years. -Case of the units suffix is ignored. -.Pp -Time values are normally used for setting resource, accounting and -session limits. -If supported by the operating system and compiler (which is true of -.Fx ) , -the value returned is a quad (long long), of type -.Em rlim_t . -A value "inf" or "infinity" may be used to express an infinite -value, in which case RLIM_INFINITY is returned. -.It Fn login_getcapnum -This function returns a numeric value for a tag, expressed either as -tag= or the standard -.Fn cgetnum -format tag#. -The first format should be used in preference to the second, the -second format is provided for compatibility and consistency with the -.Xr getcap 3 -database format where numeric types use the -.Ql \&# -as the delimiter for numeric values. -If in the first format, then the value given may be "inf" or -"infinity" which results in a return value of RLIM_INFINITY. -If the given capability tag cannot be found, the -.Ar def -parameter is returned, and if an error occurs, the -.Ar error -parameter is returned. -.It Fn login_getcapsize -.Fn login_getcapsize -returns a value representing a size (typically, file or memory) -which may be expressed as bytes (the default), 512 byte blocks, -kilobytes, megabytes, gigabytes, and on systems that support the -.Ar long long -type, terabytes. -The suffix used determines the units, and multiple values and -units may be used in combination (e.g.\& 1m500k = 1.5 megabytes). -A value with no suffix is interpreted as bytes, B as 512-byte -blocks, K as kilobytes, M as megabytes, G as gigabytes and T as -terabytes. -Case is ignored. -The error value is returned if there is a login capabilities database -error, if an invalid suffix is used, or if a numeric value cannot be -interpreted. -.It Fn login_getcapbool -This function returns a boolean value tied to a particular flag. -It returns 0 if the given capability tag is not present or is -negated by the presence of a "tag@" (See -.Xr getcap 3 -for more information on boolean flags), and returns 1 if the tag -is found. -.It Fn login_getstyle -This function is used by the login authorisation system to determine -the style of login available in a particular case. -The function accepts three parameters, the login_cap entry itself and -two optional parameters, and authorisation type 'auth' and 'style', and -applies these to determine the authorisation style that best suites -these rules. -.Bl -bullet -.It -If 'auth' is neither NULL nor an empty string, look for a tag of type -"auth-" in the capability record. -If not present, then look for the default tag "auth=". -.It -If no valid authorisation list was found from the previous step, then -default to "passwd" as the authorisation list. -.It -If 'style' is not NULL or empty, look for it in the list of authorisation -methods found from the previous step. -If 'style' is NULL or an empty string, then default to "passwd" -authorisation. -.It -If 'style' is found in the chosen list of authorisation methods, then -return that, otherwise return NULL. -.El -.Pp -This scheme allows the administrator to determine the types of -authorisation methods accepted by the system, depending on the -means by which the access occurs. -For example, the administrator may require skey or kerberos as -the authentication method used for access to the system via the -network, and standard methods via direct dialup or console -logins, significantly reducing the risk of password discovery -by "snooping" network packets. -.It Fn login_setcryptfmt -The -.Fn login_setcryptfmt -function is used to set the -.Xr crypt 3 -format using the -.Ql passwd_format -configuration entry. -If no entry is found, -.Fa def -is taken to be used as the fallback. -If calling -.Xr crypt_set_format 3 -on the specifier fails, -.Fa error -is returned to indicate this. -.El -.Sh SEE ALSO -.Xr crypt 3 , -.Xr getcap 3 , -.Xr login_class 3 , -.Xr login.conf 5 , -.Xr termcap 5 diff --git a/src/libs/util/login_cap.c b/src/libs/util/login_cap.c deleted file mode 100644 index 3140b5972d..0000000000 --- a/src/libs/util/login_cap.c +++ /dev/null @@ -1,808 +0,0 @@ -/*- - * Copyright (c) 1996 by - * Sean Eric Fagan - * David Nugent - * All rights reserved. - * - * Portions copyright (c) 1995,1997 - * Berkeley Software Design, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, is permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice immediately at the beginning of the file, without modification, - * this list of conditions, and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. This work was done expressly for inclusion into FreeBSD. Other use - * is permitted provided this notation is included. - * 4. Absolutely no warranty of function or purpose is made by the authors. - * 5. Modifications may be freely made to this file providing the above - * conditions are met. - * - * Low-level routines relating to the user capabilities database - */ - -#include -__FBSDID("$FreeBSD: src/lib/libutil/login_cap.c,v 1.33 2005/04/22 23:11:57 trhodes Exp $"); - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -/* - * allocstr() - * Manage a single static pointer for handling a local char* buffer, - * resizing as necessary to contain the string. - * - * allocarray() - * Manage a static array for handling a group of strings, resizing - * when necessary. - */ - -static int lc_object_count = 0; - -static size_t internal_stringsz = 0; -static char * internal_string = NULL; -static size_t internal_arraysz = 0; -static const char ** internal_array = NULL; - -static char * -allocstr(const char *str) -{ - char *p; - - size_t sz = strlen(str) + 1; /* realloc() only if necessary */ - if (sz <= internal_stringsz) - p = strcpy(internal_string, str); - else if ((p = realloc(internal_string, sz)) != NULL) { - internal_stringsz = sz; - internal_string = strcpy(p, str); - } - return p; -} - - -static const char ** -allocarray(size_t sz) -{ - static const char **p; - - if (sz <= internal_arraysz) - p = internal_array; - else if ((p = realloc(internal_array, sz * sizeof(char*))) != NULL) { - internal_arraysz = sz; - internal_array = p; - } - return p; -} - - -/* - * arrayize() - * Turn a simple string separated by any of - * the set of into an array. The last element - * of the array will be NULL, as is proper. - * Free using freearraystr() - */ - -static const char ** -arrayize(const char *str, const char *chars, int *size) -{ - int i; - char *ptr; - const char *cptr; - const char **res = NULL; - - /* count the sub-strings */ - for (i = 0, cptr = str; *cptr; i++) { - int count = strcspn(cptr, chars); - cptr += count; - if (*cptr) - ++cptr; - } - - /* alloc the array */ - if ((ptr = allocstr(str)) != NULL) { - if ((res = allocarray(++i)) == NULL) - free((void *)(uintptr_t)(const void *)str); - else { - /* now split the string */ - i = 0; - while (*ptr) { - int count = strcspn(ptr, chars); - res[i++] = ptr; - ptr += count; - if (*ptr) - *ptr++ = '\0'; - } - res[i] = NULL; - } - } - - if (size) - *size = i; - - return res; -} - - -/* - * login_close() - * Frees up all resources relating to a login class - * - */ - -void -login_close(login_cap_t * lc) -{ - if (lc) { - free(lc->lc_style); - free(lc->lc_class); - free(lc->lc_cap); - free(lc); - if (--lc_object_count == 0) { - free(internal_string); - free(internal_array); - internal_array = NULL; - internal_arraysz = 0; - internal_string = NULL; - internal_stringsz = 0; - cgetclose(); - } - } -} - - -/* - * login_getclassbyname() get the login class by its name. - * If the name given is NULL or empty, the default class - * LOGIN_DEFCLASS (ie. "default") is fetched. If the - * 'pwd' argument is non-NULL and contains an non-NULL - * dir entry, then the file _FILE_LOGIN_CONF is picked - * up from that directory and used before the system - * login database. - * Return a filled-out login_cap_t structure, including - * class name, and the capability record buffer. - */ - -login_cap_t * -login_getclassbyname(char const *name, const struct passwd *pwd) -{ - login_cap_t *lc; - - if ((lc = malloc(sizeof(login_cap_t))) != NULL) { - int r, me, i = 0; - uid_t euid = 0; - gid_t egid = 0; - const char *msg = NULL; - const char *dir; - char userpath[MAXPATHLEN]; - - static char *login_dbarray[] = { NULL, NULL, NULL }; - - me = (name != NULL && strcmp(name, LOGIN_MECLASS) == 0); - dir = (!me || pwd == NULL) ? NULL : pwd->pw_dir; - /* - * Switch to user mode before checking/reading its ~/.login_conf - * - some NFSes have root read access disabled. - * - * XXX: This fails to configure additional groups. - */ - if (dir) { - euid = geteuid(); - egid = getegid(); - (void)setegid(pwd->pw_gid); - (void)seteuid(pwd->pw_uid); - } - - if (dir && snprintf(userpath, MAXPATHLEN, "%s/%s", dir, - _FILE_LOGIN_CONF) < MAXPATHLEN) { - login_dbarray[i] = userpath; - if (_secure_path(userpath, pwd->pw_uid, pwd->pw_gid) != -1) - i++; /* only use 'secure' data */ - } - if (_secure_path(_PATH_LOGIN_CONF, 0, 0) != -1) - login_dbarray[i++] = _PATH_LOGIN_CONF; - login_dbarray[i] = NULL; - - memset(lc, 0, sizeof(login_cap_t)); - lc->lc_cap = lc->lc_class = lc->lc_style = NULL; - - if (name == NULL || *name == '\0') - name = LOGIN_DEFCLASS; - - switch (cgetent(&lc->lc_cap, login_dbarray, name)) { - case -1: /* Failed, entry does not exist */ - if (me) - break; /* Don't retry default on 'me' */ - if (i == 0) - r = -1; - else if ((r = open(login_dbarray[0], O_RDONLY)) >= 0) - close(r); - /* - * If there's at least one login class database, - * and we aren't searching for a default class - * then complain about a non-existent class. - */ - if (r >= 0 || strcmp(name, LOGIN_DEFCLASS) != 0) - syslog(LOG_ERR, "login_getclass: unknown class '%s'", name); - /* fall-back to default class */ - name = LOGIN_DEFCLASS; - msg = "%s: no default/fallback class '%s'"; - if (cgetent(&lc->lc_cap, login_dbarray, name) != 0 && r >= 0) - break; - /* FALLTHROUGH - just return system defaults */ - case 0: /* success! */ - if ((lc->lc_class = strdup(name)) != NULL) { - if (dir) { - (void)seteuid(euid); - (void)setegid(egid); - } - ++lc_object_count; - return lc; - } - msg = "%s: strdup: %m"; - break; - case -2: - msg = "%s: retrieving class information: %m"; - break; - case -3: - msg = "%s: 'tc=' reference loop '%s'"; - break; - case 1: - msg = "couldn't resolve 'tc=' reference in '%s'"; - break; - default: - msg = "%s: unexpected cgetent() error '%s': %m"; - break; - } - if (dir) { - (void)seteuid(euid); - (void)setegid(egid); - } - if (msg != NULL) - syslog(LOG_ERR, msg, "login_getclass", name); - free(lc); - } - - return NULL; -} - - - -/* - * login_getclass() - * Get the login class for the system (only) login class database. - * Return a filled-out login_cap_t structure, including - * class name, and the capability record buffer. - */ - -login_cap_t * -login_getclass(const char *cls) -{ - return login_getclassbyname(cls, NULL); -} - - -/* - * login_getclass() - * Get the login class for a given password entry from - * the system (only) login class database. - * If the password entry's class field is not set, or - * the class specified does not exist, then use the - * default of LOGIN_DEFCLASS (ie. "default"). - * Return a filled-out login_cap_t structure, including - * class name, and the capability record buffer. - */ - -login_cap_t * -login_getpwclass(const struct passwd *pwd) -{ - const char *cls = NULL; - - if (pwd != NULL) { - cls = pwd->pw_class; - if (cls == NULL || *cls == '\0') - cls = (pwd->pw_uid == 0) ? LOGIN_DEFROOTCLASS : LOGIN_DEFCLASS; - } - return login_getclassbyname(cls, pwd); -} - - -/* - * login_getuserclass() - * Get the login class for a given password entry, allowing user - * overrides via ~/.login_conf. - */ - -login_cap_t * -login_getuserclass(const struct passwd *pwd) -{ - return login_getclassbyname(LOGIN_MECLASS, pwd); -} - - - -/* - * login_getcapstr() - * Given a login_cap entry, and a capability name, return the - * value defined for that capability, a default if not found, or - * an error string on error. - */ - -const char * -login_getcapstr(login_cap_t *lc, const char *cap, const char *def, const char *error) -{ - char *res; - int ret; - - if (lc == NULL || cap == NULL || lc->lc_cap == NULL || *cap == '\0') - return def; - - if ((ret = cgetstr(lc->lc_cap, cap, &res)) == -1) - return def; - return (ret >= 0) ? res : error; -} - - -/* - * login_getcaplist() - * Given a login_cap entry, and a capability name, return the - * value defined for that capability split into an array of - * strings. - */ - -const char ** -login_getcaplist(login_cap_t *lc, const char *cap, const char *chars) -{ - const char *lstring; - - if (chars == NULL) - chars = ", \t"; - if ((lstring = login_getcapstr(lc, cap, NULL, NULL)) != NULL) - return arrayize(lstring, chars, NULL); - return NULL; -} - - -/* - * login_getpath() - * From the login_cap_t , get the capability which is - * formatted as either a space or comma delimited list of paths - * and append them all into a string and separate by semicolons. - * If there is an error of any kind, return . - */ - -const char * -login_getpath(login_cap_t *lc, const char *cap, const char *error) -{ - const char *str; - char *ptr; - int count; - - str = login_getcapstr(lc, cap, NULL, NULL); - if (str == NULL) - return error; - ptr = __DECONST(char *, str); /* XXXX Yes, very dodgy */ - while (*ptr) { - count = strcspn(ptr, ", \t"); - ptr += count; - if (*ptr) - *ptr++ = ':'; - } - return str; -} - - -static int -isinfinite(const char *s) -{ - static const char *infs[] = { - "infinity", - "inf", - "unlimited", - "unlimit", - "-1", - NULL - }; - const char **i = &infs[0]; - - while (*i != NULL) { - if (strcasecmp(s, *i) == 0) - return 1; - ++i; - } - return 0; -} - - -static u_quad_t -rmultiply(u_quad_t n1, u_quad_t n2) -{ - u_quad_t m, r; - int b1, b2; - - static int bpw = 0; - - /* Handle simple cases */ - if (n1 == 0 || n2 == 0) - return 0; - if (n1 == 1) - return n2; - if (n2 == 1) - return n1; - - /* - * sizeof() returns number of bytes needed for storage. - * This may be different from the actual number of useful bits. - */ - if (!bpw) { - bpw = sizeof(u_quad_t) * 8; - while (((u_quad_t)1 << (bpw-1)) == 0) - --bpw; - } - - /* - * First check the magnitude of each number. If the sum of the - * magnatude is way to high, reject the number. (If this test - * is not done then the first multiply below may overflow.) - */ - for (b1 = bpw; (((u_quad_t)1 << (b1-1)) & n1) == 0; --b1) - ; - for (b2 = bpw; (((u_quad_t)1 << (b2-1)) & n2) == 0; --b2) - ; - if (b1 + b2 - 2 > bpw) { - errno = ERANGE; - return (UQUAD_MAX); - } - - /* - * Decompose the multiplication to be: - * h1 = n1 & ~1 - * h2 = n2 & ~1 - * l1 = n1 & 1 - * l2 = n2 & 1 - * (h1 + l1) * (h2 + l2) - * (h1 * h2) + (h1 * l2) + (l1 * h2) + (l1 * l2) - * - * Since h1 && h2 do not have the low bit set, we can then say: - * - * (h1>>1 * h2>>1 * 4) + ... - * - * So if (h1>>1 * h2>>1) > (1<<(bpw - 2)) then the result will - * overflow. - * - * Finally, if MAX - ((h1 * l2) + (l1 * h2) + (l1 * l2)) < (h1*h2) - * then adding in residual amout will cause an overflow. - */ - - m = (n1 >> 1) * (n2 >> 1); - if (m >= ((u_quad_t)1 << (bpw-2))) { - errno = ERANGE; - return (UQUAD_MAX); - } - m *= 4; - - r = (n1 & n2 & 1) - + (n2 & 1) * (n1 & ~(u_quad_t)1) - + (n1 & 1) * (n2 & ~(u_quad_t)1); - - if ((u_quad_t)(m + r) < m) { - errno = ERANGE; - return (UQUAD_MAX); - } - m += r; - - return (m); -} - - -/* - * login_getcaptime() - * From the login_cap_t , get the capability , which is - * formatted as a time (e.g., "=10h3m2s"). If is not - * present in , return ; if there is an error of some kind, - * return . - */ - -rlim_t -login_getcaptime(login_cap_t *lc, const char *cap, rlim_t def, rlim_t error) -{ - char *res, *ep, *oval; - int r; - rlim_t tot; - - errno = 0; - if (lc == NULL || lc->lc_cap == NULL) - return def; - - /* - * Look for in lc_cap. - * If it's not there (-1), return . - * If there's an error, return . - */ - - if ((r = cgetstr(lc->lc_cap, cap, &res)) == -1) - return def; - else if (r < 0) { - errno = ERANGE; - return error; - } - - /* "inf" and "infinity" are special cases */ - if (isinfinite(res)) - return RLIM_INFINITY; - - /* - * Now go through the string, turning something like 1h2m3s into - * an integral value. Whee. - */ - - errno = 0; - tot = 0; - oval = res; - while (*res) { - rlim_t tim = strtoq(res, &ep, 0); - rlim_t mult = 1; - - if (ep == NULL || ep == res || errno != 0) { - invalid: - syslog(LOG_WARNING, "login_getcaptime: class '%s' bad value %s=%s", - lc->lc_class, cap, oval); - errno = ERANGE; - return error; - } - /* Look for suffixes */ - switch (*ep++) { - case 0: - ep--; - break; /* end of string */ - case 's': case 'S': /* seconds */ - break; - case 'm': case 'M': /* minutes */ - mult = 60; - break; - case 'h': case 'H': /* hours */ - mult = 60L * 60L; - break; - case 'd': case 'D': /* days */ - mult = 60L * 60L * 24L; - break; - case 'w': case 'W': /* weeks */ - mult = 60L * 60L * 24L * 7L; - break; - case 'y': case 'Y': /* 365-day years */ - mult = 60L * 60L * 24L * 365L; - break; - default: - goto invalid; - } - res = ep; - tot += rmultiply(tim, mult); - if (errno) - goto invalid; - } - - return tot; -} - - -/* - * login_getcapnum() - * From the login_cap_t , extract the numerical value . - * If it is not present, return for a default, and return - * if there is an error. - * Like login_getcaptime(), only it only converts to a number, not - * to a time; "infinity" and "inf" are 'special.' - */ - -rlim_t -login_getcapnum(login_cap_t *lc, const char *cap, rlim_t def, rlim_t error) -{ - char *ep, *res; - int r; - rlim_t val; - - if (lc == NULL || lc->lc_cap == NULL) - return def; - - /* - * For BSDI compatibility, try for the tag= first - */ - if ((r = cgetstr(lc->lc_cap, cap, &res)) == -1) { - long lval; - /* string capability not present, so try for tag# as numeric */ - if ((r = cgetnum(lc->lc_cap, cap, &lval)) == -1) - return def; /* Not there, so return default */ - else if (r >= 0) - return (rlim_t)lval; - } - - if (r < 0) { - errno = ERANGE; - return error; - } - - if (isinfinite(res)) - return RLIM_INFINITY; - - errno = 0; - val = strtoq(res, &ep, 0); - if (ep == NULL || ep == res || errno != 0) { - syslog(LOG_WARNING, "login_getcapnum: class '%s' bad value %s=%s", - lc->lc_class, cap, res); - errno = ERANGE; - return error; - } - - return val; -} - - - -/* - * login_getcapsize() - * From the login_cap_t , extract the capability , which is - * formatted as a size (e.g., "=10M"); it can also be "infinity". - * If not present, return , or if there is an error of - * some sort. - */ - -rlim_t -login_getcapsize(login_cap_t *lc, const char *cap, rlim_t def, rlim_t error) -{ - char *ep, *res, *oval; - int r; - rlim_t tot; - - if (lc == NULL || lc->lc_cap == NULL) - return def; - - if ((r = cgetstr(lc->lc_cap, cap, &res)) == -1) - return def; - else if (r < 0) { - errno = ERANGE; - return error; - } - - if (isinfinite(res)) - return RLIM_INFINITY; - - errno = 0; - tot = 0; - oval = res; - while (*res) { - rlim_t siz = strtoq(res, &ep, 0); - rlim_t mult = 1; - - if (ep == NULL || ep == res || errno != 0) { - invalid: - syslog(LOG_WARNING, "login_getcapsize: class '%s' bad value %s=%s", - lc->lc_class, cap, oval); - errno = ERANGE; - return error; - } - switch (*ep++) { - case 0: /* end of string */ - ep--; - break; - case 'b': case 'B': /* 512-byte blocks */ - mult = 512; - break; - case 'k': case 'K': /* 1024-byte Kilobytes */ - mult = 1024; - break; - case 'm': case 'M': /* 1024-k kbytes */ - mult = 1024 * 1024; - break; - case 'g': case 'G': /* 1Gbyte */ - mult = 1024 * 1024 * 1024; - break; - case 't': case 'T': /* 1TBte */ - mult = 1024LL * 1024LL * 1024LL * 1024LL; - break; - default: - goto invalid; - } - res = ep; - tot += rmultiply(siz, mult); - if (errno) - goto invalid; - } - - return tot; -} - - -/* - * login_getcapbool() - * From the login_cap_t , check for the existance of the capability - * of . Return if ->lc_cap is NULL, otherwise return - * the whether or not exists there. - */ - -int -login_getcapbool(login_cap_t *lc, const char *cap, int def) -{ - if (lc == NULL || lc->lc_cap == NULL) - return def; - return (cgetcap(lc->lc_cap, cap, ':') != NULL); -} - - -/* - * login_getstyle() - * Given a login_cap entry , and optionally a type of auth , - * and optionally a style