Bill Fumerola [Mon, 4 Jan 1999 14:07:53 +0000 (14:07 +0000)]
-Clarification of last commit-
The char that the random letters and numbers are being pulled from is
ended with a '\0'. Using sizeof() includes this '\0' in the 'pool' of
possible characters. This patch decrements by one the size so we don't
accidently end the new password prematurly.
Bill Fumerola [Sat, 2 Jan 1999 04:37:46 +0000 (04:37 +0000)]
Let's make sure we're at the end of the password string before we apply a \0
and terminate it. This patch ensures passwords will be the correct length of 8,
which is what is implied in the source (but not reflected in the man page).
Matthew Dillon [Sun, 13 Dec 1998 02:47:00 +0000 (02:47 +0000)]
PR: docs/9045
Update chpass(1) manual page. Change the definition of the class
field and also reorganize the field list to match that of the
/etc/master.passwd file, to avoid confusion.
Matthew Dillon [Sun, 13 Dec 1998 01:36:45 +0000 (01:36 +0000)]
Handle the race condition where vipw may lock a password file which has
just been replaced. After our lock succeeds we check if st_nlink is 0
and if it is we close the descriptor and retry our open/lock sequence.
remove stdio.h include; I forgot Bruce's cardinal rule that header files
shouldn't include other ones (which, unfortunately, is also a hellish
rule since he broke interfaces like sysctl this way by requiring undocumented
header files to be included just in order to be able to use them now - SIGH!).
Add a simple mechanism for reading property lists from files (which
I'll convert sysinstall to use shortly) and a simple call which uses
this mechanism to implement an /etc/auth.conf file. I'll let Mark Murray
handle the format and checkin of the sample auth.conf file.
Reviewed by: markm
Removing -batch option from adduser. Adduser was written as
an *interactive* command for newbies. The pw(8) does now a much better
job for adding users from command line. Also, the -batch option is
not well tested, buggy and unsupported.
Peter Hawkins [Fri, 14 Aug 1998 03:18:32 +0000 (03:18 +0000)]
Submitted by: Peter Hawkins <thepish@FreeBSD.org>
Add functionality for support for more than 4 subfields within gcos. chsh,
chpass etc did not parse beyond the 4th field previously and so truncated
gcos on updating the database.
Nate Williams [Tue, 4 Aug 1998 22:31:26 +0000 (22:31 +0000)]
- On second thought, attempt to get the read-only lock, but don't
consider it a exit failure if it doesn't work. This means that root
processes can safely get the lock, but normal processes can still use
the 'pw' utility to get information (which may change out from under
them.)
Nate Williams [Tue, 4 Aug 1998 22:20:11 +0000 (22:20 +0000)]
- Removed read-only lock from 'pw'. This removes portions of the FIX
from PR/6787, but allow non-root users to use pw to get password
information. However, this should be safe since the fixes for
disallowing multiple instances from modifying the DB are still intact.
Nate Williams [Thu, 16 Jul 1998 17:18:25 +0000 (17:18 +0000)]
Fix race condition in pw caused by multiple instances of pwd_mkdb being
run at the same time.
Notes:
The fileupdate function is still somewhat broken. Instead of
returning a failure code if it can't modify the original file it
renames the .new file and continues as though nothing is wrong.
This will cause the lock on the original file to be lost and could
lead to a similar race condition. I left that portion of the code
alone since I feel that the maintainer of the code would have a
better concept of how he wants to handle errors in that function
than I do.
Bruce Evans [Sun, 26 Apr 1998 16:31:14 +0000 (16:31 +0000)]
Fixed `make -j9' by putting generated headers in ${SRCS}. Removed bogus
dependencies of generated .c files on generated headers (these made
`make -JN' work provided `depend' was made first). Sorted sources lists.
Changes to support full make parallelism (-j<n>) in the world
target.
Reviewed by: <many different folks>
Submitted by: Nickolay N. Dudorov" <nnd@nnd.itfs.nsk.su>
$ vipw
[corrupt a line in editor, exit editor]
pwd_mkdb: corrupted entry
pwd_mkdb: at line #2
pwd_mkdb:
/etc/pw.012585: Inappropriate file type or format
re-edit the password file? [y]: n^D^D
[hang]
Peter Wemm [Mon, 19 May 1997 10:04:15 +0000 (10:04 +0000)]
Now I really understand the reason for the style.9 rule about not having
visible type names in prototypes in user space headers. libutil.h
generates warnings with -Wall over the use of "const char *ttyname".
It's lucky it wasn't a #define conflict.
Is a single '_' prefix acceptable? or does it need to be two?
David Nugent [Sat, 10 May 1997 18:55:38 +0000 (18:55 +0000)]
Summary of login.conf support changes:
o Incorporated BSDI code and enhancements, better logging for error
checking (which has been shown to be a problem, and is therefore
justified, imho); also some minor things we were missing, including
better quad_t math, which checks for under/overflows.
o setusercontext() now allows user resource limit overrides, but
does this AFTER dropping root privs, to restrict the user to
droping hard limits and set soft limits within the kernel's
allowed user limits.
o umask() only set once, and only if requested.
o add _secure_path(), and use in login.conf to guard against
symlinks etc. and non-root owned or non-user owned files being
used. Derived from BSDI contributed code.
o revamped authentication code to BSDI's latest api, which
includes deleting authenticate() and adding auth_check()
and a few other functions. This is still marked as depecated
in BSDI, but is included for completeness. No other source
in the tree uses this anyway, so it is now bracketed with
#ifdef LOGIN_CAP_AUTH which is by default not defined. Only
auth_checknologin() and auth_cat() are actually used in
module login_auth.c.
o AUTH_NONE definition removed (collided with other includes
in the tree). [bde]
o BSDI's login_getclass() now accepts a char *classname
parameter rather than struct passwd *pwd. We now do likewise,
but added login_getpwclass() for (sort of) backwards
compatiblity, namely because we handle root as a special
case for the default class. This will require quite a few
changes elsewhere in the source tree.
o We no longer pretend to support rlim_t as a long type.
o Revised code formatting to be more bsd-ish style.
Brian Somers [Mon, 31 Mar 1997 22:51:00 +0000 (22:51 +0000)]
Remove the syslog stuff, and allow various return values
in uu_lock(). Add uu_lockerr() for turning the results of
uu_lock into something printable. Remove bogus section in man page
about race conditions allowing both processes to get the lock.
Include libutil.h and use uu_lock() correctly where it should.
Bill Paul [Sat, 29 Mar 1997 20:29:12 +0000 (20:29 +0000)]
Fix for PR #3141: check for NULL before strdup()ing pw->pw_class.
(I'm not sure why this happens, though I suspect it may be because
the server is configured with only passwd maps instead of both passwd
and master.passwd maps. This is allowed, but I think in this case
pw_class is left NULL, hence the problem.)
Also applied similar patch to chpass/pw_yp.c just for paranoia's sake.
Cleaned up some messages, added a check to remove a leftover popd file
from /var/mail, added a routine to delete the removed user's files
from /tmp, /var/tmp, & /var/tmp/vi.recover, and added code to kill any
running processes owned by the removed user). I've also added a flag
for non-interactive execution, cleaned up the man page, and adjusted
my address.