Modify pw_copy:
- if pw is NULL and oldpw is not NULL then the oldpw is deleted
- if pw->pw_name != oldpw->pw_name but pw->pw_uid == oldpw->pw_uid
then it renames the user
add new gr_* functions so now gr_util API is similar to pw_util API,
this allow to manipulate groups in a safe way.
Reviewed by: des
Approved by: des
MFC after: 1 month
Xin LI [Sun, 31 Jul 2011 03:00:00 +0000 (03:00 +0000)]
Backout r223115 which potentially caused a POLA violation, by restoring
historic behavior (create the default base directory in pw.conf) before
I came up with a better fix for this.
Stanislav Sedov [Thu, 12 May 2011 10:11:39 +0000 (10:11 +0000)]
- Commit work from libprocstat project. These patches add support for runtime
file and processes information retrieval from the running kernel via sysctl
in the form of new library, libprocstat. The library also supports KVM backend
for analyzing memory crash dumps. Both procstat(1) and fstat(1) utilities have
been modified to take advantage of the library (as the bonus point the fstat(1)
utility no longer need superuser privileges to operate), and the procstat(1)
utility is now able to display information from memory dumps as well.
The newly introduced fuser(1) utility also uses this library and able to operate
via sysctl and kvm backends.
The library is by no means complete (e.g. KVM backend is missing vnode name
resolution routines, and there're no manpages for the library itself) so I
plan to improve it further. I'm commiting it so it will get wider exposure
and review.
We won't be able to MFC this work as it relies on changes in HEAD, which
was introduced some time ago, that break kernel ABI. OTOH we may be able
to merge the library with KVM backend if we really need it there.
Add two new system calls, setloginclass(2) and getloginclass(2). This makes
it possible for the kernel to track login class the process is assigned to,
which is required for RCTL. This change also make setusercontext(3) call
setloginclass(2) and makes it possible to retrieve current login class using
id(1).
Jung-uk Kim [Fri, 4 Feb 2011 19:49:02 +0000 (19:49 +0000)]
Do not let pw.conf(5) or -M option affect creation of basehome, e.g., /home.
When the basehome does not exist, it creates all intermediate directories as
required, which is logically equivalent to mkdir(1) with -m and -p options.
However, it modifies all intermediate directories, not just the final home
directory unlike mkdir. This problem was introduced in two revisions, i.e.,
r1.59 (SVN r167919) and r1.60 (SVN r168044).
Joel Dahl [Sat, 11 Dec 2010 08:32:16 +0000 (08:32 +0000)]
Remove the advertising clause from UCB copyrighted files in usr.bin. This
is in accordance with the information provided at
ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change
Also add $FreeBSD$ to a few files to keep svn happy.
Simplify expand_number() by combining the (unrolled) loop with the
switch. Since expand_number() does not accept negative numbers, switch
from int64_t to uint64_t; this makes it easier to check for overflow.
Ed Maste [Tue, 4 May 2010 11:34:13 +0000 (11:34 +0000)]
Restore historical behaviour of only executing chflags on files that exist.
This eliminates cosmetic errors of the form "chflags: ...: No such file or
directory" during an installworld to an empty destination.
Marcel Moolenaar [Wed, 10 Mar 2010 02:16:04 +0000 (02:16 +0000)]
Create the altix project branch. The altix project will add support
for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting
is a two-module system, consisting of a base compute module and a
CPU expansion module. SGI's NUMAFlex architecture can be an excellent
platform to test CPU affinity and NUMA-aware features in FreeBSD.
Scott Long [Thu, 4 Mar 2010 12:35:20 +0000 (12:35 +0000)]
Let the afterinstall target ignore failures from running chflags. This
allows it to work over NFS, and puts it back into conformance with other
'schg' utlitilties in the system.
Ed Schouten [Wed, 13 Jan 2010 18:59:51 +0000 (18:59 +0000)]
Remove login(3), logout(3) and logwtmp(3) from libutil.
These functions only apply to utmp(5). They cannot be kept intact when
moving towards utmpx. The login(3) function would break, because its
argument is an utmp structure. The logout(3) and logwtmp(3) functions
cannot be used, since they provide a functionality which partially
overlaps.
Increment SHLIB_MAJOR to 9 to indicate the removal.
Ed Schouten [Sun, 6 Dec 2009 01:27:28 +0000 (01:27 +0000)]
Make pw(8) build without <utmp.h>.
The size of the username record in utmp files should not influence the
maximum username length. Right now ut_user/ut_name is big enough, so in
this case it's dead code anyway.
Ken Smith [Wed, 22 Jul 2009 20:46:17 +0000 (20:46 +0000)]
It is believed the last subsystem that limited ID sizes to something
other than the current system-wide size (32-bits) has been updated so
for now just cautiously turn the check off. While here fix the check
for IDs being too large which doesn't work due to type mis-matches.
Ed Schouten [Mon, 15 Jun 2009 21:05:00 +0000 (21:05 +0000)]
Make the chpass Makefile honour NO_FSCHG.
The chpass Makefile tried to set the fschg flag on the binaries, even if
NO_FSCHG was passed to the installworld. This meant that if I installed
FreeBSD into a Jail, I couldn't installworld from within the Jail
anymore.
Now that it listens to NO_FSCHG, we can just make it bail out when it
fails, just like PRECIOUSPROG does.
Revert (once again, and hopefully for the last time) to flock(2) locks.
The problem with fcntl(2) locks is that they are not inherited by child
processes. This breaks pidfile(3), where the common idiom is to open
and lock the PID file before daemonizing.
Ulf Lilleengen [Mon, 5 Jan 2009 15:18:16 +0000 (15:18 +0000)]
Merge support for CVSMode (aka. mirror mode) into csup. This means csup can now
fetch a complete CVS repository. Support for rsync update of regular files are
also included, but are not yet enabled. The change should not have an impact on
existing csup usage, as little of the existing code has changed.
Peter Wemm [Tue, 2 Dec 2008 06:50:26 +0000 (06:50 +0000)]
Merge user/peter/kinfo branch as of r185547 into head.
This changes struct kinfo_filedesc and kinfo_vmentry such that they are
same on both 32 and 64 bit platforms like i386/amd64 and won't require
sysctl wrapping.
Two new OIDs are assigned. The old ones are available under
COMPAT_FREEBSD7 - but it isn't that simple. The superceded interface
was never actually released on 7.x.
The other main change is to pack the data passed to userland via the
sysctl. kf_structsize and kve_structsize are reduced for the copyout.
If you have a process with 100,000+ sockets open, the unpacked records
require a 132MB+ copyout. With packing, it is "only" ~35MB. (Still
seriously unpleasant, but not quite as devastating). A similar problem
exists for the vmentry structure - have lots and lots of shared libraries
and small mmaps and its copyout gets expensive too.
My immediate problem is valgrind. It traditionally achieves this
functionality by parsing procfs output, in a packed format. Secondly, when
tracing 32 bit binaries on amd64 under valgrind, it uses a cross compiled
32 bit binary which ran directly into the differing data structures in 32
vs 64 bit mode. (valgrind uses this to track file descriptor operations
and this therefore affected every single 32 bit binary)
I've added two utility functions to libutil to unpack the structures into
a fixed record length and to make it a little more convenient to use.
Sean Farley [Sun, 23 Nov 2008 23:26:12 +0000 (23:26 +0000)]
Fixed style issues with variable ordering and naming, spacing and
parentheses.
Fixed alignment issue in gr_dup() in its assignment of gr_mem using a
struct to force alignment without performing alignment mathematics. This
was noticed recently with libutil was built with WARNS=6 on platform such
as sparc64.
Added checks to gr_dup(), gr_equal() and gr_make() to prevent segfaults
when examining struct group's with the struct members pointing to NULL's.
Remove pw_getrand() unneded now: arc4random_uniform() is stronger then
pw_getrand()'s MD5 tricks (inactive) and its active version, mixing
arc4random() bytes in one, not make things better at all.
John Baldwin [Wed, 30 Jul 2008 18:37:21 +0000 (18:37 +0000)]
The original adduser/rmuser scripts in Perl used to modify the PATH
setting. When the scripts were converted to Bourne shell, this was
removed. The adduser script was changed to use an explicit path for
the pw(8) command so that /usr/sbin did not have to be in the user's
PATH. The rmuser script continued to assume that /usr/sbin was in the
user's path, however. This fixes the rmuser script to use an explicit
path for pw(8) similar to adduser.
John Baldwin [Thu, 17 Jul 2008 13:47:59 +0000 (13:47 +0000)]
Before updating the password database, the pw(8) utility first performs a
sanity check by invoking "pwd_mkdb -C". However, if this failed it
silently returned success. Fix this so it fails the update operation
instead.
Antoine Brodin [Tue, 27 May 2008 19:04:31 +0000 (19:04 +0000)]
- Increase the size of the salt in pw(8) from 8 to 32 (same as in pam_unix(8)).
This makes blowfish password hashes look normal when set using
pw(8)/adduser(8). [1]
- Make it possible to have a '/' in the salt.
Sean Farley [Wed, 23 Apr 2008 00:49:13 +0000 (00:49 +0000)]
Add four utility functions related to struct grp processing modeled in-part
after similar calls related to struct pwd in libutil/pw_util.c:
- gr_equal()
Perform a deep comparison of two struct grp's. It does a thorough, yet
unoptimized comparison of all the members regardless of order.
- gr_make()
Create a string (see group(5)) from a struct grp.
- gr_dup()
Duplicate a struct grp. Returns a value that is a single contiguous
block of memory.
- gr_scan()
Create a struct grp from a string (as produced by gr_make()).
Sean Farley [Sat, 23 Feb 2008 01:25:22 +0000 (01:25 +0000)]
Add the groupmod '-d' option to pw to allow the deletion of existing users
from a group without the need to perform the same operation by replacing
the existing list via the '-M' option. The '-M' option requires someone
to fetch the existing members with pw, deleting the undesired members from
the list and sending the altered list back to pw.
Mike Makonnen [Sun, 27 Jan 2008 10:15:36 +0000 (10:15 +0000)]
Add the -M command-line option, which will set home directory permissions.
Works both in interactive or batch mode. This is a heavily modified version
of the patch submitted in the PR.
Implement expand_number(3), which is the opposite of humanize_number(3), ie.
a number in human-readable form is converted to int64_t, for example:
123b -> 123
10k -> 10240
16G -> 17179869184
First version submitted by: Eric Anderson <anderson@freebsd.org>
Approved by: re (bmah)