David Nugent [Sun, 18 Jun 2000 02:16:07 +0000 (02:16 +0000)]
Second and hopefully final fix to .db sync when renaming a user; we must run
a full reindex in this case to remove the old record. #ifdef -u capability
since this is available on FreeBSD only.
PR: bin/16418
Problem pointed out by: Masachika ISHIZUKA <ishizuka@ish.org>
David Nugent [Tue, 6 Jun 2000 07:33:00 +0000 (07:33 +0000)]
Fix db syncronization when username is changed with -l under usermod.
pw(8) was calling pwd_mkdb -u oldusername instead of newusername, so
the update appears to have failed until the next full pwd_mkdb
syncronization.
Use an MD5 checksum to test for file changes; the previous method
of using file mtimes could result in chpasss(1) erroneously
detecting that no changes were made for non-interactive edits.
Paul Richards [Thu, 9 Mar 2000 18:11:16 +0000 (18:11 +0000)]
Fix various unsigned vs signed errors that caused problems with uids
and gids bigger than 16 bits. Added checks for uids and gids that are
bigger than 32 bits.
Approved by: jkh (partly, this fix is bigger than I first intended)
Sheldon Hearn [Wed, 1 Mar 2000 14:09:25 +0000 (14:09 +0000)]
Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
Sheldon Hearn [Wed, 1 Mar 2000 12:20:22 +0000 (12:20 +0000)]
Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.
Peter Wemm [Sat, 18 Dec 1999 13:55:17 +0000 (13:55 +0000)]
Revert the libcrypt/libmd stuff back to how it was. This should not have
happened as it was working around problems elsewhere (ie: binutils/ld
not doing the right thing according to the ELF design). libcrypt has
been adjusted to not need the runtime -lmd. It's still not quite right
(ld is supposed to work damnit) but at least it doesn't impact all the
users of libcrypt in Marcel's cross-build model.
Marcel Moolenaar [Thu, 16 Dec 1999 10:55:45 +0000 (10:55 +0000)]
Add libmd (or move it after libcrypt). We don't want the linker to be
smart because it will definitely get it wrong. This popped up during
cross-linking.
Sheldon Hearn [Thu, 2 Dec 1999 16:39:15 +0000 (16:39 +0000)]
Replace the -q option to pwd_mkdb with a test for PW_SCAN_BIG_IDS in
the environment. This allows big ID warnings to be suppressed for
vipw and chpass as well.
Since the environment variable test is only performed for callers
of pw_scan() that do not set pw_big_ids_warning, the test can still
be overriden. Currently, chpass and pwd_mkdb are the only users
of pw_scan() and neither of them overrides the environment variable
test.
Eivind Eklund [Mon, 22 Nov 1999 12:42:38 +0000 (12:42 +0000)]
Allow empty UIDs if we are processing NIS records. I am not entirely
happy with how this end up and will re-visit the entire empty field
problem, but this patch solves the NIS problem for now.
Submitted by: Dan Nelson <dan@emsphone.com>
PR: 14865,14984
David Nugent [Tue, 26 Oct 1999 15:07:20 +0000 (15:07 +0000)]
Don't try updating the passwd file if no data has changed. This allows things
like "pw usermod <name> -m" to work for non-local NIS users; since no attempt
is made to update the password entry, the home directory will be created and
populated as expected without error.
David Nugent [Tue, 26 Oct 1999 08:34:09 +0000 (08:34 +0000)]
Add new functionality "lock" and "unlock" to provide a simple password
locking mechanism for users. This works by prepending the string
"*LOCKED*" to the password field in master.passwd to prevent successful
decoding.
David Nugent [Tue, 26 Oct 1999 04:27:14 +0000 (04:27 +0000)]
Clean up error handling in fileupdate(), which now returns 0 on success
instead of a boolean. This replicated through he front-end sub-functions
relating to add, delete, modify entries in passwd & group files
Errno is now preserved so output of errc()/warnc() will be less obfuscated
by subsequent errors when reporting the problem.
Add more intelligent error handling when attempting to modify/delete NIS
entries with no corresponding local database entry.
[MFC to stable in a couple of weeks to keep both in sync]
Andrew Gallatin [Wed, 20 Oct 1999 15:20:00 +0000 (15:20 +0000)]
fix a serious bug where, on alpha, due to a an int/long type mismatch,
the uid arg to use_yp() was getting clobbered by the call to my_yp_match().
This led to a problem where a NIS user could edit root's passwd information.
Warner Losh [Sun, 25 Apr 1999 22:37:58 +0000 (22:37 +0000)]
More egcs warning fixes:
o main returns int not void
o use return 0 at end of main when needed
o use braces to avoid potentially ambiguous else
o don't default to type int
o #ifdef 0 -> #if 0
Bill Paul [Mon, 1 Mar 1999 16:11:13 +0000 (16:11 +0000)]
Close PR #10264. Don't bail directly out of passwd/chpass in my_yp_match().
Instead, treat the inability to retrieve a record from the server as a
match failure and let things take its course.
Part of the problem here is that NIS _is_ turned on, however the master
server is actually not an NIS server: it's an NIS+ server. And the client
is bound to an NIS+ replica server that's running in YP compat mode.
The code which tries to figure out of the user is local or NIS gets
confused by this.
David Nugent [Tue, 23 Feb 1999 07:15:11 +0000 (07:15 +0000)]
1) Do not blindly ignore file update errors which may occur due to concurrent
updating
2) Add -V <etcdir>, which allows maintaining user/group database in alternate
locations other than /etc.
Guy Helmer [Tue, 23 Feb 1999 02:41:26 +0000 (02:41 +0000)]
Change the prompt for the office location field from "Location:"
to "Office Location:" to disambiguate what is expected. Add a note
to the man page to indicate that the office location and office phone
fields are concatenated and printed with the heading "Office:" by
finger(1). Swap the order of the home and office phone fields in the
man page to match the order of the fields in the editor.
If any programs interact with chpass(1) and expect "Location:" instead
of "Office Location:" as the prompt, either this change will have to be
reverted or the other programs will have to be changed.
Bill Fumerola [Mon, 4 Jan 1999 14:07:53 +0000 (14:07 +0000)]
-Clarification of last commit-
The char that the random letters and numbers are being pulled from is
ended with a '\0'. Using sizeof() includes this '\0' in the 'pool' of
possible characters. This patch decrements by one the size so we don't
accidently end the new password prematurly.
Bill Fumerola [Sat, 2 Jan 1999 04:37:46 +0000 (04:37 +0000)]
Let's make sure we're at the end of the password string before we apply a \0
and terminate it. This patch ensures passwords will be the correct length of 8,
which is what is implied in the source (but not reflected in the man page).
Matthew Dillon [Sun, 13 Dec 1998 02:47:00 +0000 (02:47 +0000)]
PR: docs/9045
Update chpass(1) manual page. Change the definition of the class
field and also reorganize the field list to match that of the
/etc/master.passwd file, to avoid confusion.
Matthew Dillon [Sun, 13 Dec 1998 01:36:45 +0000 (01:36 +0000)]
Handle the race condition where vipw may lock a password file which has
just been replaced. After our lock succeeds we check if st_nlink is 0
and if it is we close the descriptor and retry our open/lock sequence.
remove stdio.h include; I forgot Bruce's cardinal rule that header files
shouldn't include other ones (which, unfortunately, is also a hellish
rule since he broke interfaces like sysctl this way by requiring undocumented
header files to be included just in order to be able to use them now - SIGH!).
Add a simple mechanism for reading property lists from files (which
I'll convert sysinstall to use shortly) and a simple call which uses
this mechanism to implement an /etc/auth.conf file. I'll let Mark Murray
handle the format and checkin of the sample auth.conf file.
Reviewed by: markm
Removing -batch option from adduser. Adduser was written as
an *interactive* command for newbies. The pw(8) does now a much better
job for adding users from command line. Also, the -batch option is
not well tested, buggy and unsupported.
Peter Hawkins [Fri, 14 Aug 1998 03:18:32 +0000 (03:18 +0000)]
Submitted by: Peter Hawkins <thepish@FreeBSD.org>
Add functionality for support for more than 4 subfields within gcos. chsh,
chpass etc did not parse beyond the 4th field previously and so truncated
gcos on updating the database.
Nate Williams [Tue, 4 Aug 1998 22:31:26 +0000 (22:31 +0000)]
- On second thought, attempt to get the read-only lock, but don't
consider it a exit failure if it doesn't work. This means that root
processes can safely get the lock, but normal processes can still use
the 'pw' utility to get information (which may change out from under
them.)
Nate Williams [Tue, 4 Aug 1998 22:20:11 +0000 (22:20 +0000)]
- Removed read-only lock from 'pw'. This removes portions of the FIX
from PR/6787, but allow non-root users to use pw to get password
information. However, this should be safe since the fixes for
disallowing multiple instances from modifying the DB are still intact.
Nate Williams [Thu, 16 Jul 1998 17:18:25 +0000 (17:18 +0000)]
Fix race condition in pw caused by multiple instances of pwd_mkdb being
run at the same time.
Notes:
The fileupdate function is still somewhat broken. Instead of
returning a failure code if it can't modify the original file it
renames the .new file and continues as though nothing is wrong.
This will cause the lock on the original file to be lost and could
lead to a similar race condition. I left that portion of the code
alone since I feel that the maintainer of the code would have a
better concept of how he wants to handle errors in that function
than I do.
git.ckatri.com / pw-darwin.git / log