| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
This reverts commit 1e1aee7e233eafe21d94d3cfb9dce0d846f79b90.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Approved by: blackend (mentor)
|
| |
|
| |
|
|
|
|
| |
that git-filter-repo dislikes for some reason [_secure_path.c and login_cap.h])
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This function returns the path to the local software base directory, by
default "/usr/local" (or the value of _PATH_LOCALBASE in include/paths.h
when building the world).
The value returned can be overridden by 2 methods:
- the LOCALBASE environment variable (ignored by SUID programs)
- else a non-default user.localbase sysctl value
Reviewed by: hps (earlier version)
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D27236
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's have two entries in the synopsis:
- chpass now lists options which can be used for non-NIS-specific
functionalities.
- ypchpass additionally lists the NIS-specific flags.
Technically, it is an artificial distinction, as chpass and ypchpass behave
identically. Nevertheless, it might help navigating the synopsis section.
Reviewed by: imp
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D27251
|
|
|
|
| |
MFC after: 2 weeks
|
|
|
|
|
|
|
|
| |
- Sort options alphabetically
- Add missing arguments (e.g., "list" to -a)
- Adjust the width of Bl
MFC after: 1 week
|
|
|
|
|
|
|
|
| |
The synopsis section had two very similar entries. The flags documented by
the first one were a strict subset of the second one. Let's just keep only
the second entry for simplicity.
MFC after: 1 week
|
|
|
|
| |
hashed out.
|
|
|
|
|
|
| |
escaped prior testing, but it should be better now.
Reported by: lots
|
|
|
|
|
|
|
|
| |
unify the retrieval of the various ways that the local software base directory,
typically "/usr/local", is expressed in the system.
Reviewed by: se
Differential Revision: https://reviews.freebsd.org/D27022
|
|
|
|
|
|
|
| |
Reported by: Coverity
MFC after: 1 week
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
|
|
|
|
|
|
|
| |
Reported by: Coverity
MFC after: 1 week
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
|
|
|
|
|
|
|
|
|
|
|
| |
The caller-supplied pointer is unconditionally dereferenced at the
beginning of the function, so there is no point in comparing it with
NULL thereafter.
Reported by: Coverity
MFC after: 1 week
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
|
|
|
|
|
|
|
| |
Reported by: Coverity
MFC after: 1 week
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
|
|
|
|
|
|
|
|
|
|
|
| |
My change to allow bootstrapping pwd_mkdb (r363992) resulted in i386 build
failures because the bootstrap header was being included in non-bootstrap chpass.
Dropping the no longer required pwd_mkdb include path from chpass fixes
the build, but to be certain that the failure doesn't get re-introduced,
I've also moved the bootstrap pwd.h into a subdirectory so that adding
-I${SRCTOP}/usr.sbin/pwd_mkdb doesn't pull it in.
Reported by: mjg
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unable to find an editor, vipw would give this error:
# env EDITOR=fnord vipw
vipw: pw_edit(): No such file or directory
vigr or crontab do better:
# env EDITOR=fnord crontab -e
crontab: no crontab for root - using an empty one
crontab: fnord: No such file or directory
crontab: "fnord" exited with status 1
After this change, vipw behaves more like vigr or crontab:
# env EDITOR=fnord vipw
vipw: fnord: No such file or directory
vipw: "fnord" exited with status 1
Reviewed by: rpokala, emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D25369
|
|
|
|
| |
Each of the err() family of functions already takes care of that.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Notably, the default IFS contains space/tab, thus any leading/trailing
whitespace characters tend to be removed.
Set IFS= for just the read lines to mitigate this, allowing the user to be
less surprised when their leading/trailing spaces weren't actually captured
in the password as they are with other means of setting a user's password.
PR: 245342
Submitted by: dereks_lifeofadishwasher.com
Reviewed by: jilles
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D24292
|
|
|
|
|
|
|
|
|
|
|
|
| |
When deleting a user, if its home directory does not belong to it, it should
not be removed. This is the promise that the manpage makes, the tool should
ensure that it respects that promise.
Add a regression test about it
PR: 244967
Submitted by: Eric Hanneken <eric@erichanneken.com>
MFC after: 3 days
|
|
|
|
|
| |
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of using pw to modify group membership, users often edit
/etc/group by hand, which is discouraged. Provide an example of
adding a user to the wheel group, which is a common use case.
I'm using a different user here as in the previous example as that
deleted the user (although the examples don't necessarily have to
be followed in order).
Reviewed by: rgrimes,0mp
Approved by: 0mp
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D19123
|
|
|
|
|
|
|
|
|
| |
cases for `pw useradd -D -w`.
PR: 231649
Reviewed by: eugen
Approved by: kib (mentor)
Differential Revision: https://reviews.freebsd.org/D17299
|
|
|
|
|
|
|
|
|
|
|
| |
it. Drop the now unused _PATH_PW_CONF definition. [1]
While here, change the last remaining hardcoded "/etc" to _PATH_PWD.
Noted by: glebius [1]
Reviewed by: eugen
Approved by: re (gjb), kib (mentor)
Differential Revision: https://reviews.freebsd.org/D17575
|
|
|
|
|
|
|
|
|
|
|
| |
explicitly specified. -V path is already used to determine which file
to read default values from, so it's only logical to write them to the
same file.
PR: 231653
Reviewed by: eugen, bapt
Approved by: re (gjb), kib (mentor)
Differential Revision: https://reviews.freebsd.org/D17566
|
|
|
|
|
|
|
| |
It was also leading to segfaults; pw can be NULL when control reaches these
lines now, because of the way my previous change restructured the loops.
Reported by: lwhsu@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pw_scan(3) has been fixed in a way that doesn't perturb other callers of
it or the getpwnam(3) family.
Make pw(8) showuser work the same with or without -R <path> for non-root
users. Without -R, pw(8) uses getpwnam(3), which will open master.passwd
for the root user or passwd for non-root users. With -R <path> pw(8) was
always opening <path>/master.passwd, which would fail for a non-root user,
then falsely claim the userid you're trying to show doesn't exist.
Now for a non-root user it opens <path>/passwd, and populates the fields in
the returned struct passwd which aren't present in that file with well-known
canonical values, which duplicates the behavior of getpwnam(3). The net
effect is that the showuser output is identical whether using -R or not.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
data from /etc/passwd rather than /etc/master.passwd.
The libc getpwent(3) and related functions automatically read master.passwd
when run by root, or passwd when run by a non-root user. When run by non-
root, getpwent() copes with the missing data by setting the corresponding
fields in the passwd struct to known values (zeroes for numbers, or a
pointer to an empty string for literals). When libutil's pw_scan(3) was
used to parse a line without the root-accessible data, it was leaving
garbage in the corresponding fields.
These changes rename the static pw_init() function used by getpwent() and
friends to __pw_initpwd(), and move it into pw_scan.c so that common init
code can be shared between libc and libutil. pw_scan(3) now calls
__pw_initpwd() before __pw_scan(), just like the getpwent() family does, so
that reading an arbitrary passwd file in either format and parsing it with
pw_scan(3) returns the same results as getpwent(3) would.
This also adds a new pw_initpwd(3) function to libutil, so that code which
creates passwd structs from scratch in some manner that doesn't involve
pw_scan() can initialize the struct to the values expected by lots of
existing code, which doesn't expect to encounter NULL pointers or garbage
values in some fields.
|
|
|
|
| |
things which use pw_scan().
|
|
|
|
|
|
| |
reportedly fails the kyua tests and causes other real-world problems.
Reported by: cy@ asomers@
|
|
|
|
|
|
|
|
|
|
|
|
| |
users. Without -R, pw(8) uses getpwnam(3), which will open master.passwd
for the root user or passwd for non-root users. With -R <path> pw(8) was
always opening <path>/master.passwd, which would fail for a non-root user,
then falsely claim the userid you're trying to show doesn't exist.
Now for a non-root user it opens <path>/passwd and zeroes out the 3 fields
that aren't available in the passwd file, which duplicates the behavior of
getpwnam(3). The net effect is that the showuser output is identical
whether using -R or not.
|
|
|
|
|
| |
This avoids a null pointer deref in pw_dup(), which assumes that all
pointers are either NULL or valid.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Move CSRG IDs into __SCCSID().
- When a file has been copied, consistently use 'From: <tag>' for strings
referencing the version of the source file copied from in the license
block comment.
- Some of the 'From:' tags were using $FreeBSD$ that was being expanded on
each checkout. Fix those to hardcode the FreeBSD tag from the file that
was copied at the time of the copy.
- When multiple strings are present list them in "chronological" order,
so CSRG (__SCCSID) before FreeBSD (__FBSDID). If a file came from
OtherBSD and contains a CSRG ID from the OtherBSD file, use the order
CSRG -> OtherBSD -> FreeBSD.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D15831
|
|
|
|
|
|
| |
- Define NO__SCCSID in CFLAGS to preserve existing behavior of omitting
SCCS IDs by default.
- While here, fix the $FreeBSD$ in pw_util.c to use __FBSDID.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The pwd.db and spwd.db files store the change and expire dates as
unsigned 32-bit ints, which overflow in 2106. Reject larger values for
now, until the introduction of a v5 password database.
i386 has 32-bit time_t and so dates beyond y2038 are already rejected by
mktime.
PR: 227589
Reviewed by: lidl
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Two PRs (152084 & 210187) request allowing the "@" and/or "!"
characters in the passwd file GECOS field. The man page for pw does
not mention that those characters are disallowed, Linux supports those
characters in this field, and the "@" character in particular would be
useful for storing email addresses in that field.
PR: 152084, 210187
Submitted by: jschauma@netmeister.org, Dave Cottlehuber <dch@freebsd.org>
Reported by: jschauma@netmeister.org, Dave Cottlehuber <dch@freebsd.org>
Reviewed by: delphij (secteam), vangyzen
MFC after: 1 week
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D14519
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix it and rename misnamed time_t variables `expire_days, password_days'
(always holding absolute time) to `expire_time, password_time'.
Add a comment for a case of overloading `cmdcnf->password_days'
and `cmdcnf->expire_days' with absolute time.
Reported by: markj
Approved by: mav (mentor)
MFC after: 1 week
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to preconfigured values for -e, -p and -w flags.
Use non-negative symbols instead of magic values
in passwd_val/pw_password functions.
PR: 223431
Submitted by: Yuri Pankov (in part, patch for the manual)
Reported by: mav (mentor)
MFC after: 3 days
Relnotes: yes
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
No functional change intended.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using mis-identified many licenses so this was mostly a manual - error
prone - task.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mainly focus on files that use BSD 3-Clause license.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
|