Remove hardcoded constant in favour of login.conf value.

PR: 6529
Submitted by: Dan Lukes <dan@obluda.cz>

Backed out rev.1.31. It was a workaround for bugs in rev.1.4 of
libc/gen/getpass.c. The old behaviour of blocking SIGINT and not
changing SIGQUIT was restored in rev.1.5 of getpass.c. The change
h

Backed out rev.1.31. It was a workaround for bugs in rev.1.4 of
libc/gen/getpass.c. The old behaviour of blocking SIGINT and not
changing SIGQUIT was restored in rev.1.5 of getpass.c. The change
here completely restores the old behaviour of not supporting killing
login with keyboard signals (only) at the password prompt. There
is no reason to support this, since login can be exited normally
by typing a couple of ^D's. Login certainly shouldn't dump core
in response to user input. Previously, SIGQUIT killed login
immediately but SIGINT killed it only after the password was
entered.

PR: 7444

show more ...

Fix a couple of little bugs that prevented login.c from compiling
if LOGIN_CAP_AUTH was defined. This is kind of silly, because
LOGIN_CAP_AUTH doesn't work anyway, is not defined currently,
probably

Fix a couple of little bugs that prevented login.c from compiling
if LOGIN_CAP_AUTH was defined. This is kind of silly, because
LOGIN_CAP_AUTH doesn't work anyway, is not defined currently,
probably will never be defined, and IMHO should not be defined.
But I'm sure you'll sleep better tonight, knowing that these bugs
are gone.

show more ...

Trim a domain part for wtmp as same as showed by "netstat -r".
Here is a some example for avoiding a confusion.

It asssumes a logged host domain is "spec.co.jp". All
example is longer than UT_HOSTN

Trim a domain part for wtmp as same as showed by "netstat -r".
Here is a some example for avoiding a confusion.

It asssumes a logged host domain is "spec.co.jp". All
example is longer than UT_HOSTNAMELEN value.

1) turbo.tama.spec.co.jp: 192.19.0.2 -> trubo.tama
2) turbo.tama.foo.co.jp : 192.19.0.2 -> 192.19.0.2
3) specgw.spec.co.jp : 202.32.13.1 -> specgw

Submitted by: Atsushi Murai <amurai@spec.co.jp>

show more ...

*blush*, typo during last minute editing..

Change euid while reading the user's .login_cap file in case the homedir
is on a NFS partion without root read access. Also, flip euid again for
the duration of the chdir() to the homedir for the sa

Change euid while reading the user's .login_cap file in case the homedir
is on a NFS partion without root read access. Also, flip euid again for
the duration of the chdir() to the homedir for the same reason.

PR: 5145
Submitted by: Joel.Faedi@esial.u-nancy.fr
Also tested by: A Joseph Koshy <koshy@india.hp.com>

show more ...

Fix very rare but dangerous bug:
for some DES passwords
crypt(real_password, salt)
is equal to
crypt("", salt);
It means that this user (and not only he) can login without
entering password at all,

Fix very rare but dangerous bug:
for some DES passwords
crypt(real_password, salt)
is equal to
crypt("", salt);
It means that this user (and not only he) can login without
entering password at all, just pressing Return.
So if empty password entered and crypted password is not empty,
invalidate any crypt result by assigning ":"

show more ...

Reset SGINT and SIGQUIT handling to default when asking for passwords.
Otherwise, when pressing the INT ke at the password prompt, the password
will be displayed. Now login will be killed.

Probably

Reset SGINT and SIGQUIT handling to default when asking for passwords.
Otherwise, when pressing the INT ke at the password prompt, the password
will be displayed. Now login will be killed.

Probably the same will have to be done for the LOGIN_CAP_AUTH case.
I have not done that.
Reviewed by: Joerg Wunsch

show more ...

Fix a fatal typo.

PR: bin/4801
Submitted by: mishania@demos.su (Mikhail A. Sokolov)

Changes for KTH KerberosIV.
Also quieten -Wall a bit.

= -> ==, strcpy -> strncpy from OpenBSD.
update man page. Add usage().
Obtained from: OpenBSD

Restore backwards compatible default behavior for requirehome

login_getclass() -> login_getpwclass().
auth_rmfiles() was being called in error without LOGIN_CAP_AUTH defined.

Use isdialuptty() rather than hard-coded heuristic.

Submitted by: Sergei Chechetkin <csl@whale.sunbay.crimea.ua>

Fix incorrect bracket nesting. Closes PR#3144.

compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.

Fix for logic in no-password accounts.

Don't bypass password prompt for root logins on insecure tty if
the root password is empty.

strdup() value of term to correctly preserve contents.
Rearrange validation logic so that it works correctly when
compiled with kerberos support. Closes PR#3056.

Submitted by: Paul Traina <root@shockwave.com> (partially)

Cleanup of #ifdef's for LOGIN_CAP.

Fixed bug in empty shell (closes PR#2550).

Refused root logins now displays standard "Login inco

Submitted by: Paul Traina <root@shockwave.com> (partially)

Cleanup of #ifdef's for LOGIN_CAP.

Fixed bug in empty shell (closes PR#2550).

Refused root logins now displays standard "Login incorrect" and
exhibits identical backoff behaviour to a failed login.

Cleaned up logging of refused logins.

Use #defines for login retries and backoff. Also implemented
definable variables if LOGIN_CAP is defined, with
"login-retries" and "login-backoff" as capabilities
in the default class (closes PR#2805).

TERM from previous environment is no longer truncated.

show more ...

Include copyright message from <sys/copyright.h>

Back out "shell" / pw_shell change, I was confused by the same
variable name (with different functionality)

Fix few bogons with pw_shell / shell variables values mismatch
introduced by LOGIN_CAP

Don't dereference NULL pwd on non-existant username (I wonder how long
THAT has been in here!).

Fix handling of empty shell field in passwd file (use /bin/sh); problem
was caused by introduction of login classes. Closes PR bin/2550.
Added references to login.conf to manpage, crossreference to l

Fix handling of empty shell field in passwd file (use /bin/sh); problem
was caused by introduction of login classes. Closes PR bin/2550.
Added references to login.conf to manpage, crossreference to login.conf(5).

show more ...