Revision tags: release/2.2.2_cvs, release/2.2.1_cvs, release/2.2.0, release/2.1.7_cvs |
|
#
bac06c08 |
| 26-Feb-1997 |
Mike Pritchard <mpp@FreeBSD.org> |
If an administrator somehow manages to break the hardlinks on chpass & passwd and turn the links into individual files with the schg flag set, make install will fail to install all of the proper link
If an administrator somehow manages to break the hardlinks on chpass & passwd and turn the links into individual files with the schg flag set, make install will fail to install all of the proper links.
Fixed by removing the schg flag on all of the links before installing.
Closes PR# 2040.
Submitted by: Ph. Charnier <charnier@xp11.frmug.org>
show more ...
|
#
c115df18 |
| 22-Feb-1997 |
Peter Wemm <peter@FreeBSD.org> |
Revert $FreeBSD$ to $Id$
|
#
720cdec3 |
| 10-Feb-1997 |
David Nugent <davidn@FreeBSD.org> |
Adds login class support for local & nis passwords: - minpasswordlen=n override minimum password length for class. - passwordperiod=n[smhdwy] auto-set next password change date.
|
Revision tags: release/2.1.6_cvs, release/2.1.6.1 |
|
#
1130b656 |
| 14-Jan-1997 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so
Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
show more ...
|
#
2b5209ac |
| 03-Nov-1996 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
I haven't had a single contraversial commit all week, so what the heck. Watch through our hidden camera, ladies and gentlemen, as this one-line addition to the syslog output generates hundreds of th
I haven't had a single contraversial commit all week, so what the heck. Watch through our hidden camera, ladies and gentlemen, as this one-line addition to the syslog output generates hundreds of thousands of lines of email in response, all from people decrying the evils of electronic noise pollution! :-)
What this change does, simply speaking, is syslog it every time someone changes their local password. I need this at a local ISP to tell whether people are reacting to expires in a timely fashion or not. To disable it, uncomment -DLOGGING in the Makefile.
If your users change their passwords so often as to fill your logfile, then you may also have another administrative problem to deal with.
show more ...
|
Revision tags: release/2.1.5_cvs |
|
#
c2dfe9fe |
| 23-Feb-1996 |
Bill Paul <wpaul@FreeBSD.org> |
Merge in changes to support the new rpc.yppasswdd(8) and fix a few bugs.
In passwd(1):
- Gut most of yp_passwd.c and leave only a few things that aren't common to pw_yp.c.
- Add support for -d a
Merge in changes to support the new rpc.yppasswdd(8) and fix a few bugs.
In passwd(1):
- Gut most of yp_passwd.c and leave only a few things that aren't common to pw_yp.c.
- Add support for -d and -h flags to select domains and NIS server hosts to use when updating NIS passwords. This allows passwd(1) to be used for changing NIS passwords from machines that aren't configured as NIS clients. (This is mostly to allow passwd(1) to work on NIS master servers that aren't configured as clients -- an NIS server need not necessarily be configured as a client itself.)
NOTE: Realize that having the ability to specify a domain and hostname lets you use passwd(1) (and chpass(1) too) to submit update requests to yppasswd daemons running on remote servers in remote domains which you may not even be bound to. For example, my machine at home is not an NIS client of the servers on the network that I manage, yet I can easily change my password at work using my FreeBSD box at home by doing: 'passwd -d work.net.domain -h any.nis.server.on.my.net wpaul'. (Yes, I do use securenets at work; temporarily modified my securenets file to give my home system access.) Some people may not be too thrilled with this idea. Those who don't like this feature can recompile passwd(1) and chpass(1) with -DPARANOID to restrict the use of these flags to the superuser.
(Oh, I should be adding proper securenets support to ypserv(8) and rpc.yppasswdd(8) over the weekend.)
- Merge in changes to allow root on the NIS master server to bypass authentication and change any user's NIS password. (The super-user on the NIS master already has privileges to do this, but doing it through passwd(1) is much easier than updating the maps by hand.) Note that passwd(1) communicates with rpc.yppasswdd(8) via a UNIX domain socket instead of via standard RPC/IP in this case.
- Update man page.
In chpass(1):
- Fix pw_yp.c to work properly in environments where NIS client services aren't available.
- Use realloc() instead of malloc() in copy_yp_pass() and copy_local_pass().
- Fix silly bug in copy_yp_pass(); some of the members of the passwd structure weren't being filled in correctly. (This went unnoticed for a while since the old yppasswdd didn't allow changes to the fields that were being botched.)
- chpass(1) now also allows the superuser on the NIS master server to make unrestricted changes to any user's NIS password information.
- Use UNIX domain comm channel to rpc.yppasswdd(8) when run by the superuser on the NIS master. This allows several new things:
o superuser can update an entire master.passwd.{byname,byuid} entry o superuser can update records in arbitrary domains using -d flag to select a domain (before you could only change the default domain) o superuser can _add_ records to the NIS master.passwd maps, provided rpc.yppasswdd(8) has been started with the -a flag (to do this, the superuser must force NIS operation by specifying the -y flag to chpass(1) along with -a, i.e. 'chpass -y -a 'foo:::::::::')
- Back out the 'chpass -a <new password entry> breaks with NIS' fix from the last revision and fix it properly this time. The previous revision fixed the immediate problem but broke NIS operation in some cases.
- In edit.c, be a little more reasonable about deciding when to prevent the shell field from being changed.
Submitted by Charles Owens <owensc@enc.edu>, who said:
"I made a minor (one-line) modification to chpass, with regards to whether or not it allows the changing of shells. In the 2.0.5 code, field changing follows the settings specified in the "list" structure defined in table.c . For the shell, though, this is ignored. A quick look in edit.c showed me why, but I don't understand why it was written as such. The logic was
if shell is standard shell, allow changing
I changed it to
if shell changing is allowed (per table.c) and it is a standard shell OR if uid=0, then allow changing."
Makes sense to me.
- Update man page.
show more ...
|
Revision tags: release/2.1.0_cvs |
|
#
5601df6e |
| 14-Sep-1995 |
Justin T. Gibbs <gibbs@FreeBSD.org> |
Point passwd to the new locations of kpasswd.c and kadm.h.
|
#
492412e2 |
| 03-Sep-1995 |
Mark Murray <markm@FreeBSD.org> |
Add pw_yp.c to SRCS. This is code that was moved to chpass, but passwd still needs it to build.
|
#
c5557383 |
| 17-Aug-1995 |
Bruce Evans <bde@FreeBSD.org> |
Remove bogus ${DESTDIR}s from LINKS.
Keep DPADD up to date with LDADD.
bsd.prog.mk's install rule can't handle schg'ed links, so ugly beforeinstall and afterinstall rules are required.
|
#
a3ce11a2 |
| 13-Aug-1995 |
Bill Paul <wpaul@FreeBSD.org> |
Remove the ypchfn/ypchsh stuff from passwd and leave just the yppasswd support. The rest is moving into chpass.
|
#
d3628763 |
| 11-Jun-1995 |
Rodney W. Grimes <rgrimes@FreeBSD.org> |
Merge RELENG_2_0_5 into HEAD
|
Revision tags: release/2.0.5_cvs |
|
#
8ae04943 |
| 01-Apr-1995 |
Bill Paul <wpaul@FreeBSD.org> |
Remove references to yppasswd_xdr.c: the stuff in this file already exists in librpcsvc. Add -lrpcsvc to LDADD instead.
|
#
36d9739b |
| 14-Feb-1995 |
Rodney W. Grimes <rgrimes@FreeBSD.org> |
Remove usage of LINKS and LN_FLAGS=-s, this does not do the correct thing for symbolic links when $DESTDIR is set.
Add afterinstall: target to handle symbolic link creation.
|
#
01ed1859 |
| 14-Feb-1995 |
Bill Paul <wpaul@FreeBSD.org> |
Changed passwd's Makefile to use the built-in LINKS mechanism to create the symlinks for yppasswd & friends (we still can't use hard links because passwd is installed immutable). This would have been
Changed passwd's Makefile to use the built-in LINKS mechanism to create the symlinks for yppasswd & friends (we still can't use hard links because passwd is installed immutable). This would have been simpler if the LN_FLAGS variable hadn't chosen to wait until now before leaping out of the /usr/share/mk directory and biting me in the ass. (And thus, I was enlightened.)
show more ...
|
#
279c4961 |
| 11-Feb-1995 |
Andrey A. Chernov <ache@FreeBSD.org> |
Merge with eBones stuff Submitted by: mark@grondar.za
|
#
87a89668 |
| 02-Feb-1995 |
Bill Paul <wpaul@FreeBSD.org> |
Cleaned up Makefile a little, added man page links from ypchsh.1 ypchfn.1 and ypchpass.1 to yppasswd.1. Also fixed a typo: ypshfn != ypchfn.
|
#
7506dfc1 |
| 01-Feb-1995 |
Bill Paul <wpaul@FreeBSD.org> |
Changed passwd/yppasswd's Makefile to create all symbolic links instead of hard links: since passwd is installed immutable, an attempt to make a hard link to it during a 'make install' would fail. I
Changed passwd/yppasswd's Makefile to create all symbolic links instead of hard links: since passwd is installed immutable, an attempt to make a hard link to it during a 'make install' would fail. I didn't notice this conflict because my /usr directory is an NFS filesystem mounted from a SunOS server, so the special file mode flags had no effecti when I tested everything on my machine. Live and learn.
show more ...
|
#
9e32e233 |
| 31-Jan-1995 |
Bill Paul <wpaul@FreeBSD.org> |
Obtained from: The NYS project This is the first round of changes to incorporate YP server functionality into FreeBSD. This particular change allows passwd to change either the local or NIS password,
Obtained from: The NYS project This is the first round of changes to incorporate YP server functionality into FreeBSD. This particular change allows passwd to change either the local or NIS password, as well as the NIS GECOS and shell information.
Essentially, I've taken passwd(1) and yppasswd from the yppasswd-0.5 distribution (which is part of the NYS project -- a project to provide a GNU GPL'ed suite of NIS tools) and rammed them into each other at high speed. I've tried my best to make this co-exist with the Kerberos stuff, but since I don't run Kerberos I don't have an easy way to verify that it all works. If you choose any Kerberos flags then the YP checks should be bypassed, but that may not be enough. I'll modify it some more if it turns out I broke something. For now, support for localand NIS passwords is pretty solid:
- If you simply type 'passwd,' the program checks to see if you exist in the local pwd.db database. If not, you get bounced to YP.
- If you try to force local functionality with the -l flag and you don't exist locally, you get an error.
The -y flag can be used to force YP functionality. -f and -s let you change your full name and shell (respectively). -f *and* -s let you change all of your 'account information.'
ypchfn, ypchsh, yppasswd and ypchpass are all links to passwd.
show more ...
|
#
0cd34073 |
| 19-Jan-1995 |
Garrett Wollman <wollman@FreeBSD.org> |
Kill old Kerberos password-changing support:
1) It was export-controlled. 2) It used some ad-hoc protocol invented by Berkeley in ignorance of the standard MIT distribution's way of doing it (whi
Kill old Kerberos password-changing support:
1) It was export-controlled. 2) It used some ad-hoc protocol invented by Berkeley in ignorance of the standard MIT distribution's way of doing it (which makes it useless to most people).
This should be fixed once we have `kadmin'/`kadmind'.
show more ...
|
Revision tags: release/2.0 |
|
#
a38c3127 |
| 21-Nov-1994 |
Garrett Wollman <wollman@FreeBSD.org> |
Add distribution=krb for P-HK
|
#
c368d11d |
| 29-Sep-1994 |
Geoff Rehmet <csgr@FreeBSD.org> |
First level of changes for bringing in eBones (kerberos). - Get rid of inverse logic (NOKERBEROS and NOEBONES) in src/makefile, and replace with MAKE_KERBEROS and MAKE_EBONES. (Far fewer contortions
First level of changes for bringing in eBones (kerberos). - Get rid of inverse logic (NOKERBEROS and NOEBONES) in src/makefile, and replace with MAKE_KERBEROS and MAKE_EBONES. (Far fewer contortions, and both default to off.) IF YOU WANT KERBEROS, YOU HAVE TO EXPLICITLY DEFINE ONE OF THESE. - Make Makefiles kerberos-aware.
show more ...
|
#
4714bb15 |
| 20-Aug-1994 |
Geoff Rehmet <csgr@FreeBSD.org> |
LDADD= -lcrypt Submitted by: Geoff
|
#
580f1067 |
| 05-Aug-1994 |
Garrett Wollman <wollman@FreeBSD.org> |
Don't use Kerberos yet, we aren't ready for it.
|
Revision tags: release/1.1.5.1_cvs |
|
#
9b50d902 |
| 27-May-1994 |
Rodney W. Grimes <rgrimes@FreeBSD.org> |
BSD 4.4 Lite Usr.bin Sources
|