#
1351464c |
| 28-Apr-2001 |
Mark Murray <markm@FreeBSD.org> |
Dike out the Kerberos(IV) support on the grounds that better kerberos support can be already obtained via PAM.
|
Revision tags: release/4.3.0_cvs, release/4.3.0 |
|
#
5bc9d93d |
| 27-Mar-2001 |
Mark Murray <markm@FreeBSD.org> |
Add full PAM support for account management and sessions.
The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux package's PAM patches to the BSD login.c
Submitted by: "David J. Mac
Add full PAM support for account management and sessions.
The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux package's PAM patches to the BSD login.c
Submitted by: "David J. MacKenzie" <djm@web.us.uu.net>
show more ...
|
#
e292984c |
| 01-Dec-2000 |
Robert Watson <rwatson@FreeBSD.org> |
o Make comment match reality, synch code with comment. o In practice: the comment indicates that all but umask and environmental variables of the users login class are applied when su occurs, unl
o Make comment match reality, synch code with comment. o In practice: the comment indicates that all but umask and environmental variables of the users login class are applied when su occurs, unless -m is used to specify a class. This was incorrect; in practice, the uid, gids, resources, and priority were set, and then resources and priority were selectively removed. This meant that some aspects of the user context were not set, including handling of login events (wtmp, utmp), as well as the path specified in login.conf. o I changed it so that the behavior is the same, but instead, LOGIN_SETALL is used, and appropriate flags are removed, including the LOGIN_SETLOGIN and LOGIN_SETPATH entries that were implicitly not present before. I also updated the comment to reflect reality, selecting reality as the "correct" behavior. o This has the practical benefit that as new LOGIN_SET* flags are introduced, they are supported by su unless specifically disabled. For example, of a LOGIN_SETLABEL flag is introduced to support MAC labels determined by the user's login class, then su no longer has to be modified. o It might be desirable to have su use LOGIN_SETPATH depending on its command line parameters, as it might or might not be considered part of the "environment".
Obtained from: TrustedBSD Project
show more ...
|
Revision tags: release/4.2.0, release/4.1.1_cvs, release/4.1.0, release/3.5.0_cvs, release/4.0.0_cvs |
|
#
0ed9356c |
| 24-Feb-2000 |
Mark Murray <markm@FreeBSD.org> |
Use libcrypto in place of libdes.
|
Revision tags: release/3.4.0_cvs, release/3.3.0_cvs |
|
#
c3aac50f |
| 28-Aug-1999 |
Peter Wemm <peter@FreeBSD.org> |
$Id$ -> $FreeBSD$
|
#
7312edce |
| 13-Aug-1999 |
Sheldon Hearn <sheldonh@FreeBSD.org> |
Axe LOGIN_CAP_AUTH.
PR: 10115 Reported by: Gene Skonicki <gene@cif.rochester.edu> Requested by: jdp
|
#
95103bc0 |
| 02-Jul-1999 |
Bruce Evans <bde@FreeBSD.org> |
Actually fixed ambiguous else. The previous revision had no effect.
|
#
f32e012b |
| 01-Jul-1999 |
Bill Fumerola <billf@FreeBSD.org> |
Fix ambigious else.
Reviewed By: eivind
|
Revision tags: release/3.2.0, release/3.1.0, release/3.0.0, release/2.2.8 |
|
#
98eb1c31 |
| 09-Oct-1998 |
Mark Murray <markm@FreeBSD.org> |
Add JKH's auth.conf parser to turn on/off Kerberos in userland
|
#
d6bc2e88 |
| 21-Sep-1998 |
Ollivier Robert <roberto@FreeBSD.org> |
Fix bad option processing.
PR: bin/7986 Submitted by: Dan Nelson <dnelson@emsphone.com>
|
Revision tags: release/2.2.7 |
|
#
c6a24f86 |
| 26-May-1998 |
Daniel O'Callaghan <danny@FreeBSD.org> |
PR: 1904 Abort if given uname is > MAXLOGNAME-1
|
#
37253803 |
| 25-May-1998 |
Steve Price <steve@FreeBSD.org> |
Allow a user in group 0 to su(1) to root if their primary group is 0 in /etc/passwd even if they aren't listed as a member in /etc/group. This is more inline with what the group manpage says.
PR:
Allow a user in group 0 to su(1) to root if their primary group is 0 in /etc/passwd even if they aren't listed as a member in /etc/group. This is more inline with what the group manpage says.
PR: 6696 Submitted by: Max Euston <meuston@jmrodgers.com>
show more ...
|
Revision tags: release/2.2.6 |
|
#
098eef7a |
| 28-Oct-1997 |
Guido van Rooij <guido@FreeBSD.org> |
I wonder how I managed to get the krb.h include wrong. Anyway: correct it.
|
#
7a853dff |
| 27-Oct-1997 |
Guido van Rooij <guido@FreeBSD.org> |
Add -c option that allows root to specify a login_class.
|
Revision tags: release/2.2.5_cvs |
|
#
301afdb8 |
| 28-Sep-1997 |
Mark Murray <markm@FreeBSD.org> |
Changes for KTH KerberosIV. Quieten -Wall a bit.
From Joe Traister: The previous patch did not propogate the KRBTKFILE environment variable into the new environment when -l is given to su, making
Changes for KTH KerberosIV. Quieten -Wall a bit.
From Joe Traister: The previous patch did not propogate the KRBTKFILE environment variable into the new environment when -l is given to su, making it impossible for kdestroy to find the ticket file. This patch corrects that problem as well as the original segfault problem. (Fixes PR 3903)
show more ...
|
#
84c2e301 |
| 23-Aug-1997 |
Joerg Wunsch <joerg@FreeBSD.org> |
Prevent a NULL dereferencation when given a garbage command line.
PR: bin/3206 Submitted by: blank@fox.uni-trier.de
|
#
7be91299 |
| 12-Aug-1997 |
Philippe Charnier <charnier@FreeBSD.org> |
Add usage().
|
Revision tags: release/2.2.2_cvs |
|
#
5d0bfe39 |
| 10-May-1997 |
David Nugent <davidn@FreeBSD.org> |
login_getclass() -> login_getpwclass().
|
#
1c8af878 |
| 29-Mar-1997 |
Warner Losh <imp@FreeBSD.org> |
compare return value from getopt against -1 rather than EOF, per the final posix standard on the topic.
|
Revision tags: release/2.2.1_cvs, release/2.2.0, release/2.1.7_cvs |
|
#
e8694bc2 |
| 24-Feb-1997 |
Guido van Rooij <guido@FreeBSD.org> |
When group wheel is empty, allow everyone to su to root. This has normally no conseqeunces as we ship with a non-empty wheel.
Closes PR/1882 Submitted by: Arne Henrik Juul <arnej@frida.imf.unit.no>
|
Revision tags: release/2.1.6_cvs, release/2.1.6.1 |
|
#
a564e855 |
| 14-Jan-1997 |
David Nugent <davidn@FreeBSD.org> |
Fix problem with mask passwd to setusercontext() which prevented uid/group change with non-root target.
|
#
1130b656 |
| 14-Jan-1997 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so
Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
show more ...
|
#
91bcac64 |
| 13-Jan-1997 |
David Nugent <davidn@FreeBSD.org> |
Make su login_cap savvy. As with login(1), LOGIN_CAP_AUTH is not yet enabled since we don't yet have authorisation modules.
|
#
40a8a5cf |
| 07-Oct-1996 |
Joerg Wunsch <joerg@FreeBSD.org> |
Export $TERM only if it has been set in our environment.
Detected by: Amancio Hasty
|
Revision tags: release/2.1.5_cvs |
|
#
1a98a0fb |
| 11-Mar-1996 |
Mark Murray <markm@FreeBSD.org> |
Make su a little less fascist about using Kerberos if it is not configured or available.
Also fix a _nasty_ bug that would let one in if su -K was used. Any old password would work :-( :-(.
|