- Copy stable/10 (r259064) to releng/10.0 as part of the
10.0-RELEASE cycle.
- Update __FreeBSD_version [1]
- Set branch name to -RC1

[1] 10.0-CURRENT __FreeBSD_version value ended at '55', so
start releng/10.0 at '100' so the branch is started with
a value ending in zero.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

Copy head (r256279) to stable/10 as part of the 10.0-RELEASE cycle.

Approved by: re (implicit)
Sponsored by: The FreeBSD Foundation

None of these programs actually use auth.conf.

MFC after: 1 week

Remove unnecessary cast

Spelling fixes for usr.bin/

Call pam_setcred() before login_getpwclass to support home directories
on GSS-API authenticated NFS where the kerberos credentials need to be
saved so that the kernel can authenticate to the NFS server.

Remove the advertising clause from UCB copyrighted files in usr.bin. This
is in accordance with the information provided at
ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change

Also add $FreeBSD$ to a few files to keep svn happy.

Discussed with: imp, rwatson

Get rid of hand-rolled closefrom(3).

Remove copyright strings printed at login time via login(1) or sshd(8).
It is not clear to what this copyright should apply, and this is in line
with what other operating systems do.

For ssh specifically, printing of the copyright string is not in the
upstream version so this reduces our FreeBSD-local diffs.

Approved by: core, des (ssh)

Build usr.bin/ with WARNS=6 by default.

Also add some missing $FreeBSD$ to keep svn happy.

ANSIfy various tools in usr.bin/.

Most of these tools properly build at WARNS=6, except for their K&R
function declarations. Fix this, so we can bump WARNS as well.

Revert most part of 200420 as requested, as more review and polish is
needed.

Remove unneeded header includes from usr.bin/ except contributed code.

Tested with: make universe

Pass int arguments to auditon(2)'s A_GETCOND API rather than long
arguments. This change should be MFC'd with OpenBSM 1.1 since they
are interdependent.

MFC after: 2 weeks
Obtained from: TrustedBSD Project
Sponsored by: Apple, Inc.

Don't strip TTY device name to the last '/'.

We've seen this bug in other applications before: we have some
applications that use strrchr(tty, '/') on the TTY device name. This
isn't valid when using pts(4), because the device name will be stripped
to "0" instead of "pts/0".

This fixes issues with login(1) ignoring /etc/ttys and missing utmp
records.

Reported by: Barney Cordoba <barney_cordoba yahoo com>
Reviewed by: rwatson

Add a cross-reference to newgrp(1).

Every time I need newgrp, I forget its name but I remember it's like
login for groups - newgrp(1) already cross-references login(1).

MFC after: 2 days

Use NULL instead of 0 for the return value of fopen().

Approved by: re (kensmith)

Significantly reduce the memory leak as noted in BUGS section for
setenv(3) by tracking the size of the memory allocated instead of using
strlen() on the current value.

Convert all calls to POSIX from historic BSD API:
- unsetenv returns an int.
- putenv takes a char * instead of const char *.
- putenv no longer makes a copy of the input string.
- errno is set appropriately for POSIX. Exceptions involve bad environ
variable and internal initialization code. These both set errno to
EFAULT.

Several patches to base utilities to handle the POSIX changes from
Andrey Chernov's previous commit. A few I re-wrote to use setenv()
instead of putenv().

New regression module for tools/regression/environ to test these
functions. It also can be used to test the performance.

Bump __FreeBSD_version to 700050 due to API change.

PR: kern/99826
Approved by: wes
Approved by: re (kensmith)

Fix some warnings by making things const, adding missing headers,
removing some unused variables and making a variable unsigned.

MFC after: 3 weeks

Back out all POSIXified *env() changes.

Not because I admit they are technically wrong and not because of bug
reports (I receive nothing). But because I surprisingly meets so
strong opposition and resistance so lost any desire to continue that.

Anyone who interested in POSIX can dig out what changes and how
through cvs diffs.

Slightly tune previous fix: free memory if !export

Prepare for upcoming POSIXed putenv() rewrite:
don't free memory after putenv()

Teach login(1) about the make.conf NO_AUDIT variable. This allows us to
conditionally build in audit support.

Submitted by: bz
MFC after: 1 week

Markup fixes.

Remove references to the pam(8) manual page. It does not exist.

Requested by: novel
Discussed with: brueffer, simon

Add missing library dependencies.

Don't call audit_logout() if pwd is NULL, as audit_logout() attempts to
dereference it.
This will happen if we ^D at the Login: prompt without having provided a
valid login before.
Set pwd to NULL on bad login attempts to prevent audit_logout() from being
called for a user which didn't actually log on.

Reported by: Jerome Magnin jethro at docisland dot org

Reimplementation of world/kernel build options. For details, see:

http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by: imp, jhb, kris, phk, ru (all bugs are mine)

Managing login.access is no longer a responsibility of login(1).
Therefore give a xref, not details.

MFC after: 3 days

Remove the last reference to LOGIN_ACCESS from login(1).

MFC after: 3 days

login.access.5 and login_access.c are no longer used
in usr.bin/login because the login.access feature has
moved to PAM completely.

Their counterparts in lib/libpam/modules/pam_login_access
have been found to be in sync with, and even in better shape
than, login.access.5 and login_access.c here.

Therefore cvs rm login.access.5 and login_access.c from
usr.bin/login so that nobody will waste their time on fixing
or developing the files here.

MFC after: 3 days

login(1) no longer handles /etc/login.access by itself,
it's PAM's job.

MFC after: 3 days

Since the whole login.access feature has moved to PAM,
login.access.5 will be installed from the respective PAM
module's src directory.

MFC after: 3 days

Make login audit-enabled, submitting audit records for the login and logout
events. The specifics of submitting the records is contained within
login_audit.c.
Document the auditing behavior in the man page.

Obtained from: TrustedBSD Project, Apple Computer, Inc.
Approved by: rwatson (mentor)

o Teach login(1) to respect "hushlogin" and "nocheckmail" attributes
defined in user's $HOME/.login_conf.

PR: bin/75001
Submitted by: Rostislav Krasny
MFC after: 2 weeks

Introduce the PRECIOUSPROG knob in bsd.prog.mk, similar
to PRECIOUSLIB from bsd.lib.mk. The side effect of this
is making installing the world under jail(8) possible by
using another knob, NOFSCHG.

Reviewed by: oliver

Bump document date

Reminded by: simon in ru-mode

We use /etc/pam.d/login nowadays

Deal with double whitespace.

Mechanically kill hard sentence breaks.

Deal with unsafe tab characters.

Fixed style bugs in previous commit (.ifndef instead of .if defined(),
and tab lossage).

Garbage-collected NEED_LIBNAMES.

I am a moron.

Re-add the setuid bit, conditional on NO_SETUID_LOGIN being undefined.

Cut through the bikeshed and remove login(1)'s setuid bit. It has no
business trying to impersonate su(1), and it does not need to be setuid
to function properly when invoked by getty(8) or telnetd(8).

GC (now unused here) -lcrypt.

Fix ~/.hushlogin handling.

PR: 61354
Submitted by: Eugeny Grosbein <eugen (at) kuzbass.ru>

Remove utmp references, no longer done by login(1) in 5.x.

PR: 54201
Submitted by: mdg <mdg@secureworks.net>

When the tty chown() fails, report a chown() failure rather than a
chmod() failure.

The documented login.conf variable for setting the login prompt is
"login_prompt". This makes more sense than "prompt" which is what
login actually used, so change the code to match the documentation.

PR: docs/51396
MFC in: 3 days

Back out previous commit, I wasn't thinking clearly.

Set PAM_RHOST to "localhost" if no remote host was specified. This allows
pam_opieaccess() to work as expected for local logins.

Use waitpid() instead of wait() since we know the pid of the process we
are waiting for, and we don't want to reap the wrong process.

Change the process title as soon as possible to mask information passed on
the command line by getty(8). This is not a perfect fix, but drastically
reduces the window of exposure.

Approved by: re (rwatson)
MFC after: 1 week

Do not reuse flag name in its definition. Remove inadequate sentence.

Be consistent about functions being static.

Spotted by: FlexeLint

When login tries to do the chmod/chflags on a read only file system,
it complains that it can't do it because the filesystem is readonly.
Assume that when the user has a readonly /dev that they don't care if
login can't change the permissions/flags. While this does break a few
things like msgs, we'll assume that the user setting up the read only
system knows what they are doing.

All this change does is to stop the complaint when the file system is
read only. It also adds comments as to why EROFS and EOPNOTSUPP are
ignored.

This allows one to have a read-only / w/o a /dev MFS and have a
relatively warning-free existence. /etc/rc still complains when it
can't chown/chflags/chmod things, but that's easy to ignore/tweak.

Reviewed by: roberto, phk
Sponsored by: Timing Solutions

Don't reuse a const char * when we really want a char *.

Simplify TERM handling since now libutil not overwrites existen TERM for "term"

Overwrite "term" from login.conf(5) for any known TERM

Drive-by whitespace cleanup.

Don't use PAM_SILENT unless hushlogin is set (perforce change 10123)

Sponsored by: DARPA, NAI Labs

Fixed some style bugs ("From:" in vendor id line, disordered MAN line, and
blank lines).

Not unapproved of by: markm

Use `The .Nm utility'

Remove unused #define.

Align for const poisoning in -lutil.

remove __P

Simple fix so the 'LOGIN FAILURE' message send to syslog will include
the correct userid, instead of random garbage. This bug does not
exist in -stable.

Reviewed by: freebsd-audit

Switch to OpenPAM. Bump library version. Modules are now versioned, so
applications linked with Linux-PAM will still work.
Remove pam_get_pass(); OpenPAM has pam_get_authtok().
Remove pam_prompt(); OpenPAM has pam_{,v}{error,info,prompt}().
Remove pam_set_item(3) man page as OpenPAM has its own.

Sponsored by: DARPA, NAI Labs

Remove NO_WERRORs and WARNS=n's. To be revisited after GCC3.

Still with asbestos longjohns on, completely PAMify login(1) and remove
code made redundant by various PAM modules (primarily pam_unix(8)).

Sponsored by: DARPA, NAI Labs

Back out rev 1.78, which is incorrect now that the PAM modules have been
fixed to accept a NULL PAM_RHOST.

When running on a local terminal, set PAM_RHOST to the local hostname.

Sponsored by: DARPA, NAI Labs

Back out PAM_CRED_ERR addition

Add PAM_CRED_ERR as valid failure case

Style improvements recommended by Bruce as a follow up to some
of the recent WARNS commits. The idea is:

1) FreeBSD id tags should follow vendor tags.
2) Vendor tags should not be compiled (though copyrights probably should).
3) There should be no blank line between including cdefs and __FBSDIF.

Use __FBSDID(). Also do a bit of cosmetic #if and header-order
cleaning-up.

Sort includes.

Style fixups.

Sort function declarations, includes. Make consistent WRT use of _P()
macro (ugh!)

Inspired by: bde

Work around world breakage in previous commit. The bug is in
<security/pam_misc.h>. It declares a function parameter named 'send',
so nothing that includes both <unistd.h> (which declares send(2)) and
<security/pam_misc.h> be compiled with WARNS=2 unless NO_WERRROR is
set.

Fixed order of WARNS.

WARNS=2 fixes.

Reviewed by: bde (a while back)

o Add support for a 'nocheckmail' capability, which (if true) prevents
the 'You have mail.' check. This is useful for sites that rely on
remote mail access, rather than a local mail spool. Due to the
behavior of login_getcapbool(), the negated form is required so as
to have appropriate results.
o This behavior may have to be independently added to sshd due to
redundant implementation.

o Restore previous inconsistent style to login_fbtab.c, following its
modification to add glob support. The submitted patch used a degraded
form of KNF.

Reviewed by: bde

o Modify format of /etc/fbtab to accept glob matching patterns for
target devices, not just individual devices and directories. This
permits activities such as:

ttyv0 0600 /dev/dsp*

Whereas previously that was not supported. This change is
backwards-compatible, except where device names included globbing
characters, which is not the case for any devices listed in MAKEDEV.

Submitted by: Maxime Henrion <mux@qualys.com>
MFC after: 3 weeks

o Modify NFS rights comment to note that the early credential changes
to test for a home directory don't set up the additional groups, and
as such may limit users conservatively. This does not affect the
eventual credentials selected.

Set BINOWN=root explicitly for setuid root binaries.

This is not "useless", as one may have non-default
setting for BINOWN in make.conf, and we still want
these to be installed setuid root in this case.

mdoc(7) police: tighten label width.

Like su(1), make PAM use mandatory. Remove parts of the authentication
logic that are handled by PAM. Fix documentation to reflect this.

Fix some bogus strncpy(3) to strlcpy(3) changes I made in the previous
revision. <utmp.h> structures don't leave room for a NUL character.
Also fix "UNKNOWN" which should have just been UNKNOWN.

Pointed out by: bde

o Replace occurrences of strncpy(3) with strlcpy(3); most of
the uses of it were wrong anyway.
o Always check for NULL returns on strdup(3).
o Fix a possible buffer overflow in strcpy(3).
o Fix a format string vulnerability.
o t->ty_type in stypeof() could be NULL and eventually cause
a segmentation fault in setenv(3), so check for that.

Eyeballed by: kris
Reviewed by: murray
MFC after: 3 days

Fix the environment handling:

However, there's still a bug in login.c
because you copy the environment *before* the call to pam_open_session,
which won't set the necessary variables set by /usr/ports/security/pam_ssh.

Submitted by: Volker Stolz <stolz@hyperion.informatik.rwth-aachen.de>

Remove whitespace at EOL.

mdoc(7) police: removed HISTORY info from the .Os call.

Fix the type of the NULL arg to execl()

Idea from: Theo de Raadt <deraadt@openbsd.org>

Remove an accidentaly added extra blank line.

Approved by: murray

Disable SIGHUP while getting the login name.

Reviewed by: security-officer

Missed a few things.

In a word -- style(9).

Add the "prompt" and "passwd_prompt" fields to /etc/login.conf,
which makes lgoin more like getty in its ability to be configured.

Submitted by: tlambert (code only)

Check for the expiration of an account and its password in the proper
order.

Reviewed by: -audit (silence)
Approved by: murray
Obtained from: OpenBSD
MFC after: 5 days

Clean out some cruft that has been put in a better (central) place.

Enable (optional) static linking.

Add full PAM support for account management and sessions.

The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux
package's PAM patches to the BSD login.c

Submitted by: "David J. MacKenzie" <djm@web.us.uu.net>

MAN[1-9] -> MAN.

Fix login so that it exports environmental variables that are set by PAM
modules (via pam_putenv). The following variables will never be set in
this fashion:

SHELL, HOME, LOGNAME, MAIL, CDPATH, IFS, PATH
any variable starting with `LD_'

Call pam_setcred.

Reviewed by: markm, months ago

Add `_PATH_DEVZERO'.
Use _PATH_* where where possible.

Add braces to avoid ambiguity in a nested conditional (silences a gcc
warning).

Fix excessive use of parenthesis in previous commit.

Requested by: bde

Do not issue a warning when chflags() fails with EOPNOTSUPP.

PR: 17875
Submitted by: Bjoern Fischer <bfischer@Techfak.Uni-Bielefeld.DE>

Remove single-space hard sentence breaks. These degrade the quality
of the typeset output, tend to make diffs harder to read and provide
bad examples for new-comers to mdoc.

Fix diagnostic printing test condition (was always true)

Approved by: jkh

Remove option's description that has gone with PAM.

Added IPv6 name resolving support for utmp logging.

Approved by: jkh

Remove the version information from `.Os FreeBSD' here. Not only
might it confuse people, but it causes a warning message with
nroff, and no version history mentions a 1.2 version of FreeBSD.

If anything, a ``HISTORY'' section should show which version this
appeared in.

Revert the libcrypt/libmd stuff back to how it was. This should not have
happened as it was working around problems elsewhere (ie: binutils/ld
not doing the right thing according to the ELF design). libcrypt has
been adjusted to not need the runtime -lmd. It's still not quite right
(ld is supposed to work damnit) but at least it doesn't impact all the
users of libcrypt in Marcel's cross-build model.

Add libmd (or move it after libcrypt). We don't want the linker to be
smart because it will definitely get it wrong. This popped up during
cross-linking.

Correct some hard sentence breaks. Only those surrounding the previous
commit and those which cause ugly nroff output have been fixed, since
the purpose of the style guideline which they contravene is to reduce
the sizes of deltas.

Reported by: bde

Improve shell documentation:

* Consistently misspell built-in as builtin.

* Add a builtin(1) manpage and create builtin(1) MLINKS for all shell
builtin commands for which no standalone utility exists. These MLINKS
replace those that were created for csh(1).

* Add appropriate xrefs for builtin(1) to the csh(1) and sh(1) manpages,
as well as to the manpages of standalone utilities which are supported
as shell builtin commands in at least one of the shells. In such
manpages, explain that similar functionality may be provided as a
shell builtin command.

* Improve sh(1)'s description of the cd builtin command. Csh(1) already
describes it adequately. Replace the cd(1) manpage with a builtin(1)
MLINKS link.

* Clean up some mdoc problems: use Xr instead of literal "foo(n)"; use
Ic instead of Xr for shell builtin commands.

* Undo English contractions.

Reviewed by: mpp, rgrimes

$Id$ -> $FreeBSD$

Clear all file flags when taking ownership of devices. Do not ignore
chown failures in some places, but instead log them like we do all
other errors.

Add $Id$, to make it simpler for members of the translation teams to
track.

The $Id$ line is normally at the bottom of the main comment block in the
man page, separated from the rest of the manpage by an empty comment,
like so;

.\" $Id$
.\"

If the immediately preceding comment is a @(#) format ID marker than the
the $Id$ will line up underneath it with no intervening blank lines.
Otherwise, an additional blank line is inserted.

Approved by: bde

remove uid switching before login_getpwclass, now done inside libutil
add gid switching before chdir and comment why it needed

Don't perform the trimdomain() functionality twice,
trimdomain() now works as expected.

Added xref to nologin(5)

Force <bsd.libnames.mk> to be included, regardless of the object
format. This fixes the undefined symbols when building login for
a.out.

Allow login to be linked statically even when PAM is used, since
there is now a static version of libpam.

Add a compile knob to avoid using PAM code (login will use standard Unix
authentication only). This comes handy when you're tight on space.

Submitted by: mostly John Baldwin <jobaldwi@vt.edu>
Reviewed by: John D. Polstra <jdp@polstra.com>

Move nologin from /etc to /var/run. This means one less file that has
to be written to /etc.

The only essential change is in paths.h, so any third-party software
written correctly will pick it up in the next rebuild.

Reviewed by: the committers list (actually an old version)

Make the timeout handler log any failed logins, to make sure failed
logins get logged.

Obtained from: "Jan B. Koum " <jkb@best.com>

Add a reference to pam(8) in the login(1) and login.access(5) manual
pages.

Work around the problem that login won't link if NOSHARED=yes,
because libpam is built shared only. There is a way to build PAM
into a static library that contains all (or a selected subset) of
the modules. But our Makefiles don't support that yet. Until I get
that working, just force NOSHARED=no in login's Makefile. Of
course, it still won't work if NOPIC is set.

Submitted by: bde

ATTENTION: INSTALL "/etc/pam.conf" FROM "src/etc"!!!

Change login to use PAM for authentication. I kept the built-in
passwd/NIS authentication support, to handle cases where the system
is missing its "/etc/pam.conf" file. S/Key and KerberosIV
authentication methods are removed from the login program, but
still available in PAM modules.

unifdef -DLOGIN_CAP. After almost 2 years, I think we can assume
it's here to stay.

This code is starting to look almost reasonable again.

Remove support for LOGIN_CAP_AUTH. It was never enabled, it was
not complete, and it hasn't been touched for 18 months. All the
ifdefs obfuscate the code. I discussed the LOGIN_CAP_AUTH support
with its author and he agreed that it is a dead end. I am bringing
PAM into the tree within the next two weeks. It is much more
flexible than LOGIN_CAP_AUTH, and will serve as a superior replacement
for it.

Fix a const-related compiler warning.

Use KJH's auth.conf parser to turn on/off Kerberos in userland.

Remove useless `BINOWN=root' now that it is the default.

Remove hardcoded constant in favour of login.conf value.

PR: 6529
Submitted by: Dan Lukes <dan@obluda.cz>

Fix LIBDIR (for aout/ELF).

Backed out rev.1.31. It was a workaround for bugs in rev.1.4 of
libc/gen/getpass.c. The old behaviour of blocking SIGINT and not
changing SIGQUIT was restored in rev.1.5 of getpass.c. The change
here completely restores the old behaviour of not supporting killing
login with keyboard signals (only) at the password prompt. There
is no reason to support this, since login can be exited normally
by typing a couple of ^D's. Login certainly shouldn't dump core
in response to user input. Previously, SIGQUIT killed login
immediately but SIGINT killed it only after the password was
entered.

PR: 7444

Fix a couple of little bugs that prevented login.c from compiling
if LOGIN_CAP_AUTH was defined. This is kind of silly, because
LOGIN_CAP_AUTH doesn't work anyway, is not defined currently,
probably will never be defined, and IMHO should not be defined.
But I'm sure you'll sleep better tonight, knowing that these bugs
are gone.

Trim a domain part for wtmp as same as showed by "netstat -r".
Here is a some example for avoiding a confusion.

It asssumes a logged host domain is "spec.co.jp". All
example is longer than UT_HOSTNAMELEN value.

1) turbo.tama.spec.co.jp: 192.19.0.2 -> trubo.tama
2) turbo.tama.foo.co.jp : 192.19.0.2 -> 192.19.0.2
3) specgw.spec.co.jp : 202.32.13.1 -> specgw

Submitted by: Atsushi Murai <amurai@spec.co.jp>

*blush*, typo during last minute editing..

Change euid while reading the user's .login_cap file in case the homedir
is on a NFS partion without root read access. Also, flip euid again for
the duration of the chdir() to the homedir for the same reason.

PR: 5145
Submitted by: Joel.Faedi@esial.u-nancy.fr
Also tested by: A Joseph Koshy <koshy@india.hp.com>

.Sh AUTHOR -> .Sh AUTHORS. Use .An/.Aq.

gcc on alpha complains about nested comments. A comment in this
file referred to a path ending in "/*" which was reasonable to me,
but gcc wasn't so sure. So now the comment refers to a path ending in
"*".

Fix very rare but dangerous bug:
for some DES passwords
crypt(real_password, salt)
is equal to
crypt("", salt);
It means that this user (and not only he) can login without
entering password at all, just pressing Return.
So if empty password entered and crypted password is not empty,
invalidate any crypt result by assigning ":"

Reset SGINT and SIGQUIT handling to default when asking for passwords.
Otherwise, when pressing the INT ke at the password prompt, the password
will be displayed. Now login will be killed.

Probably the same will have to be done for the LOGIN_CAP_AUTH case.
I have not done that.
Reviewed by: Joerg Wunsch

Mention S/key and the skey /etc files.

Fix a fatal typo.

PR: bin/4801
Submitted by: mishania@demos.su (Mikhail A. Sokolov)

Changes for KTH KerberosIV.
Also quieten -Wall a bit.

"lmd" -> "-lmd"
Submitted by: Vincent Poy <vince@venus.gaianet.net>

If building elf, don't link in libmd.a just for libskey.so to use. Under
elf, libskey.so will not expose it's implementation on it's caller.

= -> ==, strcpy -> strncpy from OpenBSD.
update man page. Add usage().
Obtained from: OpenBSD

Fix the man page's title (.Dt).
(It has been ``SKEY.ACCESS''.)

Restore backwards compatible default behavior for requirehome

login_getclass() -> login_getpwclass().
auth_rmfiles() was being called in error without LOGIN_CAP_AUTH defined.

Use isdialuptty() rather than hard-coded heuristic.

Submitted by: Sergei Chechetkin <csl@whale.sunbay.crimea.ua>

Fix incorrect bracket nesting. Closes PR#3144.

compare return value from getopt against -1 rather than EOF, per the final
posix standard on the topic.

Fix for logic in no-password accounts.

Don't bypass password prompt for root logins on insecure tty if
the root password is empty.

strdup() value of term to correctly preserve contents.
Rearrange validation logic so that it works correctly when
compiled with kerberos support. Closes PR#3056.

Submitted by: Paul Traina <root@shockwave.com> (partially)

Cleanup of #ifdef's for LOGIN_CAP.

Fixed bug in empty shell (closes PR#2550).

Refused root logins now displays standard "Login incorrect" and
exhibits identical backoff behaviour to a failed login.

Cleaned up logging of refused logins.

Use #defines for login retries and backoff. Also implemented
definable variables if LOGIN_CAP is defined, with
"login-retries" and "login-backoff" as capabilities
in the default class (closes PR#2805).

TERM from previous environment is no longer truncated.

Include copyright message from <sys/copyright.h>

Back out "shell" / pw_shell change, I was confused by the same
variable name (with different functionality)

Fix few bogons with pw_shell / shell variables values mismatch
introduced by LOGIN_CAP

Revert $FreeBSD$ to $Id$

Cruft cleanup to eliminate useless warnings

Don't dereference NULL pwd on non-existant username (I wonder how long
THAT has been in here!).

Fix handling of empty shell field in passwd file (use /bin/sh); problem
was caused by introduction of login classes. Closes PR bin/2550.
Added references to login.conf to manpage, crossreference to login.conf(5).

Make the long-awaited change from $Id$ to $FreeBSD$

This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore. This update would have been
insane otherwise.

Makes login login_cap-savvy.

Note that LOGIN_CAP_AUTH code (login authentication) is not (yet) enabled
and requires /usr/libexec/login_<style> authentication program support to
be added at a later date. The Makefile contains a macro LC_AUTH to turn
it on and prevent unnecessarily linking against skey/krb libs and the
addition of klogin.c module.

All other aspects of login_cap support are fully functional.

comma typos

Fix some compilation warnings.

Document login's use of /etc/login.access.

Submitted by: David E. O'Brien

Write numerical address instead of hostname for hostnames > UT_HOSTSIZE
to keep valid information in utmp and lastlog

#include <kerberosIV/des.h> -> #include <des.h>

Fix a bunch of spelling errors in a bunch of man pages.

recording cvs-1.6 file death

Delete bogus referneces to timezone code internal header file `tzfile.h',
which is no longer bogusly installed in /usr/include.

Remove trailing whitespace.

Set copyright so we can actually distribute and use it.

Reviewed by: David Greenman
Submitted by: Wietse Venema
Obtained from:

Fix spelling error that keeps this from compiling with KERBEROS & SKEY
defined.

Submitted by: Mark Murray <mark@grondar.za>

Disallow Kerberos when S/Key is required. Fixes PR #339.

Submitted by: Paul Traina <pst@Shockwave.com>

Change the library order so libcrypt is the last library in the list.
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command. This only occurs when
linking statically.

In the non-PARANOID case, make sure to set `notickets' to 0 sothat login.c
doesn't complain.

Modify klogin to:

1) Don't spit out an error message if Kerberos is installed but not yet
set up.

2) Don't attempt to verify the ticket you got back, as workstations
are not intended to have srvtab files of their own.

Both behaviors can be re-enabled with KLOGIN_PARANOID.

Sorry..forgot something for yesterdays login patch..
(Umm..i hope nobody "make world" this time:)

Patch of password expired bug.
Now password changed for right user and
no longer possible to skip password change.
I hope it will be ok....

Add distribution=krb for P-HK

Include most of the logdaemon v4.4 S/key changes

Undo damage done between revisions 1.6 and 1.7
(Guys, please don't DAMAGE commits that have just gone in.)

Install support for skey and login.access

First level of changes for bringing in eBones (kerberos).
- Get rid of inverse logic (NOKERBEROS and NOEBONES) in src/makefile,
and replace with MAKE_KERBEROS and MAKE_EBONES. (Far fewer contortions,
and both default to off.) IF YOU WANT KERBEROS, YOU HAVE TO EXPLICITLY
DEFINE ONE OF THESE.
- Make Makefiles kerberos-aware.

Problem:
Accounts that have "pw_change" set, are supposed to change their passwords
by the date specified in "pw_change". If they have not changed their passwords
by that date, currently they get "LOCKED OUT" of the system. This is not the
correct behavior, the user should be prompt (forced?) to change their password
at this time. If the behavior of "pw_change" was meant to be a LOCKOUT,
then you should use "pw_expire".

Solution:
Instead of locking out the user, prompt them to change their password.

Reviewed by: jkh
Submitted by: rls

Implemnet fbtab ala SunOS (thanks to WZV, see login_fbtab.c)
Reviewed by:
Submitted by: guido

Add skey supprot
Reviewed by:
Submitted by: guido

LDADD= -lcrypt
Submitted by: Geoff

Don't compile with kerberos yet, we aren't ready.

This commit was generated by cvs2svn to compensate for changes in r1590,
which included commits to RCS files with non-trunk default branches.