#
0b8224d1 |
|
24-Nov-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove copyright strings ifdef'd out We've ifdef'd out the copyright strings for some time now. Go ahead and remove the ifdefs. Plus whatever other detritis was left over from other recent removals. These copyright strings are present in the comments and are largely from CSRG's attempt at adding their copyright to every binary file (which modern interpretations of the license doesn't require). Sponsored by: Netflix
|
#
bdcbfde3 |
|
23-Nov-2023 |
Warner Losh <imp@FreeBSD.org> |
usr.bin: Remove ancient SCCS tags. Remove ancient SCCS tags from the tree, automated scripting, with two minor fixup to keep things compiling. All the common forms in the tree were removed with a perl script. Sponsored by: Netflix
|
#
1d386b48 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line .c pattern Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
#
aff7b6c7 |
|
05-Dec-2017 |
Xin LI <delphij@FreeBSD.org> |
Use strlcpy(). MFC after: 2 weeks
|
#
8a16b7a1 |
|
20-Nov-2017 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
General further adoption of SPDX licensing ID tags. Mainly focus on files that use BSD 3-Clause license. The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts. Special thanks to Wind River for providing access to "The Duke of Highlander" tool: an older (2014) run over FreeBSD tree was useful as a starting point.
|
#
838c6d51 |
|
10-Oct-2017 |
Enji Cooper <ngie@FreeBSD.org> |
Mute gcc warning about p not being possibly initialized I'm running into this warning on a tinderbox run with gcc 4.2.1 with mips and powerpc. MFC after: 1 week
|
#
fbbd9655 |
|
28-Feb-2017 |
Warner Losh <imp@FreeBSD.org> |
Renumber copyright clause 4 Renumber cluase 4 to 3, per what everybody else did when BSD granted them permission to remove clause 3. My insistance on keeping the same numbering for legal reasons is too pedantic, so give up on that point. Submitted by: Jan Schaumann <jschauma@stevens.edu> Pull Request: https://github.com/freebsd/freebsd/pull/96
|
#
d790b965 |
|
12-Aug-2013 |
Edward Tomasz Napierala <trasz@FreeBSD.org> |
Make check for unknown login class actually work. Previously, using the "-c" option with login class not defined in login.conf(5) would silently fail, resulting in using the default login class.
|
#
3db78cf0 |
|
26-Mar-2011 |
Hajimu UMEMOTO <ume@FreeBSD.org> |
getpwnam(3) may return NULL. Requested by: nork Reviewed by: Takeharu KATO <takeharu1219__at__ybb.ne.jp>, nork MFC after: 1 week
|
#
da52b4ca |
|
11-Dec-2010 |
Joel Dahl <joel@FreeBSD.org> |
Remove the advertising clause from UCB copyrighted files in usr.bin. This is in accordance with the information provided at ftp://ftp.cs.berkeley.edu/pub/4bsd/README.Impt.License.Change Also add $FreeBSD$ to a few files to keep svn happy. Discussed with: imp, rwatson
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
fe0506d7 |
|
09-Mar-2010 |
Marcel Moolenaar <marcel@FreeBSD.org> |
Create the altix project branch. The altix project will add support for the SGI Altix 350 to FreeBSD/ia64. The hardware used for porting is a two-module system, consisting of a base compute module and a CPU expansion module. SGI's NUMAFlex architecture can be an excellent platform to test CPU affinity and NUMA-aware features in FreeBSD.
|
#
821df508 |
|
12-Dec-2009 |
Xin LI <delphij@FreeBSD.org> |
Revert most part of 200420 as requested, as more review and polish is needed.
|
#
6f2d3221 |
|
11-Dec-2009 |
Xin LI <delphij@FreeBSD.org> |
Remove unneeded header includes from usr.bin/ except contributed code. Tested with: make universe
|
#
ce8c6d71 |
|
04-Apr-2009 |
Christian S.J. Peron <csjp@FreeBSD.org> |
Fixup the parameters to audit_submit(3) the order is errno then return value. This bug went un-noticed for so long because EPERM == 1 MFC after: 1 week Spotted by: sson, rwatson
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
f258a139 |
|
04-Jun-2008 |
David Malone <dwmalone@FreeBSD.org> |
Fix a strict aliasing warning - I think it is really telling us that the way char * and void * pointers may not be stored in the same way.
|
#
a964714f |
|
18-Oct-2007 |
David Xu <davidxu@FreeBSD.org> |
The upper while loop has already recycled child process, so the if statement has never executed as expected, fix it. MFC after: 3 days
|
#
2966d28c |
|
03-Jul-2007 |
Sean Farley <scf@FreeBSD.org> |
Significantly reduce the memory leak as noted in BUGS section for setenv(3) by tracking the size of the memory allocated instead of using strlen() on the current value. Convert all calls to POSIX from historic BSD API: - unsetenv returns an int. - putenv takes a char * instead of const char *. - putenv no longer makes a copy of the input string. - errno is set appropriately for POSIX. Exceptions involve bad environ variable and internal initialization code. These both set errno to EFAULT. Several patches to base utilities to handle the POSIX changes from Andrey Chernov's previous commit. A few I re-wrote to use setenv() instead of putenv(). New regression module for tools/regression/environ to test these functions. It also can be used to test the performance. Bump __FreeBSD_version to 700050 due to API change. PR: kern/99826 Approved by: wes Approved by: re (kensmith)
|
#
ba174a5e |
|
01-May-2007 |
Andrey A. Chernov <ache@FreeBSD.org> |
Back out all POSIXified *env() changes. Not because I admit they are technically wrong and not because of bug reports (I receive nothing). But because I surprisingly meets so strong opposition and resistance so lost any desire to continue that. Anyone who interested in POSIX can dig out what changes and how through cvs diffs.
|
#
9e461e53 |
|
29-Apr-2007 |
Andrey A. Chernov <ache@FreeBSD.org> |
Prepare for upcoming POSIXed putenv() rewrite: don't free memory after putenv()
|
#
e7d4bf18 |
|
24-Oct-2006 |
Maxim Sobolev <sobomax@FreeBSD.org> |
Backout previous change (SIGSYS related). The fix has been applied to the proper place. Pointed out by: rwatson
|
#
a88ab486 |
|
24-Oct-2006 |
Maxim Sobolev <sobomax@FreeBSD.org> |
Ignore SIGSYS when BSM is compiled in. Otherwise, attempt to invoke su on system that don't have audit framefork compiled into kernel or ia32 binary on amd64 system will result in SIGSYS. There is one place in su.c itself where it tries to check for errno != ENOSYS, but it has been a nop since su does not catch SIGSYS anyway. There are few other places in libbsm, where attempt to invoke audit syscal would result in SIGSYS if no audit support is present in the kernel, so that the only reliable method for now is to disable SIGSYS completely in the case when BSM is compiled in. In the long run, both direct invocation of audit-related syscalls and libbsm should be made more intellegent to handle the case when BSM is not compiled into the kernel gracefully. MFC after: 3 days (provided re@ approval)
|
#
5a8e64ee |
|
28-Sep-2006 |
Luoqi Chen <luoqi@FreeBSD.org> |
Do not chdir(2) until after setuid(2), otherwise "su - username" would fail when root doesn't have the permission to enter target user's home directory. If set, PAM environment variable HOME will be used in chdir(2) instead of pwd->pw_dir, this allows pam_chroot module to continue to function.
|
#
6319ad28 |
|
01-Sep-2006 |
Christian S.J. Peron <csjp@FreeBSD.org> |
Integrate audit_submit(3) bits into su. This means that records for successful and failed su attempts will be recorded using the AUE_su event type (login or lo class) if auditing is present in the system. Currently, the records will have a header, subject, text (with the actual diagnostics), a return and trailer token. See audit_submit(3) for more information. Reviewed by: rwatson Obtained from: TrustedBSD Project
|
#
cd17a1f7 |
|
03-Jan-2006 |
Brian Somers <brian@FreeBSD.org> |
Fix the other su bug reintroduced two commits ago, namely $ su % kill -STOP $$ where su is executing (t)csh. csh's job handling is a little more special than that of (a)sh, bash and even zsh and blows up a little more spectacularly. This modification restores the original mucking about with the tty pgrp, but is careful to only do it when su (or su's child) is the foreground process. While I'm here, fix a STDERR_FILENO spelling as suggested by bde.
|
#
d039c62b |
|
02-Jan-2006 |
Brian Somers <brian@FreeBSD.org> |
Handle the case (that I just broke) where the following hangs: $ su # kill -STOP $$ Pointed out by: David Xu <davidxu@freebsd.org>
|
#
d43e192e |
|
02-Jan-2006 |
Brian Somers <brian@FreeBSD.org> |
Remove broken code that mucks about with tcsetpgrp() -- even if su isn't the foreground process. Hopefully this won't break PAM, but I couldn't find any useful information about ache's theory that it will. Specifically, this change fixes the following: # sh # echo $$ # su - root -c id & # echo $$ The PID output changes as su seems to be kill -STOP'ing itself and catching the parent shell in the process. This is especially bad if you add a ``su - user -c command &'' to an rc script! Sponsored by: Sophos/Activestate Not objected to by: des
|
#
c8fbd1ec |
|
17-Jan-2005 |
Robert Watson <rwatson@FreeBSD.org> |
If su(1) is run without an effective uid of 0, generate an error to the user indicating that su is not running setuid, which may help suggest to the user that it should be setuid, or should not be running from a file system mounted nosuid. Suggsted by: Ivan Voras <ivoras at fer dot hr> MFC after: 2 weeks
|
#
b90e6008 |
|
15-Jun-2004 |
Mark Murray <markm@FreeBSD.org> |
Oops. My last commit included a bug that would make "su -m" always use /bin/sh. Fix this.
|
#
953cb3ec |
|
13-Jun-2004 |
Mark Murray <markm@FreeBSD.org> |
Paranoia, WARNS fixes and lint.
|
#
d6d62d8d |
|
04-Apr-2004 |
Philippe Charnier <charnier@FreeBSD.org> |
Add FBSDID. Do not dot terminate errx(3) string.
|
#
60f4b54d |
|
06-Jan-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
When root tries to su to a non-existent user, pam_authenticate() will normally succeed (because root can su to anyone), but pam_acct_mgmt() will most likely fail, causing su to log a confusing "pam_acct_mgmt: error in service module" message. To avoid this, call getpwnam() before pam_acct_mgmt(). Sponsored by: registrar.no
|
#
7430623f |
|
04-Nov-2003 |
David Xu <davidxu@FreeBSD.org> |
Be sure to restore foreground group to parent su before parent su exits, otherwise shell will be confused and does not set foreground group correctly for next su command. This sounds like a bug in sh.
|
#
bcf123b3 |
|
03-Nov-2003 |
David Xu <davidxu@FreeBSD.org> |
It seems when su executes in a shell scripts, there is a timing race, sometimes, su will receive a SIGTTOU when parent su tries to set child su's process group as foreground group, and su will be stopped unexpectly, ignoring SIGTTOU fixes the problem. Noticed by: fjoe
|
#
f6a43a2b |
|
18-Oct-2003 |
Olivier Houchard <cognet@FreeBSD.org> |
Fix broken su -m behaviour : chshell must return 0 if the shell is not a standard shell, or else it is possible to use an account without a valid shell. Reviewed by: des
|
#
60b28daa |
|
08-Apr-2003 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
PAM-related improvements: - if operating "as them" (su -l), use pam_{open,close}_session() - allow PAM to override $HOME (pam_chroot needs this) - chdir early, because later on we may be chrooted and chdir will fail Also use pid_t instead of int where applicable.
|
#
a75fd4bf |
|
26-Mar-2003 |
David Xu <davidxu@FreeBSD.org> |
Put child process in a different process group, ensure that the broadcast signal never affects su directly, some shells changes its pgrp at running or suspended time, so a broadcast SIGTSTP from child will mess up su's job control. Discussed with: bde
|
#
7a179eb4 |
|
11-Mar-2003 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Fix style bugs in the previous commit (which weren't in bde's patch)
|
#
658d3a6b |
|
11-Mar-2003 |
David Xu <davidxu@FreeBSD.org> |
Reset SIGTSTP handler to default both for parent and child process. Submitted by: bde
|
#
e9da86cb |
|
10-Mar-2003 |
David Xu <davidxu@FreeBSD.org> |
Fix long standing job control bug. SIGTSTP shouldn't be ignored. Special instructions tested: suspend stop $$
|
#
84c03427 |
|
06-Feb-2003 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Pass the correct, verified username to PAM instead of getlogin().
|
#
1494905b |
|
22-Oct-2002 |
Robert Watson <rwatson@FreeBSD.org> |
Add a new '-s' option to su(1): if the flag is present, attempt to also set the user's MAC label as part of the user credential setup by setting setusercontext(3)'s SETMAC flag. By default, change only traditional process properties. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
#
ed5fc39f |
|
18-Oct-2002 |
Mark Murray <markm@FreeBSD.org> |
When a user gets refused because the password is wrong, use the older "BAD SU" syslog message that folks prefer. There is quite a bit more tweaking that can be done with other similar messages. Asked for by: tjr
|
#
505b2816 |
|
17-Oct-2002 |
Tim J. Robbins <tjr@FreeBSD.org> |
Style: use sa_handler instead of __sigaction_u.__sa_handler.
|
#
81af0b57 |
|
14-Oct-2002 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Remove an unused variable.
|
#
3e2322fc |
|
12-Aug-2002 |
Andrey A. Chernov <ache@FreeBSD.org> |
Fix typing error in prev. commit
|
#
09d932cf |
|
12-Aug-2002 |
Andrey A. Chernov <ache@FreeBSD.org> |
Fix style bug in prev. commit
|
#
54c93e4f |
|
12-Aug-2002 |
Andrey A. Chernov <ache@FreeBSD.org> |
Fix su job control (recently introduced for PAM cleanup purposes) to not kill login shell on either "suspend/fg" or "stop $$/fg" for tcsh. Since this bug occurse on -stable too, it is not kernel threads bug. Submitted by: David Xu <bsddiy@yahoo.com>
|
#
04a0be1f |
|
06-Aug-2002 |
Andrey A. Chernov <ache@FreeBSD.org> |
Back out workaround of fixing "suspend/fg" by price of breaking "stop $$/fg". This is real kernel bug (threads) and don't attempt to mask it by workarounds to increase chances to fix it in the kernel.
|
#
831ab44e |
|
09-Jul-2002 |
Andrey A. Chernov <ache@FreeBSD.org> |
Remove tcsetpgrp() stuff across suspend/continue because it cause upper level tcsh killed on resume (fg). It is because tcsh is interactive itself and do its own things with terminal group.
|
#
b22ac97b |
|
25-Jun-2002 |
Matthew Dillon <dillon@FreeBSD.org> |
This is Alexander Kabaev's patch to solve the signal problem with su (see 'zsh exits upon ^C' thread). This may be temporary be he's been running it for a year without incident so we should be golden with it. Approved by: des
|
#
6592cfde |
|
25-Jun-2002 |
Matthew Dillon <dillon@FreeBSD.org> |
Backout 1.51 on DES's request. Approved by: des
|
#
743ea208 |
|
28-May-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Make our child the leader of its own process group to avoid receiving signals in its stead. This fixes the dread "zsh exits upon ^C" bug.
|
#
a1bdb05c |
|
28-May-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Drive-by whitespace cleanup & add NAI copyright
|
#
17e623ac |
|
05-Mar-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Belatedly OpenPAMify. I forgot this patch in last night's megacommit. Sponsored by: DARPA, NAI Labs
|
#
905fd6f3 |
|
24-Jan-2002 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Don't set PAM_RHOST, this is a local login. Sponsored by: DARPA, NAI Labs
|
#
69ebfe34 |
|
12-Sep-2001 |
Mark Murray <markm@FreeBSD.org> |
Reinstate complete (and now correctly functioning) WARNS=2.
|
#
73bd08dd |
|
07-Sep-2001 |
Mark Murray <markm@FreeBSD.org> |
Back out (with prejudice) the last WARNS=2 fix. I cannot understand its failure mode, and will revisit it later.
|
#
4239cf1c |
|
04-Sep-2001 |
Mark Murray <markm@FreeBSD.org> |
WARNS=2 fixes. The remaining problem of converting highly incompatible pointer types is done by "laundering" the value through a union. This solves the problem (in my own mind) of how a "const char *" _ever_ actually gets a value in a WARNS=2 world.
|
#
b1743630 |
|
19-Aug-2001 |
Mark Murray <markm@FreeBSD.org> |
Very minor stylistic nit. Discussed with: ru
|
#
bf1bf891 |
|
15-Aug-2001 |
Ruslan Ermilov <ru@FreeBSD.org> |
Substitute ARGSTR in-place. Forgot trailing newline in usage().
|
#
d1433646 |
|
15-Aug-2001 |
Ruslan Ermilov <ru@FreeBSD.org> |
Fixed the usage() string. This also reverts change in rev. 1.36 to the documented style of writing usage(). PR: bin/29730 Submitted by: Joseph Mallett <jmallett@xMach.org>
|
#
788222e4 |
|
11-Aug-2001 |
Mark Murray <markm@FreeBSD.org> |
Set the RUSER for PAM so that (eg) kerberos can set up tickets properly.
|
#
8cc3b02f |
|
11-Aug-2001 |
Mark Murray <markm@FreeBSD.org> |
WARNS=2 type cleanup. WARNS=2 cannot be enable because of an unresolvable conflict in arg 2 of execv(). Document this in the Makefile. Reviewed by: bde (su.c only)
|
#
5b3771f1 |
|
26-May-2001 |
Mark Murray <markm@FreeBSD.org> |
Deconvolute the authentication mess, and hand total responsiblity for authentication to PAM. This meens that WHEELSU-type logic can now be effected in the pam.conf "su" configuration stack. While here, clean up the mess that the code had assumed over years of hacking by folks using different styles. ANSIfy. There is more policy in here that can be handed over to PAM. This will be revisited.
|
#
af32b80c |
|
10-May-2001 |
David E. O'Brien <obrien@FreeBSD.org> |
Tell the user what group they must be in to su to root. Submitted by: Seth Kingsley <sethk@osd.bsdi.com>
|
#
1351464c |
|
28-Apr-2001 |
Mark Murray <markm@FreeBSD.org> |
Dike out the Kerberos(IV) support on the grounds that better kerberos support can be already obtained via PAM.
|
#
5bc9d93d |
|
27-Mar-2001 |
Mark Murray <markm@FreeBSD.org> |
Add full PAM support for account management and sessions. The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux package's PAM patches to the BSD login.c Submitted by: "David J. MacKenzie" <djm@web.us.uu.net>
|
#
e292984c |
|
30-Nov-2000 |
Robert Watson <rwatson@FreeBSD.org> |
o Make comment match reality, synch code with comment. o In practice: the comment indicates that all but umask and environmental variables of the users login class are applied when su occurs, unless -m is used to specify a class. This was incorrect; in practice, the uid, gids, resources, and priority were set, and then resources and priority were selectively removed. This meant that some aspects of the user context were not set, including handling of login events (wtmp, utmp), as well as the path specified in login.conf. o I changed it so that the behavior is the same, but instead, LOGIN_SETALL is used, and appropriate flags are removed, including the LOGIN_SETLOGIN and LOGIN_SETPATH entries that were implicitly not present before. I also updated the comment to reflect reality, selecting reality as the "correct" behavior. o This has the practical benefit that as new LOGIN_SET* flags are introduced, they are supported by su unless specifically disabled. For example, of a LOGIN_SETLABEL flag is introduced to support MAC labels determined by the user's login class, then su no longer has to be modified. o It might be desirable to have su use LOGIN_SETPATH depending on its command line parameters, as it might or might not be considered part of the "environment". Obtained from: TrustedBSD Project
|
#
0ed9356c |
|
24-Feb-2000 |
Mark Murray <markm@FreeBSD.org> |
Use libcrypto in place of libdes.
|
#
c3aac50f |
|
27-Aug-1999 |
Peter Wemm <peter@FreeBSD.org> |
$Id$ -> $FreeBSD$
|
#
7312edce |
|
13-Aug-1999 |
Sheldon Hearn <sheldonh@FreeBSD.org> |
Axe LOGIN_CAP_AUTH. PR: 10115 Reported by: Gene Skonicki <gene@cif.rochester.edu> Requested by: jdp
|
#
95103bc0 |
|
02-Jul-1999 |
Bruce Evans <bde@FreeBSD.org> |
Actually fixed ambiguous else. The previous revision had no effect.
|
#
f32e012b |
|
01-Jul-1999 |
Bill Fumerola <billf@FreeBSD.org> |
Fix ambigious else. Reviewed By: eivind
|
#
98eb1c31 |
|
09-Oct-1998 |
Mark Murray <markm@FreeBSD.org> |
Add JKH's auth.conf parser to turn on/off Kerberos in userland
|
#
d6bc2e88 |
|
21-Sep-1998 |
Ollivier Robert <roberto@FreeBSD.org> |
Fix bad option processing. PR: bin/7986 Submitted by: Dan Nelson <dnelson@emsphone.com>
|
#
c6a24f86 |
|
26-May-1998 |
Daniel O'Callaghan <danny@FreeBSD.org> |
PR: 1904 Abort if given uname is > MAXLOGNAME-1
|
#
37253803 |
|
24-May-1998 |
Steve Price <steve@FreeBSD.org> |
Allow a user in group 0 to su(1) to root if their primary group is 0 in /etc/passwd even if they aren't listed as a member in /etc/group. This is more inline with what the group manpage says. PR: 6696 Submitted by: Max Euston <meuston@jmrodgers.com>
|
#
098eef7a |
|
28-Oct-1997 |
Guido van Rooij <guido@FreeBSD.org> |
I wonder how I managed to get the krb.h include wrong. Anyway: correct it.
|
#
7a853dff |
|
27-Oct-1997 |
Guido van Rooij <guido@FreeBSD.org> |
Add -c option that allows root to specify a login_class.
|
#
301afdb8 |
|
28-Sep-1997 |
Mark Murray <markm@FreeBSD.org> |
Changes for KTH KerberosIV. Quieten -Wall a bit. From Joe Traister: The previous patch did not propogate the KRBTKFILE environment variable into the new environment when -l is given to su, making it impossible for kdestroy to find the ticket file. This patch corrects that problem as well as the original segfault problem. (Fixes PR 3903)
|
#
84c2e301 |
|
23-Aug-1997 |
Joerg Wunsch <joerg@FreeBSD.org> |
Prevent a NULL dereferencation when given a garbage command line. PR: bin/3206 Submitted by: blank@fox.uni-trier.de
|
#
7be91299 |
|
12-Aug-1997 |
Philippe Charnier <charnier@FreeBSD.org> |
Add usage().
|
#
5d0bfe39 |
|
10-May-1997 |
David Nugent <davidn@FreeBSD.org> |
login_getclass() -> login_getpwclass().
|
#
1c8af878 |
|
28-Mar-1997 |
Warner Losh <imp@FreeBSD.org> |
compare return value from getopt against -1 rather than EOF, per the final posix standard on the topic.
|
#
e8694bc2 |
|
24-Feb-1997 |
Guido van Rooij <guido@FreeBSD.org> |
When group wheel is empty, allow everyone to su to root. This has normally no conseqeunces as we ship with a non-empty wheel. Closes PR/1882 Submitted by: Arne Henrik Juul <arnej@frida.imf.unit.no>
|
#
a564e855 |
|
14-Jan-1997 |
David Nugent <davidn@FreeBSD.org> |
Fix problem with mask passwd to setusercontext() which prevented uid/group change with non-root target.
|
#
1130b656 |
|
14-Jan-1997 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
Make the long-awaited change from $Id$ to $FreeBSD$ This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long. Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
|
#
91bcac64 |
|
12-Jan-1997 |
David Nugent <davidn@FreeBSD.org> |
Make su login_cap savvy. As with login(1), LOGIN_CAP_AUTH is not yet enabled since we don't yet have authorisation modules.
|
#
40a8a5cf |
|
07-Oct-1996 |
Joerg Wunsch <joerg@FreeBSD.org> |
Export $TERM only if it has been set in our environment. Detected by: Amancio Hasty
|
#
1a98a0fb |
|
11-Mar-1996 |
Mark Murray <markm@FreeBSD.org> |
Make su a little less fascist about using Kerberos if it is not configured or available. Also fix a _nasty_ bug that would let one in if su -K was used. Any old password would work :-( :-(.
|
#
5a453b0e |
|
09-Mar-1996 |
Mark Murray <markm@FreeBSD.org> |
Better integrate kerberos into su so that if an incorrect Kerberos password is entered, the user is not prompted for a password a second time. This closes pr-bin/1006.
|
#
bbff7ca5 |
|
11-Feb-1996 |
Mark Murray <markm@FreeBSD.org> |
#include <kerberosIV/des.h> -> #include <des.h>
|
#
f4390542 |
|
05-Oct-1995 |
Justin T. Gibbs <gibbs@FreeBSD.org> |
Kerberos can now deal with multi-homed clients. Kerberos obtains a network address for the local host from the routing tables and uses it consistently for all Kerberos transactions. This ensures that packets only leave the *authenticated* interface. Clients who open and use their own sockets for encrypted or authenticated correspondance to kerberos services should bind their sockets to the same address as that used by kerberos. krb_get_local_addr() and krb_bind_local_addr() allow clients to obtain the local address or bind a socket to the local address used by Kerberos respectively. Reviewed by: Mark Murray <markm>, Garrett Wollman <wollman> Obtained from: concept by Dieter Dworkin Muller <dworkin@village.org>
|
#
76ba1af2 |
|
05-Sep-1995 |
Joerg Wunsch <joerg@FreeBSD.org> |
Bring Barry Morris' changes from FreeBSD 1.1.5.1 back: pass arguments to the target login's shell. This allows for "su -c". Do it right this time and also explain this behaviour in the man page. :) Obtained from: bsm's work in FreeBSD 1.1.5.1
|
#
ae532ecb |
|
28-Aug-1995 |
Mike Pritchard <mpp@FreeBSD.org> |
Check for expired passwords before allowing access to the system.
|
#
99005ad9 |
|
12-Jul-1995 |
Garrett Wollman <wollman@FreeBSD.org> |
Added support for an LCS-style `wheel su' which allows users in group wheel to su to root by authenticating as themselves (using a password or S/Key) rather than by using the root password. This is useful in contexts like ours, where a large group of people need root access to a set of machines. (However, the security implications are such that this should not be enabled by default.) The code is conditionalized on WHEELSU.
|
#
7799f52a |
|
30-May-1995 |
Rodney W. Grimes <rgrimes@FreeBSD.org> |
Remove trailing whitespace.
|
#
ce0436e7 |
|
06-Apr-1995 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
It has always bugged me that ps and w did not display su with tcsh properly. I know, tcsh is not a "Real Shell". jc p2 :0.0 Tue04PM - -u (tcsh) ^^^ 7173 p2 S+ 0:01.33 -u (tcsh) ^^^ Submitted by: John Capo <jc@irbs.com>
|
#
0b293ea5 |
|
17-Nov-1994 |
Andreas Schulz <ats@FreeBSD.org> |
Fixed the PATH and cleanenv setting in su. This was totally broken in the 4.4BSD Lite source.
|
#
2ddadf84 |
|
18-Oct-1994 |
Paul Traina <pst@FreeBSD.org> |
Include most of the logdaemon v4.4 S/key changes
|
#
122c9247 |
|
29-Sep-1994 |
Paul Traina <pst@FreeBSD.org> |
Add support for s/keys
|
#
9b50d902 |
|
26-May-1994 |
Rodney W. Grimes <rgrimes@FreeBSD.org> |
BSD 4.4 Lite Usr.bin Sources
|