Change things slightly so this message says "local" or "YP" as needed
so we can use it for both NIS and local password changes without
confusing people.
password strings when DES isn't used; somehow the encrypted password
is corrupted and it winds up containing control chars, which yppasswdd
subsequently rejects. This breaks yppasswd on non-DES FreeBSD systems
using NIS.
Fix: scrap getnewyppasswd() entirely and use getnewpasswd() from
local_password.c, since it already works properly and is virtually
identical to getnewyppasswd() anyway. (Wish I'd noticed this sooner.)
This fixes a problem just reported on comp.unix.bsd.freebsd.misc.
type instead of int all over the place. (Cosmetic, enhances
debugging.)
Point out that a date specification _must_ follow the time of day
spec, in the man page. This clarifies the last point PR # of bin/483:
"at doesn't seem to ..." (the remainder has already been fixed with
version 1.3 of parsetime.c).
restricted. Am I the only one who sees the absurdity of having chfn be
a link to chpass, and then denying users permission to use chpass to
change their full names?
Of course, chpass has a much more severe bug in it, which is that it
allows users to change their password database info without first
asking them for their password. I hope to fix this at some point
so that I can merge ypchpass, ypchfn, ypchsh and chpass into one
program (password authentication is required for changing NIS data).
order, prevent suffix rule, if direct or children dependances exists,
forget to free v->name in var.c
My fixes: fix famous ^\t\n bug, correct free order in str_end
Reviewed by: bde
Obtained from: NetBSD, me
that it can't contact an NIS server when asked to change the password
of an invalid user. It should say 'unknown user' instead.
The fix is to check for the _PW_KEYYPENABLED flag in the password
database and only roll over into the yppasswd stuff if the flag
is enabled (this means passwd will not behave as yppasswd if
there are no +::::::::: entries in /etc/master.passwd). If
NIS is enabled but the user says 'passwd -l foouser' where
foouser exists in the NIS maps, but not in /etc/master.passwd,
we also say 'unknown user.' This is so we don't outsmart ourselves:
specifying the -l flag restricts passwd to the local password database
even if NIS is enabled.
This change should probably be merged into 2.1.
- Moved to a more client-driven model. We aggressively attempt to keep
the default domain bound (as before) but we give up on non-default
domains if we lose contact with a server and fail to get a response
after one round of broadcasting. This helps drastically reduce the
amount of network bandwitdh that ypbind consumes: if a client references
the secondary domain at some later point, this will prod ypbind into
establishing a new binding anyway, so continuously broadcasting without
need is pointless.
Note that we still actively seek out a binding for our default domain
even if no client program has queried us yet. I'm not exactly sure if
this matches SunOS's behavior or not, but I decided to do it this way
since we can get into all sorts of trouble if our default domain comes
unbound. Even so, we're still much quieter than we used to be.
- Removed a bunch of no-longer pertinent comments and a couple of
chunks of #ifdef 0'ed code that no longer fit in to the new layout.
- Theo deRaadt must have become frustrated with the callback mechanism
in clnt_broadcast(), because he shamelessly stole the clnt_broadcast()
code right out of the RPC library and hacked it up to suit his needs.
(Comments and all! :)
I can understand why: clnt_broadcast() blocks while awaiting replies.
Changing this behavior requires surgery. However, you can work around
this: fork the broadcast into a child process and relay the results
back to the parent via a pipe. (Careful obervation has shown that the
SunOS ypbind forks children for broadcasting too, though I can only
guess what sort of interprocess communication it uses. pipe() seems to
do the job well enough.)
This may seem like the long way around, but it's not really that
hard to implement, and I'd prefer to use documented RPC library functions
wherever possible. We're careful to limit the number of simultaneous
broadcasters to avoid swamping the system (the current limit is 5).
Each clnt_broadcast() call only sends out a small number of packets
at increasing intervals. We're also careful not to spawn more than one
bradcaster for a given domain.
- Used clntudp_bufcreate() and clnt_call() to implement a ping()
function for directly querying a particular server so that we can
check if it's still alive. This lets me completely remove the old
bradcasting code and use actual RPC library calls instead, at the
cost of more than a few handfulls of torn-out hair. (Make no mistake
folks: I *HATE* RPC.) Currently, the ping interval is one minute.
- Fixed another potential 'nfds too big for select()' bug: use
_rpc_dtablesize() instead of getdtablesize().
- Quieted gcc -Wall a bit.
- Probably a bunch of other stuff that I've forgotten.
ypbind.8:
- Updated man page to reflect modifications.
ypwhich.c:
- Small mind-o fix from last time: decode error results from
ypbind correctly (*groan*)
yplib.c:
- same as above
- Change behavior of _yp_dobind() a little: if we get back a 'Domain
not bound' error for a given domain, retry a few times before giving
up and passing the error back to the caller. We have to sleep for a
few seconds between tries since the 'Domain not bound' error comes
back immediately (by repeatedly looping, we end up pounding on ypbind).
We retry at most 20 times at 5 second intervals. This gives us a full
minute to get a response. This seems to deviate a bit from SunOS
behavior -- it appears to wait forever -- but I don't like the idea
of perpetually hanging inside a library call.
Note that this should fix the problems some people have with bindings
not being established fast enough at boot time; sometimes amd is started
in /etc/rc after ypbind has run but before it gets a binding set up. The
automounter gets annoyed at this and tends to exit. By pausing ther YP
calls until a binding is ready, we avoid this situation.
- Another _yp_dobind() change: if we determine that our binding files
are unlocked or nonexistent, jump directly to code that pokes ypbind
into restablishing the binding. Again, if it fails, we'll time out
eventually and return.
seperate exit values depending on the error. (The error values are
#defined and commented near the top of the file for clarity). This
is to help write a small bit of shell script for /etc/rc that calls
ypwhich a few times after ypbind is invoked to make sure we're
actually bound to a server before proceeding (if we aren't, the
automounter can fail if it's using NIS maps).
ypbind.c: if a client program asks ypbind for the name of the server
for a particular domain, and there isn't a binding for that domain
available yet, ypbind needs to supply a status value along with its
failure message. Set yprespbody.ypbind_error before returning from
a ypbindproc_domain request.
yplib.c: properly handle the error status messages ypbind now has the
ability to send us. Add a ypbinderr_string() function to decode the
error values.
ypwhich.c: handle ypbind errors correctly: yperr_string() can't handle
ypbind_status messages -- use ypbinderr_string instead.
some (hopefully) less offensive stupidity:
If we detect that a user has loaded a module that fails to initialize
itself correctly, panic. There really isn't a safe way to recover from
something like this; we can't know that the module is bad until after
the entry point is called, by which time it's too late to do anything
about it.
covered now, and i've attempted to give textual representations
instead of magic numbers.
The st(4) driver still misses some pieces; i'm going to implement the
EOM functionality RSN.
Any takers for the MTCOMP command? Seems to have never been implemented.
properly. I know, tcsh is not a "Real Shell".
jc p2 :0.0 Tue04PM - -u (tcsh)
^^^
7173 p2 S+ 0:01.33 -u (tcsh)
^^^
Submitted by: John Capo <jc@irbs.com>
1. Nuke out the aculib files that crept in somehow by mistake.
2. Fix the ${.CURDIR} path so that this stuff actually compiles.
It actually compiled for me before the commit, but I must have had
something short-cutting the bug.
job af warning me about mail as my work version does. This patch will
will fix this for bash(1) if MAILPATH is exported:
Submitted by: Mark Murray <mark@grondar.za>
I got irritated with not seeing the interrupt numbers in a (crowded)
"systat -vmstat" display, so I fixed it. Here is a patch to please be
applied in src/usr.bin/systat
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command. This only occurs when
linking statically.
libskey contains references to _crypt and can't resolve it unless
-lcrypt occurs after it in the link command. This only occurs when
linking statically.
declares them to return char *. For some reason, this causes no problems
with the old compiler tools, but doing a 'make world' with gcc 2.6.3 in a
seperate DESTDIR got me this error:
yacc -d /usr/src/usr.bin/compile_et/error_table.y
cc -O2 -I. -I/usr/src/usr.bin/compile_et/../../lib/libcom_err -I/mnt/usr/include -c y.tab.c -o error_table.o
In file included from /usr/src/usr.bin/compile_et/et_lex.lex.l:11,
from /usr/src/usr.bin/compile_et/error_table.y:233:
/mnt/usr/include/stdlib.h💯 conflicting types for `malloc'
/usr/src/usr.bin/compile_et/error_table.y:80: previous declaration of `malloc'
/mnt/usr/include/stdlib.h:104: conflicting types for `realloc'
/usr/src/usr.bin/compile_et/error_table.y:80: previous declaration of `realloc'
*** Error code 1
Stop.
Declaring malloc and realloc to return void * fixes this. It could be that
the new gcc is a bit more picky about these things.
directory (instead of the same directory as the source files) and that
#includes in those files do not contain the path to the source file.
Obtained from: J.T. Conklin via NetBSD
The "strings" program chokes if you try using "-n".
>How-To-Repeat:
Try "strings -n SOMENUMBER SOMEFILE".
>Fix:
Here's a "diff -u" patch that corrects the problem.
Submitted by: Lon Willett <lon%softt.uucp@math.utah.edu> via NetBSD
the symlinks for yppasswd & friends (we still can't use hard links
because passwd is installed immutable). This would have been simpler
if the LN_FLAGS variable hadn't chosen to wait until now before leaping
out of the /usr/share/mk directory and biting me in the ass. (And thus,
I was enlightened.)
newline must be part of the pattern space i.e. `echo a|sed -e P' must print
a
a
and not
aa
This is consistent with gnu sed, SunOS, Ultrix (and probably others!)
of hard links: since passwd is installed immutable, an attempt to make
a hard link to it during a 'make install' would fail. I didn't notice
this conflict because my /usr directory is an NFS filesystem mounted from a
SunOS server, so the special file mode flags had no effecti when I tested
everything on my machine. Live and learn.
This is the first round of changes to incorporate YP server functionality
into FreeBSD. This particular change allows passwd to change either the
local or NIS password, as well as the NIS GECOS and shell information.
Essentially, I've taken passwd(1) and yppasswd from the yppasswd-0.5
distribution (which is part of the NYS project -- a project to provide
a GNU GPL'ed suite of NIS tools) and rammed them into each other
at high speed. I've tried my best to make this co-exist with the
Kerberos stuff, but since I don't run Kerberos I don't have an easy
way to verify that it all works. If you choose any Kerberos flags
then the YP checks should be bypassed, but that may not be enough.
I'll modify it some more if it turns out I broke something. For now,
support for localand NIS passwords is pretty solid:
- If you simply type 'passwd,' the program checks to see if you exist
in the local pwd.db database. If not, you get bounced to YP.
- If you try to force local functionality with the -l flag and you
don't exist locally, you get an error.
The -y flag can be used to force YP functionality. -f and -s let you
change your full name and shell (respectively). -f *and* -s let you
change all of your 'account information.'
ypchfn, ypchsh, yppasswd and ypchpass are all links to passwd.
It will read a file on stdin and write it as decimal integers on stdout,
this is useful for embedding files in c-sources.
There are a few places where this is needed, and this is a better way than
the current practice of hand-editing the sources.
The command:
date | file2c 'const char date[] = {' ',0};'
will produce:
const char date[] = {
83,97,116,32,74,97,110,32,50,56,32,49,54,58,52,55,58,51,51,32,80,83,84,
32,49,57,57,53,10
,0};
The manual page is 2 lines longer than the source :-)
problems in the process:
1. Quoting should work properly now. In particular, Chet's reported bash
make problem has gone away.
2. A lot of memory that just wasn't being free'd after use is now freed.
This should cause make to take up a LOT less memory when dealing with
archive targets.
3. Give proper credit to Adam de Boor in a number of files.
Obtained from: NetBSD (and Adam de Boor)
1) It was export-controlled.
2) It used some ad-hoc protocol invented by Berkeley in ignorance of the
standard MIT distribution's way of doing it (which makes it useless
to most people).
This should be fixed once we have `kadmin'/`kadmind'.
spelled g*compiled* symbols from the kernel so that ddb doesn't have to
do it. The symbols are currently removed by dbsym but dbsym will go
away when symbols are loaded by the boot loader.
Document -m option in usage message.
Check for overrunning some arrays.
Fix some misformatting.
1) Don't spit out an error message if Kerberos is installed but not yet
set up.
2) Don't attempt to verify the ticket you got back, as workstations
are not intended to have srvtab files of their own.
Both behaviors can be re-enabled with KLOGIN_PARANOID.
my mailbox since early last year. Fixes a problem with running out of
fds (by hitting the limit or whatever) when ar is given a long list of
objects. The fix was to add a missing close().
Submitted by: Robert Crowe <bob@speakez.com>
to be padded to 8 chars. Simply make sure that never more than 8 chars
are printed ( %-.8s ). The former commit otherwise hosed the width
calculation and landed on different positions for the time output.
Also the strlen(xx_out_line) hoses the wide
calculation, so that it sometimes make it much larger than necessary.
Simply use always 8 chars for the out_line calculation now. Looks good
this way.
v1.9.0 - December 22, 1994. The program won't exit from the interactive shell
if it's working from a tty. For example, it won't exit if you do an mget
on a pattern that won't match anything. Added padding around jmp_buf's
for SunOS. SunOS needs sigjmp_buf's, but plenty of OS's don't support
sigjmp_buf's yet. Fixed the tips to reflect the new archive site.
v1.8.9 - December 20, 1994. Can now set "passive" user variable, or use
passive command to toggle PASV/PORT ftp. Debug mode now prints remote
responses. Can now get around buggy FTP servers like boombox.micro.umn.edu,
that give back invalid port numbers to PASV.
v1.8.8 - December 19, 1994. Now falls back to port FTP if passive FTP fails.
warning handling and allows for link-time warnings with a modified
version of gas.
Note: Not all of the newer bits were updated such as some of the non-x86
machine-dependant code is relevant to FreeBSD right now.
Obtained from: NetBSD