By using random values for ut_id, not based on the TTY name, it is
possible to run for example login(1) multiple times on the same TTY,
without overwriting any previous records.
The output of w(1) will then be as follows:
| 12:26PM up 2 days, 2:31, 5 users, load averages: 0.01, 0.03, 0.03
| USER TTY FROM LOGIN@ IDLE WHAT
| ed pts/2 mekker.80386.nl 12:26PM - w
| root pts/2 - 12:26PM - w
| root pts/2 - 12:26PM - w
| root pts/2 - 12:26PM - w
Approved by: des
Similar to libexec/, do the same with lib/. Make WARNS=6 the norm and
lower it when needed.
I'm setting WARNS?=0 for secure/. It seems secure/ includes the
Makefile.inc provided by lib/. I'm not going to touch that directory.
Most of the code there is contributed anyway.
- Only set the fields in the ulog_utmpx structure that are valid for the
command in question. This means that strings like "shutdown" or "~"
are not visible to the user anymore.
- Rename UTXF_* to UTXI_*, indicating the indexation, instead of using
the `antique' filename. If we ever get rid of utmp, it makes little
sense calling it by its old name.
The information used by the "Last login:"-line is obtained by using
ulog_setutxfile(3) to switch to the lastlog database. Login and logout
are performed using the utility functions ulog_login(3) and
ulog_logout(3).
This also means we must build libulog during bootstrap.
Approved by: des
test MK_INSTALLLIB, users can set WITHOUT_INSTALLLIB. The old
NO_INSTALLLIB is still supported as several makefiles set it.
- While here, fix an install when instructed not to install libs
(usr.bin/lex/lib/Makefile).
PR: bin/114200
Submitted by: Henrik Brix Andersen
pam_sm_open_session(), avoiding false negatives when no tty is present.
Submitted by: Todd C. Miller <millert@courtesan.com>
Approved by: re (rwatson)
MFC after: 2 weeks
instead of an authentication function. There are a design reason
and a practical reason for that. First, the module belongs in
account management because it checks availability of the account
and does no authentication. Second, there are existing and potential
PAM consumers that skip PAM authentication for good or for bad.
E.g., sshd(8) just prefers internal routines for public key auth;
OTOH, cron(8) and atrun(8) do implicit authentication when running
a job on behalf of its owner, so their inability to use PAM auth
is fundamental, but they can benefit from PAM account management.
Document this change in the manpage.
Modify /etc/pam.d files accordingly, so that pam_nologin.so is listed
under the "account" function class.
Bump __FreeBSD_version (mostly for ports, as this change should be
invisible to C code outside pam_nologin.)
PR: bin/112574
Approved by: des, re
with `pw lock', so that it's impossible to log into a locked account
using an alternative authentication mechanism, such as an ssh key.
This change affects only accounts locked with pw(8), i.e., having a
`*LOCKED*' prefix in their password hash field, so people still can
use a different pattern to disable password authentication only.
Mention all account management criteria in the manpage.
Approved by: maintainer (timeout)
PR: bin/71147
MFC after: 1 month
sizeof(*list), not sizeof(**list). (i.e., sizeof(pointer) rather than
sizeof(char)).
It is possible that this buffer overflow is exploitable, but it was
added after RELENG_5 forked and hasn't been MFCed, so this will not
receive an advisory.
Submitted by: Vitezslav Novy
MFC after: 1 day