#
805ea040 |
| 01-Mar-2022 |
tedu <tedu@openbsd.org> |
add rtable capability to login.conf. from Matthew Martin
|
#
d7bd1adb |
| 10-Feb-2022 |
robert <robert@openbsd.org> |
introduce support for storing capability databases in /etc/login.conf.d;
anytime a class is looked up, the /etc/login.conf.d/${class} file will be checked first for a matching class definition; this
introduce support for storing capability databases in /etc/login.conf.d;
anytime a class is looked up, the /etc/login.conf.d/${class} file will be checked first for a matching class definition; this will allow us to easily add custom login classes from packages
ok millert@
show more ...
|
#
c0455c86 |
| 03-Jun-2021 |
deraadt <deraadt@openbsd.org> |
secure_path(3) hasn't been called since we recognized the TOCTOU issues a few years back, so we can remove it. Since nothing in the ecosystem calls it, I am not cranking the libc major as required,
secure_path(3) hasn't been called since we recognized the TOCTOU issues a few years back, so we can remove it. Since nothing in the ecosystem calls it, I am not cranking the libc major as required, surely another crank will come along soon. noticed by Dante Catalfamo ok millert
show more ...
|
#
2b699e5c |
| 29-Jul-2018 |
deraadt <deraadt@openbsd.org> |
Add _PATH_AUTHPROGDIR = "/usr/libexec/auth", this path will be used to unveil. Unfortunately the auth subsystem uses _PATH_AUTHPROG = "/usr/libexec/auth/login_", which it auth-program is appended to
Add _PATH_AUTHPROGDIR = "/usr/libexec/auth", this path will be used to unveil. Unfortunately the auth subsystem uses _PATH_AUTHPROG = "/usr/libexec/auth/login_", which it auth-program is appended to -- a rather gross idea which now shows lack of wisdom.
show more ...
|
#
817d1ee3 |
| 21-Nov-2014 |
tedu <tedu@openbsd.org> |
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts.
change prototype for crypt_newhash. the login_cap_t is a holdover from its pwd_gensalt origins, but a string argument works equally work and is more friendly to consumers beyond local user accounts. ok deraadt
show more ...
|
#
faa4eeec |
| 19-Nov-2014 |
tedu <tedu@openbsd.org> |
prototype for crypt_newhash(). adding it here because this is where login_cap_t lives and i don't want to forward declare it in unistd.h
|
#
02272fec |
| 28-Jan-2005 |
millert <millert@openbsd.org> |
LOGIN_SETALL did not include LOGIN_SETENV as it should.
|
#
1b4bf431 |
| 09-Aug-2004 |
millert <millert@openbsd.org> |
Support the "setenv" capability in login.conf ala FreeBSD. Following FreeBSD's example, a '~' in an environment variable is replaced with the user's homedir. A '$' is replaced by the user's login n
Support the "setenv" capability in login.conf ala FreeBSD. Following FreeBSD's example, a '~' in an environment variable is replaced with the user's homedir. A '$' is replaced by the user's login name. Both can be escaped with a backslash to get the literal char. OK deraadt@
show more ...
|
#
4f52662f |
| 03-Aug-2004 |
millert <millert@openbsd.org> |
Define BI_FDPASS for the BSD auth fd passing changes.
|
#
d1f942ab |
| 22-Jan-2004 |
espie <espie@openbsd.org> |
Remove unnecessary typedef usage.
u_char -> unsigned char u_short -> unsigned short u_long -> unsigned long u_int -> unsigned int
okay millert@
|
#
756873d8 |
| 02-Aug-2002 |
millert <millert@openbsd.org> |
Change value of LOGIN_DEFSTYLE from "krb4-or-pwd" to just "passwd". If there is no login.conf or it is corrupt we don't want to make any assumptions about kerberos. By request of deraadt@
|
#
82fb7937 |
| 03-Jun-2002 |
deraadt <deraadt@openbsd.org> |
compatiblity -> compatibility decriptor -> descriptor authentciated -> authenticated transmition -> transmission
|
#
c72b5b24 |
| 16-Feb-2002 |
millert <millert@openbsd.org> |
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be don
Part one of userland __P removal. Done with a simple regexp with some minor hand editing to make comments line up correctly. Another pass is forthcoming that handles the cases that could not be done automatically.
show more ...
|
#
9528a93a |
| 15-Jul-2001 |
millert <millert@openbsd.org> |
Give login_cap_t a struct name so we can use forward declarations.
|
#
77c76821 |
| 30-Jun-2001 |
millert <millert@openbsd.org> |
Default login style is now krb4-or-pwd, not krb-or-pwd.
|
#
504e5da2 |
| 01-Jan-2001 |
millert <millert@openbsd.org> |
Guard against multiple inclusion
|
#
e802aa69 |
| 21-Nov-2000 |
millert <millert@openbsd.org> |
BSD authentication routines from BSDI. Presently this is not used but the login_* helper programs and other support will be committed in the near future.
|
#
6bedce01 |
| 19-Nov-2000 |
millert <millert@openbsd.org> |
Remove prototypes for old BSD auth functions. New ones will live in bsd_auth.h when BSD authentication is committed.
|
#
362f029c |
| 20-Aug-2000 |
millert <millert@openbsd.org> |
login.conf code from BSDi. This does not include the bsd auth code which will come later. At this stage it is primarily used for setting resource limits.
|