#
881f6c5f |
| 22-Dec-2022 |
kn <kn@openbsd.org> |
Denote multiple arguments with 'arg ...' not 'args'
A few programs used the plural in their synopsis which doesn't read as clear as the obvious triple-dot notation.
mdoc(7) .Ar defaults to "file ..
Denote multiple arguments with 'arg ...' not 'args'
A few programs used the plural in their synopsis which doesn't read as clear as the obvious triple-dot notation.
mdoc(7) .Ar defaults to "file ..." if no arguments are given and consistent use of 'arg ...' matches that behaviour.
Cleanup a few markups of the same argument so the text keeps reading naturally; omit unhelpful parts like 'if optional arguments are given, they are passed along' for tools like time(1) and timeout(1) that obviously execute commands with whatever arguments where given -- just like doas(1) which doesn't mention arguments in its DESCRIPTION in the first place.
For expr(1) the difference between 'expressions' and 'expression ...' is crucial, as arguments must be passed as individual words.
Feedback millert jmc schwarze deraadt OK jmc
show more ...
|
#
336e7bcb |
| 23-Mar-2022 |
deraadt <deraadt@openbsd.org> |
Now that libc setusercontext() handling of setrtable is repaired, su(8) can set LOGIN_SETRTABLE once again. ok millert
|
#
093e9c3f |
| 19-Mar-2022 |
sthen <sthen@openbsd.org> |
backout r1.86 "login class routing table should be honored when doing a full login with su -l", it breaks rc.d(8) daemon_rtable
|
#
447b277e |
| 15-Mar-2022 |
solene <solene@openbsd.org> |
login class routing table should be honored when doing a full login with su -l
ok millert@ patch from Matthew Martin < phy1729 at gmail dot com >
|
#
6699d7aa |
| 10-Feb-2022 |
robert <robert@openbsd.org> |
unveil _PATH_LOGIN_CONF_D
|
#
bc5a8259 |
| 12-Jul-2021 |
beck <beck@openbsd.org> |
Change the error reporting pattern throughout the tree when unveil fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion.
Work done and verified by A
Change the error reporting pattern throughout the tree when unveil fails to report the path that the failure occured on. Suggested by deraadt@ after some tech discussion.
Work done and verified by Ashton Fagg <ashton@fagg.id.au>
ok deraadt@ semarie@ claudio@
show more ...
|
#
0b962acd |
| 30-Oct-2020 |
millert <millert@openbsd.org> |
auth_approval() does not necessarily set errno on failure. From Piotr Durlej.
|
#
a8dc0ba1 |
| 17-Aug-2020 |
semarie <semarie@openbsd.org> |
honor /etc/nologin by unveiled it
ok deraadt@
|
#
2c7f03ce |
| 08-Jul-2020 |
jca <jca@openbsd.org> |
Simplify csh vs other shells setup code
ok millert@
|
#
3b2e3894 |
| 08-Jul-2020 |
jca <jca@openbsd.org> |
Teach su -l -f how to start a regular shell for non-csh shells
su -l does nice things like reset the environment and change the home directory, but it also always starts the user's shell as a login
Teach su -l -f how to start a regular shell for non-csh shells
su -l does nice things like reset the environment and change the home directory, but it also always starts the user's shell as a login shell (argv[0] == '-'). This is a problem for su -l consumers like rc.d, where e.g. /root/.profile is read by the shell before starting a daemon as root. This tends to blow up if the admin introduces side effects to /root/.profile (or /etc/profile).
csh supports an -f flag to skip reading .cshrc and .login, and su already has special support for it. Similarly, teach su -l -f how to start a regular shell (not a login shell) for non-csh shells.
Discussion started by robert@ during p2k19 and revived by ajacoutot@, help and ok kn@ millert@
show more ...
|
#
13053edc |
| 07-Dec-2019 |
millert <millert@openbsd.org> |
In -L (loop) mode, reset the login class each time through the loop. Otherwise, it is possible to log in with another user's login class. Fixes CVE-2019-19519. OK deraadt@ markus@
|
#
2dfc98f4 |
| 04-Dec-2019 |
deraadt <deraadt@openbsd.org> |
libc's authentication privsep layer performed insufficient username validation. Repair work mostly by markus and millert, first of all solving the primary problem, then adding some additional valida
libc's authentication privsep layer performed insufficient username validation. Repair work mostly by markus and millert, first of all solving the primary problem, then adding some additional validation points. And then futher validation in login and su. This will be 6.5/021_libcauth.patch.sig and 6.6/010_libcauth.patch.sig Reported by Qualys
show more ...
|
#
1d749625 |
| 14-Sep-2019 |
semarie <semarie@openbsd.org> |
correct some unveil(2) violations due to "login.conf.db" access (the .db version of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)).
problem initially noted by myself for pass
correct some unveil(2) violations due to "login.conf.db" access (the .db version of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)).
problem initially noted by myself for passwd(1) millert@ reported similar problem on chpass(1), su(1), doas(1) and encrypt(1) mestre@ noted chpass(1) too
ok mestre@ millert@
show more ...
|
#
3aaa63eb |
| 28-Jun-2019 |
deraadt <deraadt@openbsd.org> |
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if
When system calls indicate an error they return -1, not some arbitrary value < 0. errno is only updated in this case. Change all (most?) callers of syscalls to follow this better, and let's see if this strictness helps us in the future.
show more ...
|
#
ad9c9af1 |
| 20-Jun-2019 |
deraadt <deraadt@openbsd.org> |
auth_approval() returns 0 on failure, so don't test for <= 0 (error has no effect. just striving for an accurate following of contract) ok millert
|
#
e3bf8889 |
| 19-Jun-2019 |
millert <millert@openbsd.org> |
Fix regression introduced in rev. 1.59 where the wrong shell is checked in -m mode for non-root. The intent is that non-root shouldn't be able to run their own shell as the target user if the target
Fix regression introduced in rev. 1.59 where the wrong shell is checked in -m mode for non-root. The intent is that non-root shouldn't be able to run their own shell as the target user if the target user has a shell that is not listed in /etc/shells. This makes the code match the manual once again. OK schwarze@
show more ...
|
#
542869bb |
| 28-Jan-2019 |
deraadt <deraadt@openbsd.org> |
ttyname() is used, therefore must unveil _PATH_DEVDB. from Anton Borowka
|
#
4c4fbe71 |
| 21-Oct-2018 |
deraadt <deraadt@openbsd.org> |
need to unveil() /etc/shells also for -m option; ok florian
|
#
b2e6f119 |
| 23-Aug-2018 |
deraadt <deraadt@openbsd.org> |
A sequence of increasingly restrictive pledges was already present in su. Rearrange them slightly, so that a unveil's can be added also. (Sometimes you only learn a required path late in the game, y
A sequence of increasingly restrictive pledges was already present in su. Rearrange them slightly, so that a unveil's can be added also. (Sometimes you only learn a required path late in the game, you don't know them upfront at program start. That is the tricky bit)
show more ...
|
#
256c5321 |
| 30-Oct-2015 |
miod <miod@openbsd.org> |
Redo 1.69, but correctly, so that this really works for yp setups.
|
#
9a14f58e |
| 24-Oct-2015 |
miod <miod@openbsd.org> |
Move removal of "getpw" pledge after all setusercontext() calls, for yp sake. Noticed by matthieu@
|
#
5d0cca77 |
| 23-Oct-2015 |
deraadt <deraadt@openbsd.org> |
pledge "stdio rpath getpw proc exec id" at start, much like doas. 2 further pledges are possible, not as many as doas can do, because the order of some su operations is a bit different. also it is t
pledge "stdio rpath getpw proc exec id" at start, much like doas. 2 further pledges are possible, not as many as doas can do, because the order of some su operations is a bit different. also it is trying harder to please non-root nfs mounts?
show more ...
|
#
d8943718 |
| 15-Apr-2015 |
deraadt <deraadt@openbsd.org> |
remove historical (void)foo (which were only here to hide lint's undrenchable thirst for false positives)
|
#
b9fc9a72 |
| 16-Jan-2015 |
deraadt <deraadt@openbsd.org> |
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_N
Replace <sys/param.h> with <limits.h> and other less dirty headers where possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
show more ...
|
#
b23347eb |
| 11-Jan-2011 |
robert <robert@openbsd.org> |
Allow su -l to login to a user that has a non-existent home directory, unless requirehome is specified in login.conf for the login class. If requirehome is not specified the user will be logged in wi
Allow su -l to login to a user that has a non-existent home directory, unless requirehome is specified in login.conf for the login class. If requirehome is not specified the user will be logged in with HOME=/ This is what login(1) and ssh(1) does too.
ok millert@
show more ...
|