From owner-freebsd-doc Thu Jun 24 7:50: 4 1999 Delivered-To: freebsd-doc@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 1D71915481 for ; Thu, 24 Jun 1999 07:50:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id HAA31425; Thu, 24 Jun 1999 07:50:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from thneed.ubergeeks.com (thneed.ubergeeks.com [206.205.41.245]) by hub.freebsd.org (Postfix) with ESMTP id BD24A151C9 for ; Thu, 24 Jun 1999 07:45:54 -0700 (PDT) (envelope-from adrian@thneed.ubergeeks.com) Received: (from adrian@localhost) by thneed.ubergeeks.com (8.9.3/8.9.3) id KAA03152; Thu, 24 Jun 1999 10:45:43 -0400 (EDT) (envelope-from adrian) Message-Id: <199906241445.KAA03152@thneed.ubergeeks.com> Date: Thu, 24 Jun 1999 10:45:43 -0400 (EDT) From: adrian@ubergeeks.com Reply-To: adrian@ubergeeks.com To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: docs/12377: doc patch for login_cap. Sender: owner-freebsd-doc@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 12377 >Category: docs >Synopsis: differences of a NULL login class need amplification >Confidential: no >Severity: critical >Priority: low >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Thu Jun 24 07:50:01 PDT 1999 >Closed-Date: >Last-Modified: >Originator: Adrian Filipi-Martin >Release: FreeBSD 3.2-RELEASE i386 >Organization: Ubergeeks Consulting >Environment: stock 3.2 installation. >Description: The fact that the root account has a different default login class is not well documented. It is documented, but only in passing in a paragraph low in the login_cap(3) manpage and in the login_cap.h header. The fact that the NULL login class has different interpretations depending upon the context of the capability lookup should be noted clearly or the behavior of the look up should be modified to make it more intuitive. The fact that the NULL class has two default values begs the question, "is there really a default class?" >How-To-Repeat: N/A >Fix: A quick fix is to apply the following doc patch. A better fix is to make all accounts with NULL login classes default to the "default" class and explicitly set root's class to 'root' in master.passwd. This would be an application of the "principle of least surprise". *** login.conf.orig Thu Jun 24 10:24:22 1999 --- login.conf Thu Jun 24 10:25:22 1999 *************** *** 60,65 **** --- 60,66 ---- # # Root can always login # + # N.B. This is the default class for the root account, not 'default'. root:\ :ignorenologin:\ :tc=default: --- login_cap.3.orig Thu Jun 24 10:27:45 1999 +++ login_cap.3 Thu Jun 24 10:32:53 1999 @@ -139,14 +139,15 @@ .Fn login_getclass or .Fn login_getuserclass . -If the referenced user has no login class specified in +If the referenced user is not root and has no login class specified in .Pa /etc/master.passwd , the class name is NULL or an empty string, or if the class specified does not exist in the database, each of these functions will search for a record with an id of "default", with that name returned in the .Ar lc_class -field. +field. If the user is root, then record with an id of "root" will +be returned instead of "default". .Pp The .Ar lc_cap >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message