Date: Sun, 1 Jun 2003 12:32:51 -0700 (PDT) From: Marcel Moolenaar <marcel@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 32315 for review Message-ID: <200306011932.h51JWpua058688@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=32315 Change 32315 by marcel@marcel_nfs on 2003/06/01 12:32:27 IFC @32313 Affected files ... .. //depot/projects/ia64/contrib/openpam/CREDITS#8 integrate .. //depot/projects/ia64/contrib/openpam/HISTORY#16 integrate .. //depot/projects/ia64/contrib/openpam/LICENSE#9 integrate .. //depot/projects/ia64/contrib/openpam/MANIFEST#14 integrate .. //depot/projects/ia64/contrib/openpam/Makefile#9 integrate .. //depot/projects/ia64/contrib/openpam/Makefile.inc#1 branch .. //depot/projects/ia64/contrib/openpam/RELNOTES#16 integrate .. //depot/projects/ia64/contrib/openpam/bin/Makefile#9 integrate .. //depot/projects/ia64/contrib/openpam/bin/Makefile.inc#1 branch .. //depot/projects/ia64/contrib/openpam/bin/su/Makefile#9 integrate .. //depot/projects/ia64/contrib/openpam/bin/su/su.c#10 integrate .. //depot/projects/ia64/contrib/openpam/doc/Makefile#9 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/Makefile#11 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/openpam.3#6 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/openpam_borrow_cred.3#12 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/openpam_free_data.3#12 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/openpam_get_option.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/openpam_log.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/openpam_nullconv.3#7 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/openpam_readline.3#1 branch .. //depot/projects/ia64/contrib/openpam/doc/man/openpam_restore_cred.3#12 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/openpam_set_option.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/openpam_ttyconv.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_acct_mgmt.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_authenticate.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_chauthtok.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_close_session.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_conv.3#3 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_end.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_error.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_get_authtok.3#17 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_get_data.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_get_item.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_get_user.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_getenv.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_getenvlist.3#17 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_info.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_open_session.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_prompt.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_putenv.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_set_data.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_set_item.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_setcred.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_setenv.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_sm_acct_mgmt.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_sm_authenticate.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_sm_chauthtok.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_sm_close_session.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_sm_open_session.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_sm_setcred.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_start.3#17 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_strerror.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_verror.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_vinfo.3#16 integrate .. //depot/projects/ia64/contrib/openpam/doc/man/pam_vprompt.3#16 integrate .. //depot/projects/ia64/contrib/openpam/include/security/openpam.h#16 integrate .. //depot/projects/ia64/contrib/openpam/include/security/openpam_version.h#6 integrate .. //depot/projects/ia64/contrib/openpam/include/security/pam_appl.h#10 integrate .. //depot/projects/ia64/contrib/openpam/include/security/pam_constants.h#13 integrate .. //depot/projects/ia64/contrib/openpam/include/security/pam_modules.h#11 integrate .. //depot/projects/ia64/contrib/openpam/include/security/pam_types.h#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/Makefile#12 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_borrow_cred.c#8 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_configure.c#7 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_dispatch.c#11 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_dynamic.c#12 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_findenv.c#11 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_free_data.c#7 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_get_option.c#11 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_impl.h#17 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_load.c#11 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_log.c#14 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_nullconv.c#6 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_readline.c#1 branch .. //depot/projects/ia64/contrib/openpam/lib/openpam_restore_cred.c#8 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_set_option.c#11 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_static.c#9 integrate .. //depot/projects/ia64/contrib/openpam/lib/openpam_ttyconv.c#15 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_acct_mgmt.c#12 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_authenticate.c#13 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_authenticate_secondary.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_chauthtok.c#13 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_close_session.c#12 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_end.c#11 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_error.c#9 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_get_authtok.c#16 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_get_data.c#11 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_get_item.c#12 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_get_mapped_authtok.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_get_mapped_username.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_get_user.c#12 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_getenv.c#13 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_getenvlist.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_info.c#9 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_open_session.c#12 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_prompt.c#9 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_putenv.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_set_data.c#11 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_set_item.c#13 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_set_mapped_authtok.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_set_mapped_username.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_setcred.c#12 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_setenv.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_sm_acct_mgmt.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_sm_authenticate.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_sm_authenticate_secondary.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_sm_chauthtok.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_sm_close_session.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_sm_get_mapped_authtok.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_sm_get_mapped_username.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_sm_open_session.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_sm_set_mapped_authtok.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_sm_set_mapped_username.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_sm_setcred.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_start.c#12 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_strerror.c#10 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_verror.c#9 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_vinfo.c#9 integrate .. //depot/projects/ia64/contrib/openpam/lib/pam_vprompt.c#12 integrate .. //depot/projects/ia64/contrib/openpam/misc/gendoc.pl#12 integrate .. //depot/projects/ia64/contrib/openpam/modules/Makefile#10 integrate .. //depot/projects/ia64/contrib/openpam/modules/pam_deny/Makefile#9 integrate .. //depot/projects/ia64/contrib/openpam/modules/pam_deny/pam_deny.c#9 integrate .. //depot/projects/ia64/contrib/openpam/modules/pam_permit/Makefile#9 integrate .. //depot/projects/ia64/contrib/openpam/modules/pam_permit/pam_permit.c#9 integrate .. //depot/projects/ia64/contrib/openpam/modules/pam_unix/Makefile#3 integrate .. //depot/projects/ia64/contrib/openpam/modules/pam_unix/pam_unix.c#4 integrate .. //depot/projects/ia64/etc/defaults/rc.conf#32 integrate .. //depot/projects/ia64/etc/mtree/BSD.local.dist#12 integrate .. //depot/projects/ia64/etc/mtree/BSD.usr.dist#20 integrate .. //depot/projects/ia64/etc/rc.d/mountcritlocal#5 integrate .. //depot/projects/ia64/etc/rc.d/mountcritremote#6 integrate .. //depot/projects/ia64/lib/libc/gen/fts.3#5 integrate .. //depot/projects/ia64/lib/libc/locale/Makefile.inc#13 integrate .. //depot/projects/ia64/lib/libc/locale/gbk.c#1 branch .. //depot/projects/ia64/lib/libc/locale/setrunelocale.c#5 integrate .. //depot/projects/ia64/lib/libc/stdlib/malloc.c#17 integrate .. //depot/projects/ia64/lib/libgeom/geom_ctl.c#3 integrate .. //depot/projects/ia64/lib/libgeom/libgeom.h#6 integrate .. //depot/projects/ia64/lib/libpam/libpam/Makefile#22 integrate .. //depot/projects/ia64/lib/libpam/modules/pam_ftp/Makefile#5 delete .. //depot/projects/ia64/lib/libpam/modules/pam_ftp/pam_ftp.8#3 delete .. //depot/projects/ia64/lib/libpam/modules/pam_ftp/pam_ftp.c#6 delete .. //depot/projects/ia64/lib/libpam/modules/pam_wheel/Makefile#5 delete .. //depot/projects/ia64/lib/libpam/modules/pam_wheel/pam_wheel.8#4 delete .. //depot/projects/ia64/lib/libpam/modules/pam_wheel/pam_wheel.c#8 delete .. //depot/projects/ia64/sbin/bsdlabel/bsdlabel.c#8 integrate .. //depot/projects/ia64/sbin/bsdlabel/runtest.sh#3 integrate .. //depot/projects/ia64/sbin/gbde/gbde.c#10 integrate .. //depot/projects/ia64/sbin/sunlabel/sunlabel.c#6 integrate .. //depot/projects/ia64/share/mk/bsd.sys.mk#15 integrate .. //depot/projects/ia64/share/mklocale/Makefile#9 integrate .. //depot/projects/ia64/share/mklocale/zh_CN.GBK.src#1 branch .. //depot/projects/ia64/sys/cam/cam_periph.c#11 integrate .. //depot/projects/ia64/sys/cam/scsi/scsi_sa.c#14 integrate .. //depot/projects/ia64/sys/ddb/db_command.c#12 integrate .. //depot/projects/ia64/sys/dev/an/if_an.c#22 integrate .. //depot/projects/ia64/sys/dev/cardbus/cardbus_cis.c#15 integrate .. //depot/projects/ia64/sys/dev/isp/isp.c#17 integrate .. //depot/projects/ia64/sys/dev/sound/pci/au88x0.c#1 branch .. //depot/projects/ia64/sys/dev/sound/pci/au88x0.h#1 branch .. //depot/projects/ia64/sys/dev/syscons/scmouse.c#8 integrate .. //depot/projects/ia64/sys/fs/fifofs/fifo_vnops.c#22 integrate .. //depot/projects/ia64/sys/fs/pseudofs/pseudofs_vnops.c#17 integrate .. //depot/projects/ia64/sys/geom/bde/g_bde.c#12 integrate .. //depot/projects/ia64/sys/geom/geom.h#32 integrate .. //depot/projects/ia64/sys/geom/geom_bsd.c#36 integrate .. //depot/projects/ia64/sys/geom/geom_ctl.c#10 integrate .. //depot/projects/ia64/sys/geom/geom_ctl.h#3 integrate .. //depot/projects/ia64/sys/geom/geom_ext.h#2 delete .. //depot/projects/ia64/sys/geom/geom_subr.c#29 integrate .. //depot/projects/ia64/sys/geom/geom_sunlabel.c#24 integrate .. //depot/projects/ia64/sys/ia64/ia64/vm_machdep.c#26 integrate .. //depot/projects/ia64/sys/kern/kern_thread.c#47 integrate .. //depot/projects/ia64/sys/modules/sound/driver/au88x0/Makefile#1 branch .. //depot/projects/ia64/sys/netinet/ip_encap.c#9 integrate .. //depot/projects/ia64/sys/pc98/pc98/clock.c#16 integrate .. //depot/projects/ia64/sys/pc98/pc98/fd.c#19 integrate .. //depot/projects/ia64/sys/pc98/pc98/ppc.c#4 integrate .. //depot/projects/ia64/sys/pc98/pc98/sio.c#23 integrate .. //depot/projects/ia64/sys/powerpc/powerpc/ofw_machdep.c#7 integrate .. //depot/projects/ia64/sys/ufs/ffs/ffs_vnops.c#26 integrate .. //depot/projects/ia64/usr.bin/checknr/checknr.c#5 integrate .. //depot/projects/ia64/usr.bin/env/Makefile#3 integrate .. //depot/projects/ia64/usr.bin/env/env.1#1 branch .. //depot/projects/ia64/usr.bin/printenv/Makefile#5 integrate .. //depot/projects/ia64/usr.bin/printenv/printenv.1#7 integrate Differences ... ==== //depot/projects/ia64/contrib/openpam/CREDITS#8 (text) ==== @@ -14,15 +14,17 @@ Andrew Morgan <morgan@transmeta.com> Brian Fundakowski Feldman <green@freebsd.org> Darren J. Moffat <Darren.Moffat@sun.com> + Dmitry V. Levin <ldv@altlinux.org> Eric Melville <eric@freebsd.org> Gary Winiger <Gary.Winiger@sun.com> Joe Marcus Clarke <marcus@marcuscom.com> Juli Mallett <jmallett@freebsd.org> Mark Murray <markm@freebsd.org> + Mike Petullo <mike@flyn.org> Mikko Työläjärvi <mbsd@pacbell.net> Robert Watson <rwatson@freebsd.org> Ruslan Ermilov <ru@freebsd.org> Solar Designer <solar@openwall.com> Takanori Saneto <sanewo@ba2.so-net.ne.jp> -$P4: //depot/projects/openpam/CREDITS#6 $ +$P4: //depot/projects/openpam/CREDITS#8 $ ==== //depot/projects/ia64/contrib/openpam/HISTORY#16 (text) ==== @@ -1,3 +1,22 @@ +OpenPAM Digitalis 2003-06-01 + + - ENHANCE: Completely rewrite the configuration parser and add + support for the "include" control flag. + + - ENHANCE: Improve portability to NetBSD, OpenBSD and Linux. + + - ENHANCE: Lots of additional paranoia. + + - BUGFIX: The sample su(1) application dropped privileges before + forking instead of after. + + - ENHANCE: Document openpam_log(3). + + - ENHANCE: Other minor documentation fixes. + +Thanks to Dmitry V. Levin <ldv@altlinux.org> for considerable +assistance with this release. +============================================================================ OpenPAM Dianthus 2003-05-02 - BUGFIX: Initialize some potentially uninitialized variables. @@ -223,4 +242,4 @@ First (beta) release. ============================================================================ -$P4: //depot/projects/openpam/HISTORY#18 $ +$P4: //depot/projects/openpam/HISTORY#19 $ ==== //depot/projects/ia64/contrib/openpam/LICENSE#9 (text) ==== @@ -1,5 +1,5 @@ -Copyright (c) 2002 Networks Associates Technology, Inc. +Copyright (c) 2002-2003 Networks Associates Technology, Inc. All rights reserved. This software was developed for the FreeBSD Project by ThinkSec AS and @@ -31,4 +31,4 @@ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -$P4: //depot/projects/openpam/LICENSE#5 $ +$P4: //depot/projects/openpam/LICENSE#6 $ ==== //depot/projects/ia64/contrib/openpam/MANIFEST#14 (text) ==== @@ -1,5 +1,5 @@ # -# $P4: //depot/projects/openpam/MANIFEST#13 $ +# $P4: //depot/projects/openpam/MANIFEST#16 $ # CREDITS HISTORY @@ -7,9 +7,11 @@ LICENSE MANIFEST Makefile +Makefile.inc README RELNOTES bin/Makefile +bin/Makefile.inc bin/su/Makefile bin/su/su.c doc/Makefile @@ -21,6 +23,7 @@ doc/man/openpam_get_option.3 doc/man/openpam_log.3 doc/man/openpam_nullconv.3 +doc/man/openpam_readline.3 doc/man/openpam_restore_cred.3 doc/man/openpam_set_option.3 doc/man/openpam_ttyconv.3 @@ -76,6 +79,7 @@ lib/openpam_load.c lib/openpam_log.c lib/openpam_nullconv.c +lib/openpam_readline.c lib/openpam_restore_cred.c lib/openpam_set_option.c lib/openpam_static.c ==== //depot/projects/ia64/contrib/openpam/Makefile#9 (text) ==== @@ -1,5 +1,5 @@ #- -# Copyright (c) 2002 Networks Associates Technology, Inc. +# Copyright (c) 2002-2003 Networks Associates Technology, Inc. # All rights reserved. # # This software was developed for the FreeBSD Project by ThinkSec AS @@ -32,7 +32,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/Makefile#7 $ +# $P4: //depot/projects/openpam/Makefile#8 $ # SUBDIR = ==== //depot/projects/ia64/contrib/openpam/RELNOTES#16 (text) ==== @@ -1,13 +1,18 @@ - Release notes for OpenPAM Dianthus - ================================== + Release notes for OpenPAM Digitalis + =================================== -This is a maintenance release incorporating a number of minor patches -accumulated since the previous release. +This release incorporates several major changes and improvements and +should be considered BETA QUALITY. This release corresponds to the code used in FreeBSD-CURRENT as of the -release date. It may or may not build on other platforms; previous -releases have been built on NetBSD and (with partial success) MacOS X. +release date. It is also known to build cleanly on NetBSD 1.6, +OpenBSD 3.1, and a number of glibc-based Linux platforms (with BSD +make installed). It may or may not build on other platforms; you will +need a BSD-compatible make(1) (NetBSD's make(1) is easy to port to +most POSIX platforms). Previous versions were successfully built on +MacOS X 10.1, but there seem to be issues with the heavily modified +version of GCC 3.1 that ships with MacOS X 10.2. The library itself is complete. Documentation exists in the form of man pages for the library functions. These man pages are generated by @@ -26,4 +31,4 @@ Please direct bug reports and inquiries to des@freebsd.org. -$P4: //depot/projects/openpam/RELNOTES#15 $ +$P4: //depot/projects/openpam/RELNOTES#18 $ ==== //depot/projects/ia64/contrib/openpam/bin/Makefile#9 (text) ==== @@ -1,5 +1,5 @@ #- -# Copyright (c) 2002 Networks Associates Technology, Inc. +# Copyright (c) 2002-2003 Networks Associates Technology, Inc. # All rights reserved. # # This software was developed for the FreeBSD Project by ThinkSec AS @@ -32,7 +32,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/bin/Makefile#6 $ +# $P4: //depot/projects/openpam/bin/Makefile#7 $ # SUBDIR = ==== //depot/projects/ia64/contrib/openpam/bin/su/Makefile#9 (text) ==== @@ -1,5 +1,5 @@ #- -# Copyright (c) 2002 Networks Associates Technology, Inc. +# Copyright (c) 2002-2003 Networks Associates Technology, Inc. # All rights reserved. # # This software was developed for the FreeBSD Project by ThinkSec AS @@ -32,13 +32,13 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/bin/su/Makefile#5 $ +# $P4: //depot/projects/openpam/bin/su/Makefile#8 $ # PROG = su WARNS ?= 4 CFLAGS += -I${.CURDIR}/../../include -DPADD = ${.OBJDIR}/../../lib/libpam.so +DPADD = ${.OBJDIR}/../../lib/libpam.a LDADD = -L${.OBJDIR}/../../lib -R${.OBJDIR}/../../lib -lpam NOMAN = YES ==== //depot/projects/ia64/contrib/openpam/bin/su/su.c#10 (text) ==== @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2002 Networks Associates Technology, Inc. + * Copyright (c) 2002-2003 Networks Associates Technology, Inc. * All rights reserved. * * This software was developed for the FreeBSD Project by ThinkSec AS and @@ -31,13 +31,14 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/bin/su/su.c#8 $ + * $P4: //depot/projects/openpam/bin/su/su.c#12 $ */ #include <sys/param.h> #include <sys/wait.h> #include <err.h> +#include <grp.h> #include <pwd.h> #include <stdio.h> #include <stdlib.h> @@ -81,9 +82,17 @@ argc -= optind; argv += optind; + if (argc > 0) { + user = *argv; + --argc; + ++argv; + } else { + user = "root"; + } + /* initialize PAM */ pamc.conv = &openpam_ttyconv; - pam_start("su", argc ? *argv : "root", &pamc, &pamh); + pam_start("su", user, &pamc, &pamh); /* set some items */ gethostname(hostname, sizeof(hostname)); @@ -117,20 +126,6 @@ if (pam_err != PAM_SUCCESS || (pwd = getpwnam(user)) == NULL) goto pamerr; - /* set uid and groups */ - if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) { - warn("initgroups()"); - goto err; - } - if (setgid(pwd->pw_gid) == -1) { - warn("setgid()"); - goto err; - } - if (setuid(pwd->pw_uid) == -1) { - warn("setuid()"); - goto err; - } - /* export PAM environment */ if ((pam_envlist = pam_getenvlist(pamh)) != NULL) { for (pam_env = pam_envlist; *pam_env != NULL; ++pam_env) { @@ -154,7 +149,21 @@ warn("fork()"); goto err; case 0: - /* child: start a shell */ + /* child: give up privs and start a shell */ + + /* set uid and groups */ + if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) { + warn("initgroups()"); + _exit(1); + } + if (setgid(pwd->pw_gid) == -1) { + warn("setgid()"); + _exit(1); + } + if (setuid(pwd->pw_uid) == -1) { + warn("setuid()"); + _exit(1); + } execve(*args, args, environ); warn("execve()"); _exit(1); @@ -170,9 +179,7 @@ } pamerr: - pam_end(pamh, pam_err); fprintf(stderr, "Sorry\n"); - exit(1); err: pam_end(pamh, pam_err); exit(1); ==== //depot/projects/ia64/contrib/openpam/doc/Makefile#9 (text) ==== @@ -1,5 +1,5 @@ #- -# Copyright (c) 2002 Networks Associates Technology, Inc. +# Copyright (c) 2002-2003 Networks Associates Technology, Inc. # All rights reserved. # # This software was developed for the FreeBSD Project by ThinkSec AS @@ -32,7 +32,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/doc/Makefile#4 $ +# $P4: //depot/projects/openpam/doc/Makefile#5 $ # SUBDIR = ==== //depot/projects/ia64/contrib/openpam/doc/man/Makefile#11 (text) ==== @@ -1,5 +1,5 @@ #- -# Copyright (c) 2002 Networks Associates Technology, Inc. +# Copyright (c) 2002-2003 Networks Associates Technology, Inc. # All rights reserved. # # This software was developed for the FreeBSD Project by ThinkSec AS @@ -32,7 +32,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/doc/man/Makefile#11 $ +# $P4: //depot/projects/openpam/doc/man/Makefile#13 $ # GENDOC = ${.CURDIR}/../../misc/gendoc.pl @@ -73,6 +73,7 @@ OMAN += openpam_get_option.3 OMAN += openpam_log.3 OMAN += openpam_nullconv.3 +OMAN += openpam_readline.3 OMAN += openpam_restore_cred.3 OMAN += openpam_set_option.3 OMAN += openpam_ttyconv.3 ==== //depot/projects/ia64/contrib/openpam/doc/man/openpam.3#6 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt OPENPAM 3 .Os .Sh NAME @@ -42,6 +42,7 @@ .Nm openpam_get_option , .Nm openpam_log , .Nm openpam_nullconv , +.Nm openpam_readline , .Nm openpam_restore_cred , .Nm openpam_set_option , .Nm openpam_ttyconv , @@ -68,6 +69,8 @@ .Fn openpam_log "int level" "const char *fmt" "..." .Ft int .Fn openpam_nullconv "int n" "const struct pam_message **msg" "struct pam_response **resp" "void *data" +.Ft char * +.Fn openpam_readline "FILE *f" "int *lineno" "size_t *lenp" .Ft int .Fn openpam_restore_cred "pam_handle_t *pamh" .Ft int @@ -108,6 +111,7 @@ .Xr openpam_get_option 3 , .Xr openpam_log 3 , .Xr openpam_nullconv 3 , +.Xr openpam_readline 3 , .Xr openpam_restore_cred 3 , .Xr openpam_set_option 3 , .Xr openpam_ttyconv 3 , ==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_borrow_cred.3#12 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt OPENPAM_BORROW_CRED 3 .Os .Sh NAME ==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_free_data.3#12 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt OPENPAM_FREE_DATA 3 .Os .Sh NAME ==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_get_option.3#16 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt OPENPAM_GET_OPTION 3 .Os .Sh NAME @@ -54,6 +54,7 @@ option in the context of the currently executing service module, or .Dv NULL if the option is not set or no module is currently executing. +.Pp .Sh RETURN VALUES The .Nm @@ -61,6 +62,7 @@ .Dv NULL on failure. .Sh SEE ALSO +.Xr openpam_set_option 3 , .Xr pam 3 .Sh STANDARDS The ==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_log.3#16 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,12 +33,12 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt OPENPAM_LOG 3 .Os .Sh NAME .Nm openpam_log -.Nd it). Do the next best thing +.Nd log a message through syslog .Sh LIBRARY .Lb libpam .Sh SYNOPSIS @@ -48,9 +48,56 @@ .Ft void .Fn openpam_log "int level" "const char *fmt" "..." .Sh DESCRIPTION -No description available. +The +.Nm +function logs messages using +.Xr syslog 3 . +It is primarily +intended for internal use by the library and modules. +.Pp +The +.Va level +argument indicates the importance of the message. The +following levels are defined: +.Bl -tag -width 18n +.It Dv PAM_LOG_DEBUG +Debugging messages. These messages are normally not +logged unless the global integer variable +.Va _openpam_debug +is set to a non-zero value, in which case they are logged +with a +.Xr syslog 3 +priority of +.Dv LOG_DEBUG . +.It Dv PAM_LOG_VERBOSE +Information about the progress of the authentication +process, or other non-essential messages. These messages +are logged with a +.Xr syslog 3 +priority of +.Dv LOG_INFO . +.It Dv PAM_LOG_NOTICE +Messages relating to non-fatal errors. These messages are +logged with a +.Xr syslog 3 +priority of +.Dv LOG_NOTICE . +.It Dv PAM_LOG_ERROR +Messages relating to serious errors. These messages are +logged with a +.Xr syslog 3 +priority of +.Dv LOG_ERR . +.El +.Pp +The remaining arguments are a +.Xr printf 3 +format string and the +corresponding arguments. .Sh SEE ALSO -.Xr pam 3 +.Xr pam 3 , +.Xr printf 3 , +.Xr syslog 3 .Sh STANDARDS The .Nm ==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_nullconv.3#7 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt OPENPAM_NULLCONV 3 .Os .Sh NAME @@ -79,6 +79,7 @@ .Sh SEE ALSO .Xr openpam_ttyconv 3 , .Xr pam 3 , +.Xr pam_authenticate 3 , .Xr pam_chauthtok 3 , .Xr pam_prompt 3 , .Xr pam_set_item 3 , ==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_restore_cred.3#12 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt OPENPAM_RESTORE_CRED 3 .Os .Sh NAME ==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_set_option.3#16 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt OPENPAM_SET_OPTION 3 .Os .Sh NAME @@ -52,6 +52,7 @@ .Nm function sets the specified option in the context of the currently executing service module. +.Pp .Sh RETURN VALUES The .Nm @@ -63,6 +64,7 @@ System error. .El .Sh SEE ALSO +.Xr openpam_get_option 3 , .Xr pam 3 , .Xr pam_strerror 3 .Sh STANDARDS ==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_ttyconv.3#16 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt OPENPAM_TTYCONV 3 .Os .Sh NAME @@ -57,7 +57,7 @@ The .Nm function allows the application to specify a -timeout for user input by setting the global variable +timeout for user input by setting the global integer variable .Va openpam_ttyconv_timeout to the length of the timeout in seconds. .Pp ==== //depot/projects/ia64/contrib/openpam/doc/man/pam.3#16 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt PAM 3 .Os .Sh NAME ==== //depot/projects/ia64/contrib/openpam/doc/man/pam_acct_mgmt.3#16 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt PAM_ACCT_MGMT 3 .Os .Sh NAME @@ -64,7 +64,7 @@ .El .Pp If any other bits are set, -.Xr pam_authenticate 3 +.Nm will return .Dv PAM_SYMBOL_ERR . .Sh RETURN VALUES @@ -95,7 +95,6 @@ .El .Sh SEE ALSO .Xr pam 3 , -.Xr pam_authenticate 3 , .Xr pam_strerror 3 .Sh STANDARDS .Rs ==== //depot/projects/ia64/contrib/openpam/doc/man/pam_authenticate.3#16 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt PAM_AUTHENTICATE 3 .Os .Sh NAME ==== //depot/projects/ia64/contrib/openpam/doc/man/pam_chauthtok.3#16 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt PAM_CHAUTHTOK 3 .Os .Sh NAME ==== //depot/projects/ia64/contrib/openpam/doc/man/pam_close_session.3#16 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" .\" $P4$ .\" -.Dd May 2, 2003 +.Dd June 1, 2003 .Dt PAM_CLOSE_SESSION 3 .Os .Sh NAME ==== //depot/projects/ia64/contrib/openpam/doc/man/pam_conv.3#3 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2002-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -31,7 +31,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $P4: //depot/projects/openpam/doc/man/pam_conv.3#2 $ +.\" $P4: //depot/projects/openpam/doc/man/pam_conv.3#3 $ .\" .Dd May 27, 2002 .Dt PAM_CONV 3 ==== //depot/projects/ia64/contrib/openpam/doc/man/pam_end.3#16 (text) ==== @@ -1,5 +1,5 @@ .\"- -.\" Copyright (c) 2002 Networks Associates Technology, Inc. +.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc. .\" All rights reserved. .\" .\" This software was developed for the FreeBSD Project by ThinkSec AS and @@ -33,7 +33,7 @@ .\" >>> TRUNCATED FOR MAIL (1000 lines) <<<
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200306011932.h51JWpua058688>