PERFORCE change 32315 for review
Marcel Moolenaar
marcel at FreeBSD.org
Sun Jun 1 12:32:55 PDT 2003
http://perforce.freebsd.org/chv.cgi?CH=32315
Change 32315 by marcel at marcel_nfs on 2003/06/01 12:32:27
IFC @32313
Affected files ...
.. //depot/projects/ia64/contrib/openpam/CREDITS#8 integrate
.. //depot/projects/ia64/contrib/openpam/HISTORY#16 integrate
.. //depot/projects/ia64/contrib/openpam/LICENSE#9 integrate
.. //depot/projects/ia64/contrib/openpam/MANIFEST#14 integrate
.. //depot/projects/ia64/contrib/openpam/Makefile#9 integrate
.. //depot/projects/ia64/contrib/openpam/Makefile.inc#1 branch
.. //depot/projects/ia64/contrib/openpam/RELNOTES#16 integrate
.. //depot/projects/ia64/contrib/openpam/bin/Makefile#9 integrate
.. //depot/projects/ia64/contrib/openpam/bin/Makefile.inc#1 branch
.. //depot/projects/ia64/contrib/openpam/bin/su/Makefile#9 integrate
.. //depot/projects/ia64/contrib/openpam/bin/su/su.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/doc/Makefile#9 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/Makefile#11 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/openpam.3#6 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/openpam_borrow_cred.3#12 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/openpam_free_data.3#12 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/openpam_get_option.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/openpam_log.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/openpam_nullconv.3#7 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/openpam_readline.3#1 branch
.. //depot/projects/ia64/contrib/openpam/doc/man/openpam_restore_cred.3#12 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/openpam_set_option.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/openpam_ttyconv.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_acct_mgmt.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_authenticate.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_chauthtok.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_close_session.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_conv.3#3 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_end.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_error.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_get_authtok.3#17 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_get_data.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_get_item.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_get_user.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_getenv.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_getenvlist.3#17 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_info.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_open_session.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_prompt.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_putenv.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_set_data.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_set_item.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_setcred.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_setenv.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_sm_acct_mgmt.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_sm_authenticate.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_sm_chauthtok.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_sm_close_session.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_sm_open_session.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_sm_setcred.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_start.3#17 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_strerror.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_verror.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_vinfo.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/doc/man/pam_vprompt.3#16 integrate
.. //depot/projects/ia64/contrib/openpam/include/security/openpam.h#16 integrate
.. //depot/projects/ia64/contrib/openpam/include/security/openpam_version.h#6 integrate
.. //depot/projects/ia64/contrib/openpam/include/security/pam_appl.h#10 integrate
.. //depot/projects/ia64/contrib/openpam/include/security/pam_constants.h#13 integrate
.. //depot/projects/ia64/contrib/openpam/include/security/pam_modules.h#11 integrate
.. //depot/projects/ia64/contrib/openpam/include/security/pam_types.h#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/Makefile#12 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_borrow_cred.c#8 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_configure.c#7 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_dispatch.c#11 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_dynamic.c#12 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_findenv.c#11 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_free_data.c#7 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_get_option.c#11 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_impl.h#17 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_load.c#11 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_log.c#14 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_nullconv.c#6 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_readline.c#1 branch
.. //depot/projects/ia64/contrib/openpam/lib/openpam_restore_cred.c#8 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_set_option.c#11 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_static.c#9 integrate
.. //depot/projects/ia64/contrib/openpam/lib/openpam_ttyconv.c#15 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_acct_mgmt.c#12 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_authenticate.c#13 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_authenticate_secondary.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_chauthtok.c#13 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_close_session.c#12 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_end.c#11 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_error.c#9 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_get_authtok.c#16 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_get_data.c#11 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_get_item.c#12 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_get_mapped_authtok.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_get_mapped_username.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_get_user.c#12 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_getenv.c#13 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_getenvlist.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_info.c#9 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_open_session.c#12 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_prompt.c#9 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_putenv.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_set_data.c#11 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_set_item.c#13 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_set_mapped_authtok.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_set_mapped_username.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_setcred.c#12 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_setenv.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_sm_acct_mgmt.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_sm_authenticate.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_sm_authenticate_secondary.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_sm_chauthtok.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_sm_close_session.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_sm_get_mapped_authtok.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_sm_get_mapped_username.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_sm_open_session.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_sm_set_mapped_authtok.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_sm_set_mapped_username.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_sm_setcred.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_start.c#12 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_strerror.c#10 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_verror.c#9 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_vinfo.c#9 integrate
.. //depot/projects/ia64/contrib/openpam/lib/pam_vprompt.c#12 integrate
.. //depot/projects/ia64/contrib/openpam/misc/gendoc.pl#12 integrate
.. //depot/projects/ia64/contrib/openpam/modules/Makefile#10 integrate
.. //depot/projects/ia64/contrib/openpam/modules/pam_deny/Makefile#9 integrate
.. //depot/projects/ia64/contrib/openpam/modules/pam_deny/pam_deny.c#9 integrate
.. //depot/projects/ia64/contrib/openpam/modules/pam_permit/Makefile#9 integrate
.. //depot/projects/ia64/contrib/openpam/modules/pam_permit/pam_permit.c#9 integrate
.. //depot/projects/ia64/contrib/openpam/modules/pam_unix/Makefile#3 integrate
.. //depot/projects/ia64/contrib/openpam/modules/pam_unix/pam_unix.c#4 integrate
.. //depot/projects/ia64/etc/defaults/rc.conf#32 integrate
.. //depot/projects/ia64/etc/mtree/BSD.local.dist#12 integrate
.. //depot/projects/ia64/etc/mtree/BSD.usr.dist#20 integrate
.. //depot/projects/ia64/etc/rc.d/mountcritlocal#5 integrate
.. //depot/projects/ia64/etc/rc.d/mountcritremote#6 integrate
.. //depot/projects/ia64/lib/libc/gen/fts.3#5 integrate
.. //depot/projects/ia64/lib/libc/locale/Makefile.inc#13 integrate
.. //depot/projects/ia64/lib/libc/locale/gbk.c#1 branch
.. //depot/projects/ia64/lib/libc/locale/setrunelocale.c#5 integrate
.. //depot/projects/ia64/lib/libc/stdlib/malloc.c#17 integrate
.. //depot/projects/ia64/lib/libgeom/geom_ctl.c#3 integrate
.. //depot/projects/ia64/lib/libgeom/libgeom.h#6 integrate
.. //depot/projects/ia64/lib/libpam/libpam/Makefile#22 integrate
.. //depot/projects/ia64/lib/libpam/modules/pam_ftp/Makefile#5 delete
.. //depot/projects/ia64/lib/libpam/modules/pam_ftp/pam_ftp.8#3 delete
.. //depot/projects/ia64/lib/libpam/modules/pam_ftp/pam_ftp.c#6 delete
.. //depot/projects/ia64/lib/libpam/modules/pam_wheel/Makefile#5 delete
.. //depot/projects/ia64/lib/libpam/modules/pam_wheel/pam_wheel.8#4 delete
.. //depot/projects/ia64/lib/libpam/modules/pam_wheel/pam_wheel.c#8 delete
.. //depot/projects/ia64/sbin/bsdlabel/bsdlabel.c#8 integrate
.. //depot/projects/ia64/sbin/bsdlabel/runtest.sh#3 integrate
.. //depot/projects/ia64/sbin/gbde/gbde.c#10 integrate
.. //depot/projects/ia64/sbin/sunlabel/sunlabel.c#6 integrate
.. //depot/projects/ia64/share/mk/bsd.sys.mk#15 integrate
.. //depot/projects/ia64/share/mklocale/Makefile#9 integrate
.. //depot/projects/ia64/share/mklocale/zh_CN.GBK.src#1 branch
.. //depot/projects/ia64/sys/cam/cam_periph.c#11 integrate
.. //depot/projects/ia64/sys/cam/scsi/scsi_sa.c#14 integrate
.. //depot/projects/ia64/sys/ddb/db_command.c#12 integrate
.. //depot/projects/ia64/sys/dev/an/if_an.c#22 integrate
.. //depot/projects/ia64/sys/dev/cardbus/cardbus_cis.c#15 integrate
.. //depot/projects/ia64/sys/dev/isp/isp.c#17 integrate
.. //depot/projects/ia64/sys/dev/sound/pci/au88x0.c#1 branch
.. //depot/projects/ia64/sys/dev/sound/pci/au88x0.h#1 branch
.. //depot/projects/ia64/sys/dev/syscons/scmouse.c#8 integrate
.. //depot/projects/ia64/sys/fs/fifofs/fifo_vnops.c#22 integrate
.. //depot/projects/ia64/sys/fs/pseudofs/pseudofs_vnops.c#17 integrate
.. //depot/projects/ia64/sys/geom/bde/g_bde.c#12 integrate
.. //depot/projects/ia64/sys/geom/geom.h#32 integrate
.. //depot/projects/ia64/sys/geom/geom_bsd.c#36 integrate
.. //depot/projects/ia64/sys/geom/geom_ctl.c#10 integrate
.. //depot/projects/ia64/sys/geom/geom_ctl.h#3 integrate
.. //depot/projects/ia64/sys/geom/geom_ext.h#2 delete
.. //depot/projects/ia64/sys/geom/geom_subr.c#29 integrate
.. //depot/projects/ia64/sys/geom/geom_sunlabel.c#24 integrate
.. //depot/projects/ia64/sys/ia64/ia64/vm_machdep.c#26 integrate
.. //depot/projects/ia64/sys/kern/kern_thread.c#47 integrate
.. //depot/projects/ia64/sys/modules/sound/driver/au88x0/Makefile#1 branch
.. //depot/projects/ia64/sys/netinet/ip_encap.c#9 integrate
.. //depot/projects/ia64/sys/pc98/pc98/clock.c#16 integrate
.. //depot/projects/ia64/sys/pc98/pc98/fd.c#19 integrate
.. //depot/projects/ia64/sys/pc98/pc98/ppc.c#4 integrate
.. //depot/projects/ia64/sys/pc98/pc98/sio.c#23 integrate
.. //depot/projects/ia64/sys/powerpc/powerpc/ofw_machdep.c#7 integrate
.. //depot/projects/ia64/sys/ufs/ffs/ffs_vnops.c#26 integrate
.. //depot/projects/ia64/usr.bin/checknr/checknr.c#5 integrate
.. //depot/projects/ia64/usr.bin/env/Makefile#3 integrate
.. //depot/projects/ia64/usr.bin/env/env.1#1 branch
.. //depot/projects/ia64/usr.bin/printenv/Makefile#5 integrate
.. //depot/projects/ia64/usr.bin/printenv/printenv.1#7 integrate
Differences ...
==== //depot/projects/ia64/contrib/openpam/CREDITS#8 (text) ====
@@ -14,15 +14,17 @@
Andrew Morgan <morgan at transmeta.com>
Brian Fundakowski Feldman <green at freebsd.org>
Darren J. Moffat <Darren.Moffat at sun.com>
+ Dmitry V. Levin <ldv at altlinux.org>
Eric Melville <eric at freebsd.org>
Gary Winiger <Gary.Winiger at sun.com>
Joe Marcus Clarke <marcus at marcuscom.com>
Juli Mallett <jmallett at freebsd.org>
Mark Murray <markm at freebsd.org>
+ Mike Petullo <mike at flyn.org>
Mikko Työläjärvi <mbsd at pacbell.net>
Robert Watson <rwatson at freebsd.org>
Ruslan Ermilov <ru at freebsd.org>
Solar Designer <solar at openwall.com>
Takanori Saneto <sanewo at ba2.so-net.ne.jp>
-$P4: //depot/projects/openpam/CREDITS#6 $
+$P4: //depot/projects/openpam/CREDITS#8 $
==== //depot/projects/ia64/contrib/openpam/HISTORY#16 (text) ====
@@ -1,3 +1,22 @@
+OpenPAM Digitalis 2003-06-01
+
+ - ENHANCE: Completely rewrite the configuration parser and add
+ support for the "include" control flag.
+
+ - ENHANCE: Improve portability to NetBSD, OpenBSD and Linux.
+
+ - ENHANCE: Lots of additional paranoia.
+
+ - BUGFIX: The sample su(1) application dropped privileges before
+ forking instead of after.
+
+ - ENHANCE: Document openpam_log(3).
+
+ - ENHANCE: Other minor documentation fixes.
+
+Thanks to Dmitry V. Levin <ldv at altlinux.org> for considerable
+assistance with this release.
+============================================================================
OpenPAM Dianthus 2003-05-02
- BUGFIX: Initialize some potentially uninitialized variables.
@@ -223,4 +242,4 @@
First (beta) release.
============================================================================
-$P4: //depot/projects/openpam/HISTORY#18 $
+$P4: //depot/projects/openpam/HISTORY#19 $
==== //depot/projects/ia64/contrib/openpam/LICENSE#9 (text) ====
@@ -1,5 +1,5 @@
-Copyright (c) 2002 Networks Associates Technology, Inc.
+Copyright (c) 2002-2003 Networks Associates Technology, Inc.
All rights reserved.
This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -31,4 +31,4 @@
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.
-$P4: //depot/projects/openpam/LICENSE#5 $
+$P4: //depot/projects/openpam/LICENSE#6 $
==== //depot/projects/ia64/contrib/openpam/MANIFEST#14 (text) ====
@@ -1,5 +1,5 @@
#
-# $P4: //depot/projects/openpam/MANIFEST#13 $
+# $P4: //depot/projects/openpam/MANIFEST#16 $
#
CREDITS
HISTORY
@@ -7,9 +7,11 @@
LICENSE
MANIFEST
Makefile
+Makefile.inc
README
RELNOTES
bin/Makefile
+bin/Makefile.inc
bin/su/Makefile
bin/su/su.c
doc/Makefile
@@ -21,6 +23,7 @@
doc/man/openpam_get_option.3
doc/man/openpam_log.3
doc/man/openpam_nullconv.3
+doc/man/openpam_readline.3
doc/man/openpam_restore_cred.3
doc/man/openpam_set_option.3
doc/man/openpam_ttyconv.3
@@ -76,6 +79,7 @@
lib/openpam_load.c
lib/openpam_log.c
lib/openpam_nullconv.c
+lib/openpam_readline.c
lib/openpam_restore_cred.c
lib/openpam_set_option.c
lib/openpam_static.c
==== //depot/projects/ia64/contrib/openpam/Makefile#9 (text) ====
@@ -1,5 +1,5 @@
#-
-# Copyright (c) 2002 Networks Associates Technology, Inc.
+# Copyright (c) 2002-2003 Networks Associates Technology, Inc.
# All rights reserved.
#
# This software was developed for the FreeBSD Project by ThinkSec AS
@@ -32,7 +32,7 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
-# $P4: //depot/projects/openpam/Makefile#7 $
+# $P4: //depot/projects/openpam/Makefile#8 $
#
SUBDIR =
==== //depot/projects/ia64/contrib/openpam/RELNOTES#16 (text) ====
@@ -1,13 +1,18 @@
- Release notes for OpenPAM Dianthus
- ==================================
+ Release notes for OpenPAM Digitalis
+ ===================================
-This is a maintenance release incorporating a number of minor patches
-accumulated since the previous release.
+This release incorporates several major changes and improvements and
+should be considered BETA QUALITY.
This release corresponds to the code used in FreeBSD-CURRENT as of the
-release date. It may or may not build on other platforms; previous
-releases have been built on NetBSD and (with partial success) MacOS X.
+release date. It is also known to build cleanly on NetBSD 1.6,
+OpenBSD 3.1, and a number of glibc-based Linux platforms (with BSD
+make installed). It may or may not build on other platforms; you will
+need a BSD-compatible make(1) (NetBSD's make(1) is easy to port to
+most POSIX platforms). Previous versions were successfully built on
+MacOS X 10.1, but there seem to be issues with the heavily modified
+version of GCC 3.1 that ships with MacOS X 10.2.
The library itself is complete. Documentation exists in the form of
man pages for the library functions. These man pages are generated by
@@ -26,4 +31,4 @@
Please direct bug reports and inquiries to des at freebsd.org.
-$P4: //depot/projects/openpam/RELNOTES#15 $
+$P4: //depot/projects/openpam/RELNOTES#18 $
==== //depot/projects/ia64/contrib/openpam/bin/Makefile#9 (text) ====
@@ -1,5 +1,5 @@
#-
-# Copyright (c) 2002 Networks Associates Technology, Inc.
+# Copyright (c) 2002-2003 Networks Associates Technology, Inc.
# All rights reserved.
#
# This software was developed for the FreeBSD Project by ThinkSec AS
@@ -32,7 +32,7 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
-# $P4: //depot/projects/openpam/bin/Makefile#6 $
+# $P4: //depot/projects/openpam/bin/Makefile#7 $
#
SUBDIR =
==== //depot/projects/ia64/contrib/openpam/bin/su/Makefile#9 (text) ====
@@ -1,5 +1,5 @@
#-
-# Copyright (c) 2002 Networks Associates Technology, Inc.
+# Copyright (c) 2002-2003 Networks Associates Technology, Inc.
# All rights reserved.
#
# This software was developed for the FreeBSD Project by ThinkSec AS
@@ -32,13 +32,13 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
-# $P4: //depot/projects/openpam/bin/su/Makefile#5 $
+# $P4: //depot/projects/openpam/bin/su/Makefile#8 $
#
PROG = su
WARNS ?= 4
CFLAGS += -I${.CURDIR}/../../include
-DPADD = ${.OBJDIR}/../../lib/libpam.so
+DPADD = ${.OBJDIR}/../../lib/libpam.a
LDADD = -L${.OBJDIR}/../../lib -R${.OBJDIR}/../../lib -lpam
NOMAN = YES
==== //depot/projects/ia64/contrib/openpam/bin/su/su.c#10 (text) ====
@@ -1,5 +1,5 @@
/*-
- * Copyright (c) 2002 Networks Associates Technology, Inc.
+ * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
* All rights reserved.
*
* This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -31,13 +31,14 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $P4: //depot/projects/openpam/bin/su/su.c#8 $
+ * $P4: //depot/projects/openpam/bin/su/su.c#12 $
*/
#include <sys/param.h>
#include <sys/wait.h>
#include <err.h>
+#include <grp.h>
#include <pwd.h>
#include <stdio.h>
#include <stdlib.h>
@@ -81,9 +82,17 @@
argc -= optind;
argv += optind;
+ if (argc > 0) {
+ user = *argv;
+ --argc;
+ ++argv;
+ } else {
+ user = "root";
+ }
+
/* initialize PAM */
pamc.conv = &openpam_ttyconv;
- pam_start("su", argc ? *argv : "root", &pamc, &pamh);
+ pam_start("su", user, &pamc, &pamh);
/* set some items */
gethostname(hostname, sizeof(hostname));
@@ -117,20 +126,6 @@
if (pam_err != PAM_SUCCESS || (pwd = getpwnam(user)) == NULL)
goto pamerr;
- /* set uid and groups */
- if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) {
- warn("initgroups()");
- goto err;
- }
- if (setgid(pwd->pw_gid) == -1) {
- warn("setgid()");
- goto err;
- }
- if (setuid(pwd->pw_uid) == -1) {
- warn("setuid()");
- goto err;
- }
-
/* export PAM environment */
if ((pam_envlist = pam_getenvlist(pamh)) != NULL) {
for (pam_env = pam_envlist; *pam_env != NULL; ++pam_env) {
@@ -154,7 +149,21 @@
warn("fork()");
goto err;
case 0:
- /* child: start a shell */
+ /* child: give up privs and start a shell */
+
+ /* set uid and groups */
+ if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) {
+ warn("initgroups()");
+ _exit(1);
+ }
+ if (setgid(pwd->pw_gid) == -1) {
+ warn("setgid()");
+ _exit(1);
+ }
+ if (setuid(pwd->pw_uid) == -1) {
+ warn("setuid()");
+ _exit(1);
+ }
execve(*args, args, environ);
warn("execve()");
_exit(1);
@@ -170,9 +179,7 @@
}
pamerr:
- pam_end(pamh, pam_err);
fprintf(stderr, "Sorry\n");
- exit(1);
err:
pam_end(pamh, pam_err);
exit(1);
==== //depot/projects/ia64/contrib/openpam/doc/Makefile#9 (text) ====
@@ -1,5 +1,5 @@
#-
-# Copyright (c) 2002 Networks Associates Technology, Inc.
+# Copyright (c) 2002-2003 Networks Associates Technology, Inc.
# All rights reserved.
#
# This software was developed for the FreeBSD Project by ThinkSec AS
@@ -32,7 +32,7 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
-# $P4: //depot/projects/openpam/doc/Makefile#4 $
+# $P4: //depot/projects/openpam/doc/Makefile#5 $
#
SUBDIR =
==== //depot/projects/ia64/contrib/openpam/doc/man/Makefile#11 (text) ====
@@ -1,5 +1,5 @@
#-
-# Copyright (c) 2002 Networks Associates Technology, Inc.
+# Copyright (c) 2002-2003 Networks Associates Technology, Inc.
# All rights reserved.
#
# This software was developed for the FreeBSD Project by ThinkSec AS
@@ -32,7 +32,7 @@
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
-# $P4: //depot/projects/openpam/doc/man/Makefile#11 $
+# $P4: //depot/projects/openpam/doc/man/Makefile#13 $
#
GENDOC = ${.CURDIR}/../../misc/gendoc.pl
@@ -73,6 +73,7 @@
OMAN += openpam_get_option.3
OMAN += openpam_log.3
OMAN += openpam_nullconv.3
+OMAN += openpam_readline.3
OMAN += openpam_restore_cred.3
OMAN += openpam_set_option.3
OMAN += openpam_ttyconv.3
==== //depot/projects/ia64/contrib/openpam/doc/man/openpam.3#6 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt OPENPAM 3
.Os
.Sh NAME
@@ -42,6 +42,7 @@
.Nm openpam_get_option ,
.Nm openpam_log ,
.Nm openpam_nullconv ,
+.Nm openpam_readline ,
.Nm openpam_restore_cred ,
.Nm openpam_set_option ,
.Nm openpam_ttyconv ,
@@ -68,6 +69,8 @@
.Fn openpam_log "int level" "const char *fmt" "..."
.Ft int
.Fn openpam_nullconv "int n" "const struct pam_message **msg" "struct pam_response **resp" "void *data"
+.Ft char *
+.Fn openpam_readline "FILE *f" "int *lineno" "size_t *lenp"
.Ft int
.Fn openpam_restore_cred "pam_handle_t *pamh"
.Ft int
@@ -108,6 +111,7 @@
.Xr openpam_get_option 3 ,
.Xr openpam_log 3 ,
.Xr openpam_nullconv 3 ,
+.Xr openpam_readline 3 ,
.Xr openpam_restore_cred 3 ,
.Xr openpam_set_option 3 ,
.Xr openpam_ttyconv 3 ,
==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_borrow_cred.3#12 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt OPENPAM_BORROW_CRED 3
.Os
.Sh NAME
==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_free_data.3#12 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt OPENPAM_FREE_DATA 3
.Os
.Sh NAME
==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_get_option.3#16 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt OPENPAM_GET_OPTION 3
.Os
.Sh NAME
@@ -54,6 +54,7 @@
option in the context of the currently executing service module, or
.Dv NULL
if the option is not set or no module is currently executing.
+.Pp
.Sh RETURN VALUES
The
.Nm
@@ -61,6 +62,7 @@
.Dv NULL
on failure.
.Sh SEE ALSO
+.Xr openpam_set_option 3 ,
.Xr pam 3
.Sh STANDARDS
The
==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_log.3#16 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,12 +33,12 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt OPENPAM_LOG 3
.Os
.Sh NAME
.Nm openpam_log
-.Nd it). Do the next best thing
+.Nd log a message through syslog
.Sh LIBRARY
.Lb libpam
.Sh SYNOPSIS
@@ -48,9 +48,56 @@
.Ft void
.Fn openpam_log "int level" "const char *fmt" "..."
.Sh DESCRIPTION
-No description available.
+The
+.Nm
+function logs messages using
+.Xr syslog 3 .
+It is primarily
+intended for internal use by the library and modules.
+.Pp
+The
+.Va level
+argument indicates the importance of the message. The
+following levels are defined:
+.Bl -tag -width 18n
+.It Dv PAM_LOG_DEBUG
+Debugging messages. These messages are normally not
+logged unless the global integer variable
+.Va _openpam_debug
+is set to a non-zero value, in which case they are logged
+with a
+.Xr syslog 3
+priority of
+.Dv LOG_DEBUG .
+.It Dv PAM_LOG_VERBOSE
+Information about the progress of the authentication
+process, or other non-essential messages. These messages
+are logged with a
+.Xr syslog 3
+priority of
+.Dv LOG_INFO .
+.It Dv PAM_LOG_NOTICE
+Messages relating to non-fatal errors. These messages are
+logged with a
+.Xr syslog 3
+priority of
+.Dv LOG_NOTICE .
+.It Dv PAM_LOG_ERROR
+Messages relating to serious errors. These messages are
+logged with a
+.Xr syslog 3
+priority of
+.Dv LOG_ERR .
+.El
+.Pp
+The remaining arguments are a
+.Xr printf 3
+format string and the
+corresponding arguments.
.Sh SEE ALSO
-.Xr pam 3
+.Xr pam 3 ,
+.Xr printf 3 ,
+.Xr syslog 3
.Sh STANDARDS
The
.Nm
==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_nullconv.3#7 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt OPENPAM_NULLCONV 3
.Os
.Sh NAME
@@ -79,6 +79,7 @@
.Sh SEE ALSO
.Xr openpam_ttyconv 3 ,
.Xr pam 3 ,
+.Xr pam_authenticate 3 ,
.Xr pam_chauthtok 3 ,
.Xr pam_prompt 3 ,
.Xr pam_set_item 3 ,
==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_restore_cred.3#12 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt OPENPAM_RESTORE_CRED 3
.Os
.Sh NAME
==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_set_option.3#16 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt OPENPAM_SET_OPTION 3
.Os
.Sh NAME
@@ -52,6 +52,7 @@
.Nm
function sets the specified option in the
context of the currently executing service module.
+.Pp
.Sh RETURN VALUES
The
.Nm
@@ -63,6 +64,7 @@
System error.
.El
.Sh SEE ALSO
+.Xr openpam_get_option 3 ,
.Xr pam 3 ,
.Xr pam_strerror 3
.Sh STANDARDS
==== //depot/projects/ia64/contrib/openpam/doc/man/openpam_ttyconv.3#16 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt OPENPAM_TTYCONV 3
.Os
.Sh NAME
@@ -57,7 +57,7 @@
The
.Nm
function allows the application to specify a
-timeout for user input by setting the global variable
+timeout for user input by setting the global integer variable
.Va openpam_ttyconv_timeout
to the length of the timeout in seconds.
.Pp
==== //depot/projects/ia64/contrib/openpam/doc/man/pam.3#16 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt PAM 3
.Os
.Sh NAME
==== //depot/projects/ia64/contrib/openpam/doc/man/pam_acct_mgmt.3#16 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt PAM_ACCT_MGMT 3
.Os
.Sh NAME
@@ -64,7 +64,7 @@
.El
.Pp
If any other bits are set,
-.Xr pam_authenticate 3
+.Nm
will return
.Dv PAM_SYMBOL_ERR .
.Sh RETURN VALUES
@@ -95,7 +95,6 @@
.El
.Sh SEE ALSO
.Xr pam 3 ,
-.Xr pam_authenticate 3 ,
.Xr pam_strerror 3
.Sh STANDARDS
.Rs
==== //depot/projects/ia64/contrib/openpam/doc/man/pam_authenticate.3#16 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt PAM_AUTHENTICATE 3
.Os
.Sh NAME
==== //depot/projects/ia64/contrib/openpam/doc/man/pam_chauthtok.3#16 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt PAM_CHAUTHTOK 3
.Os
.Sh NAME
==== //depot/projects/ia64/contrib/openpam/doc/man/pam_close_session.3#16 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
.\" $P4$
.\"
-.Dd May 2, 2003
+.Dd June 1, 2003
.Dt PAM_CLOSE_SESSION 3
.Os
.Sh NAME
==== //depot/projects/ia64/contrib/openpam/doc/man/pam_conv.3#3 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2002-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -31,7 +31,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $P4: //depot/projects/openpam/doc/man/pam_conv.3#2 $
+.\" $P4: //depot/projects/openpam/doc/man/pam_conv.3#3 $
.\"
.Dd May 27, 2002
.Dt PAM_CONV 3
==== //depot/projects/ia64/contrib/openpam/doc/man/pam_end.3#16 (text) ====
@@ -1,5 +1,5 @@
.\"-
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -33,7 +33,7 @@
.\"
>>> TRUNCATED FOR MAIL (1000 lines) <<<
More information about the p4-projects
mailing list