| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
of "login.conf"), and stat(2) on _PATH_MASTERPASSWD_LOCK (via pw_mkdb(3)).
problem initially noted by myself for passwd(1)
millert@ reported similar problem on chpass(1), su(1), doas(1) and encrypt(1)
mestre@ noted chpass(1) too
ok mestre@ millert@
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
chpass(1) without parameters enters in edit mode by default, in here it will
need to execute _PATH_BSHELL to spawn a new EDITOR, _PATH_SHELLS to check
(read) if we are changing from/to a non-standard shell (in case we are not
root) and read access to `tempname' to verify if the file has valid entries and
create to unlink it.
If -s is used to change a user's shell then it will need read access to
_PATH_SHELLS by the same reason already mentioned above.
Unconditionally we need to unveil _PATH_MASTERPASSWD_LOCK with write/create
permissions, _PATH_MASTERPASSWD with read and _PATH_PWD_MKDB to execute
pwd_mkdb(8).
In the -a case I'm not unveiling /etc/spwd.db since we can get it through
pledge "getpw", which can be added later for completeness of all code paths.
Note also that the first pledges need "unveil" since we will call unveil(2)
afterwards.
"looks good" deraadt@
|
| |
|
|
| |
Fabio Scotoni <fabio at esse dot ch> reported it was missing in eqn(7)
|
| |
|
|
|
| |
provides retry on short-write file descriptors.
ok florian, previous versions seen by millert
|
| |
|
|
|
|
|
|
|
|
|
|
| |
correctly - logically complete that now by removing MLINKS from base;
authors need only to ensure there is an entry in NAME for any function/
util being added. MLINKS will still work, and remain for perl to ease
upgrades;
ok nicm (curses) bcook (ssl)
ok schwarze, who provided a lot of feedback and assistance
ok tb natano jung
|
| |
|
|
|
|
| |
pledged. Keep an eye out for regressions, because they could be
uncomfortable.
ok beck semarie
|
| | |
|
| |
|
|
|
|
| |
reach-around into libc
noted by daniel@
|
| |
|
|
|
|
|
|
|
| |
What's worse, the tzfile.h that gets installed is over 20 years old
and doesn't match the real tzfile.h in libc/time. This makes the
tree safe for /usr/include/tzfile.h removal. The TM_YEAR_BASE
define has been moved to time.h temporarily until its usage is
replaced by 1900 in the tree. Actual removal of tzfile.h is pending
a ports build. Based on a diff from deraadt@
|
| |
|
|
|
|
|
|
|
| |
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
troff displays these as typographic quotes, but nroff implementations
almost always print them literally, which rarely has the intended effect
with modern fonts, even in stock xterm.
These uses of `` '' can be replaced either with more semantic alternatives
or with Dq, which prints typographic quotes in a UTF-8 locale (but will
automatically fall back to `` '' in an ASCII locale).
improvements and ok schwarze@
|
| |
|
|
|
|
| |
Prefer fopen("re") over fopen("r")+fcntl(F_SETFD)
ok otto@ millert@
|
| |
|
|
| |
feedback and ok jmc@
|
| |
|
|
| |
ok krw
|
| |
|
|
| |
From: Jan Stary
|
| |
|
|
|
|
|
|
| |
- use O_CLOEXEC with open() instead of open/fcntl
from David Hill
ok otto@
|
| |
|
|
|
|
| |
on April 27, 2008. While here, fix a typo and drop an obsolete BUGS section.
"my typo so OK millert@ :-)" and OK jmc@
|
| |
|
|
|
| |
issue spotted by f5b
help/ok schwarze
|
| |
|
|
|
|
|
| |
unmaintainable). these days, people use source. these id's do not provide
any benefit, and do hurt the small install media
(the 33,000 line diff is essentially mechanical)
ok with the idea millert, ok dms
|
| |
|
|
| |
ok jmc@
|
| | |
|
| |
|
|
| |
(possibly) expanded shell as needed. OK deraadt@
|
| |
|
|
| |
which is clearly not the intent. PR 4177, fix from schwarze@usta.de
|
| |
|
|
|
|
|
| |
struct tm to mktime() so that the calculation will follow the local
DST rules
ok millert@ otto@
|
| |
|
|
| |
ok millert@ jsing@
|
| | |
|
| | |
|
| |
|
|
| |
entire file. much help from kurt, and tested by many
|
| |
|
|
|
|
| |
an unused static var and test out of atot.
With input by jsing and millert, ok millert
|
| |
|
|
| |
file. OK miod@
|
| | |
|
| |
|
|
|
|
| |
from Daniel Polak via henning
ok henning
|
| |
|
|
| |
ok deraadt millert
|
| |
|
|
|
| |
error message if a user arg has been given with -a. Noted by Dan
Brosemer. ok millert@ jaredy@
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Fixes a warning on 64bit platforms and is less error-prone. OK otto@
|
| | |
|
| | |
|
| |
|
|
|
| |
(hint: "a" and "b" can't be pasted as a valid C token...)
okay millert@
|
| | |
|
| | |
|
| |
|
|
| |
pointed out by Dr. Mdoc jmc@
|
| |
|
|
|
| |
- bump mktemp randomness slightly from 8 -> 10
millert@ ok
|
| | |
|
| |
|
|
|
|
|
|
|
| |
- COMPATIBILITY merge
- macro cleanup
- kill whitespace at EOL
- new sentence, new line
ssh pages ok markus@
|
semarie
mestre
schwarze
deraadt
jmc
tedu
guenther
millert
bentley
okan
sobrado
jacekm
chl
djm
tobias
otto
robert
wilfried
espie
avsm