index
:
src
cvs/HEAD
kms/intel
kms/radeon
master
OpenBSD base system
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
usr.bin
/
doas
/
doas.c
Age
Commit message (
Expand
)
Author
2019-10-18
add some checks to avoid UID_MAX (-1) here. this is not problematic with
Ted Unangst
2019-09-14
correct some unveil(2) violations due to "login.conf.db" access (the .db version
Sebastien Marie
2019-07-03
snprintf/vsnprintf return < 0 on error, rather than -1.
Theo de Raadt
2019-06-29
fix some more fallout from setting path in setusercontext. restore
Ted Unangst
2019-06-17
setusercontext resets PATH (which we want). but then it becomes
Ted Unangst
2019-06-16
redo the environment inheritance to not inherit. it was intended to make
Ted Unangst
2019-06-12
a few cleanups and simplifications possible now that static pw is gone.
Ted Unangst
2019-06-10
use getpwuid_r to avoid problems with hidden static storage.
Ted Unangst
2019-01-17
clear the password even after a mismatch
Ted Unangst
2018-08-08
After authentication is complete, unveil login.conf "r" (to discover
Theo de Raadt
2017-05-27
for password failure, print Authorization failed instead of EPERM.
Ted Unangst
2017-04-06
a little const here and there to prevent rules from changing
Ted Unangst
2017-03-09
exit test for -L was reversed. spotted by Michael Forney
Ted Unangst
2017-01-14
add a geteuid check to make sure we're root before plowing into setauth.
Ted Unangst
2016-10-05
Add back the call to yyparse() that was accidentally dropped in the
Theo Buehler
2016-10-05
move yyparse decl next to yyfp
Ted Unangst
2016-10-05
as a result of the env rework, arraylen() is only used in parse.y.
Ted Unangst
2016-09-15
use static in the right places to seperate modules better
Theo de Raadt
2016-09-03
the sudo timeout was 5 minutes i believe, so we'll match that.
Ted Unangst
2016-09-02
add support for the verified auth ioctls using 'persist' rules.
Ted Unangst
2016-09-01
unconst these parameters; i won't be changing bsd auth today.
Ted Unangst
2016-09-01
move the authentication code to a function
Ted Unangst
2016-07-18
The string with path to shell could be taken directly from struct passwd.
Vadim Zhukov
2016-07-12
add "recvfd" to doas(1) for use with skey.
Sebastien Marie
2016-06-24
move a space to the correct spot
Ted Unangst
2016-06-19
Move the RB_ code from doas.h to env.c, and limit the environment interface to a
Martijn van Duren
2016-06-16
the environment handling code was showing its age. just because environ
Ted Unangst
2016-06-07
revert recent changes to allow setenv. everybody now has an idea about
Ted Unangst
2016-06-07
merge setenv feature into keepenv. less grammar, more better.
Ted Unangst
2016-06-05
add a doas.conf setenv directive that allows setting environment
Damien Miller
2016-04-28
set progname to doas so users can't create bizarro fake logs
Ted Unangst
2016-02-15
Do a carriage return before password prompt.
martijn
2016-02-07
require a tty for the password.
Ted Unangst
2016-01-24
make sure of cleaning rbuf with explicit_bzero(3)
Gleydson Soares
2015-12-08
semarie noticed that auth failures don't set errno. just print a generic
Ted Unangst
2015-12-08
Support -a <auth_style> in doas(1). Allows specifying a non-default auth
Stuart Henderson
2015-12-03
use the more direct auth interfaces so we can provide a custom password
Ted Unangst
2015-10-24
setusercontext() may still need "getpw" pledge rights; unbreaks doas on yp
Miod Vallat
2015-10-22
copying of the environment can be done later, as the user running
Ted Unangst
2015-10-22
pledge in doas. startup pledge "stdio rpath getpw proc exec id". 4
Theo de Raadt
2015-09-19
doas doesn't need any files to be passed in. closefrom STDERR+1. ok benno
Ted Unangst
2015-09-03
replace permfail calls with errc. the permfail calls had been retained for
Ted Unangst
2015-09-01
only need to restrict exec path if the rule specifies a command.
Ted Unangst
2015-08-27
add a type of "auth-doas" to the perm check to allow login.conf fiddling
Ted Unangst
2015-08-22
Add cwd context to syslog entry.
Doug Hogan
2015-08-20
Show program name for permission failure messages.
Rafael Zalamena
2015-08-13
and now we can unify the code. okay tedu@
Marc Espie
2015-08-12
more explicit warnings. Okay tedu@
Marc Espie
2015-08-03
remove an extra getuid call, reported by Martijn van Duren
Ted Unangst
2015-07-30
make gid parsing look like uid parsing. from Martijn van Duren
Ted Unangst
[next]