summaryrefslogtreecommitdiff
path: root/usr.bin/doas
AgeCommit message (Expand)Author
2023-05-03Improve setenv markupKlemens Nanni
2022-12-22Denote multiple arguments with 'arg ...' not 'args'Klemens Nanni
2022-03-22minor KNF cleanups during a re-readTheo de Raadt
2022-03-04Revert previous and add LOGIN_SETENV and LOGIN_SETRTABLETheo Buehler
2022-02-25use setall for setusercontext, to make it simpler to inherit new changes.Ted Unangst
2022-02-10unveil _PATH_LOGIN_CONF_DRobert Nagy
2021-11-30Improved error handling in config parser.Tobias Stoeckmann
2021-10-13Fix fd leak of /dev/tty on auth failure, introduced in revision 1.91.Todd C. Miller
2021-09-07Retry up to 3 times on password authentication failureJoshua Stein
2021-07-12Change the error reporting pattern throughout the tree when unveilBob Beck
2021-01-27Promote nrules/maxrules to size_t and make sure they can't overflow.Todd C. Miller
2021-01-21Revert r1.87 "Pledge before authentication when possible"kn
2021-01-20Pledge before authentication when possiblekn
2021-01-16s/authorization/authentication/gMartijn van Duren
2021-01-15Be more explicit by stating that the -n flag is linked to the nopass optionMartijn van Duren
2021-01-13Pledge the "-C" code pathkn
2020-10-09fix SEE ALSO;Jason McIntyre
2020-10-09Add nolog option to avoid syslog(3)kn
2020-10-09Improve error message on missing permissionkn
2020-05-16list example files in FILES with a short description: generally, "ExampleJason McIntyre
2020-02-10briefly mention /etc/examples/ in the FILES section of all theIngo Schwarze
2019-10-18add some checks to avoid UID_MAX (-1) here. this is not problematic withTed Unangst
2019-09-14correct some unveil(2) violations due to "login.conf.db" access (the .db versionSebastien Marie
2019-07-07fix one last edge case regarding PATH, allows simpler config.Ted Unangst
2019-07-04note that authentication is required, unless otherwise configured.Ted Unangst
2019-07-03snprintf/vsnprintf return < 0 on error, rather than -1.Theo de Raadt
2019-06-29fix some more fallout from setting path in setusercontext. restoreTed Unangst
2019-06-24add an example hint that shows how original path can be retainedTed Unangst
2019-06-21tweak wording a bit. always talk about creating a new environment.Ted Unangst
2019-06-19more precisely describe what happens to the environment without keepenv;Ingo Schwarze
2019-06-19mention that doas(1) resets the umask(2);Ingo Schwarze
2019-06-17setusercontext resets PATH (which we want). but then it becomesTed Unangst
2019-06-17mention environment resetting here as well. ok millertTed Unangst
2019-06-17always reset the "su" variables, which is more consistent and predictable.Ted Unangst
2019-06-16redo the environment inheritance to not inherit. it was intended to makeTed Unangst
2019-06-12a few cleanups and simplifications possible now that static pw is gone.Ted Unangst
2019-06-10use getpwuid_r to avoid problems with hidden static storage.Ted Unangst
2019-01-17clear the password even after a mismatchTed Unangst
2018-08-08After authentication is complete, unveil login.conf "r" (to discoverTheo de Raadt
2018-07-11Do for most running out of memory err() what was done for most runningKenneth R Westerback
2018-02-07lowercase doas ee cummings styleTed Unangst
2018-02-07not necessarily the same name, but the indicated nameTed Unangst
2017-07-13man pages with pseudo synopses which list filenames end up creatingJason McIntyre
2017-07-03no need to generate y.tab.h if nothing uses it, set YFLAGS to nothingMarc Espie
2017-05-27for password failure, print Authorization failed instead of EPERM.Ted Unangst
2017-04-06a little const here and there to prevent rules from changingTed Unangst
2017-04-06prepenv can take a const ruleTed Unangst
2017-03-20simplify example. list of ports variables was non-exahustive, which meansTed Unangst
2017-03-09exit test for -L was reversed. spotted by Michael ForneyTed Unangst
2017-01-14add a geteuid check to make sure we're root before plowing into setauth.Ted Unangst