| Age | Commit message (Collapse) | Author |
|---|
|
use strcspn to properly overwrite '\n' in fgets returned buffer
ok ray@ jaredy@
looks ok gilles@ long time ago on a similar diff
|
|
the synopsis and usage of user(8) related commands; sort the options
list in the DESCRIPTION section of the manual pages; spacing.
ok jmc@
|
|
with the right mdoc macros.
|
|
- remove non-functional -v option from docs/usage()
feedback/ok millert otto
|
|
struct tm to mktime() so that the calculation will follow the local
DST rules
ok millert@ otto@
|
|
end of the file, for this would make logins coming after the yp line (such
as nomadic or fallback accounts) to come back before the yp line and take
precedence. Found the hard way installing packages needing a user to be created.
ok deraadt@
|
|
fixes is from pr 5554. ok millert, ray
|
|
|
|
|
|
OK millert@.
|
|
routines.
OK millert@.
|
|
|
|
|
|
|
|
|
|
user id to userinfo works. From Alf Schlichting; ok millert@
|
|
code cannot overflow. Add error checking to protect future code
changes and to provide a better example for plagiarizers.
OK millert@.
|
|
password in argv. This doesn't solve the problem; it just reduces
the amount of time that encrypted password is available via ps.
OK deraadt@ and krw@
|
|
spotted by matthieu and miod
sorry bill, but you stopped just hacking far too long ago..
|
|
Reported and fix confirmed by Maxim Bourmistrov
|
|
|
|
example by example, we teach people how to actually use snprintf. because
it is clear (especially judging by code coming from netbsd hint hint perhaps
if i say it like this they will finally learn) that people are not paying
attention, and replacing one security problem with another.
in the early days we replaced buffer the typical ANSI-C standardized function
buffer overflows (by which I mean strcpy, strcat, and sprintf) with
non-overflowing ones -- range checking varients. We knew we were fixing
a major problem. The damn overflows. But we did not have time in all cases
to handle the next problem we were not handling: string truncation. Now we
need to (I hope not slowly) start fixing the string truncations.
Anyone going to help?
|
|
ok deraadt@ millert@
|
|
also, section order for usermgmt.conf.5 was wrong.
|
|
|
|
fields in passwd(5)). OK otto@ a while ago.
|
|
|
|
expiry flag. Resolves PR 3792, though not by changing code, but by
changing docs, comments and an error message or two.
ok jmc@ millert@
|
|
ok deraadt@ tdeval@
|
|
+ entry. assistance from tdeval and otto. this is the first half of
pr 3727, brendan@cs.uchicago.edu
|
|
Based on a patch from Sam Smith. henning@ OK
|
|
userdel since a username may contain regexp special chars.
Fix a memory leak on error and chmod before moving the new group
file is moved into place instead of after.
Saner error messages in rm_user_from_groups() (cut & pastos)
OK deraadt@, tdeval@ and otto@; error message fixes courtesy of otto@
|
|
with fgets() (which does). Using fgetln() doesn't make a huge amount
of sense since passwd entries are required to be short and mustn't contain
NULs. This also fixes a bus error on sparc64 (caused by passing a pointer
to an int when a pointer to size_t was expected) found by pvalchev@.
Tested and OK pvalchev@
|
|
ok otto@
|
|
multiple '&'s. Resolves PR 3616.
ok deraadt@
|
|
from Franciszek Holop;
|
|
from Jeff Ross.
|
|
ok millert@
|
|
up->u_flags. Fixes a coredump when changing/deleting an existing
user introduced by my recent commit here.
|
|
Peter Werner. Closes PR 2699.
|
|
o Correct some error messages
o More informative error when reading a line that is > LINE_MAX
o When saving password, only alloc space for what is used
|
|
check in useradd or usermod whether the given encrypted password
has the correct length.
Factor out time code into a function, scantime()
Perform ctype(3) operations on unsigned chars.
From NetBSD (agc)
|
|
and modification of user and group information.
Syslog priority is LOG_INFO, facility is LOG_USER (there is no need to
do this via LOG_AUTH, since the password and group files are world
readable).
From NetBSD (agc)
|
|
|
|
o remove user from supplementary groups when deleting a user and not
preserving information.
o add some const
o check that user/group is local (not YP) before trying to change it.
From NetBSD (agc)
|
|
|
|
|
|
seconds-since-epoch. From NetBSD (grant).
|
|
|
|
instead of just a warning which is consistent with the way an invalid
user is treated.
|
