search for: s_rlogin

http://bugzilla.mindrot.org/show_bug.cgi?id=383 ------- Additional Comments From markus at openbsd.org 2002-08-23 07:46 ------- what does "rlogin set to false" mean? ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

...+extern int aix_password_change_required; +#endif + /* * Check if the user is allowed to log in via ssh. If user is listed * in DenyUsers or one of user's groups is listed in DenyGroups, false @@ -202,19 +208,39 @@ } #ifdef WITH_AIXAUTHENTICATE - if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { - if (loginmsg && *loginmsg) { - /* Remove embedded newlines (if any) */ - char *p; - for (p = loginmsg; *p; p++) { - if (*p == '\n') - *p = ' '; + /* + * Don't check loginrestrictions or expiry for root account (use + * Perm...

...u/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/gnu/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/gnu/libexec/sftp-server\" -DHAVE_CONFIG_H -c auth.c auth.c: In function `allowed_user': auth.c:145: warning: implicit declaration of function `loginrestrictions' auth.c:145: `S_RLOGIN' undeclared (first use in this function) auth.c:145: (Each undeclared identifier is reported only once auth.c:145: for each function it appears in.) gmake: *** [auth.o] Error 1 S_RLOGIN is declared in /usr/include/login.c. config.h has "#define HAVE_LOGIN_H 1", but the #include <...

...============================================ RCS file: /cvs/openssh/auth.c,v retrieving revision 1.58 diff -u -r1.58 auth.c --- auth.c 21 Sep 2002 15:26:53 -0000 1.58 +++ auth.c 29 Sep 2002 05:53:43 -0000 @@ -202,7 +202,7 @@ } #ifdef WITH_AIXAUTHENTICATE - if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { + if ((geteuid()==0) && loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { if (loginmsg && *loginmsg) { /* Remove embedded newlines (if any) */ char *p;

...8496 -------------- next part -------------- *** auth.c Tue Apr 24 16:01:02 2001 --- ../openssh-2.5.2p2/auth.c Mon Mar 19 13:15:57 2001 *************** *** 142,164 **** } #ifdef WITH_AIXAUTHENTICATE ! if ((pw->pw_uid != 0) && (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0)) { ! if (loginmsg && *loginmsg) { ! /* Remove embedded newlines (if any) */ ! char *p; ! for (p = loginmsg; *p; p++) { ! if (*p == '\n'...

...sh, telnet, etc. into the box as root. [...] *** auth.c Tue Apr 24 16:01:02 2001 --- ../openssh-2.5.2p2/auth.c Mon Mar 19 13:15:57 2001 *************** *** 142,164 **** } #ifdef WITH_AIXAUTHENTICATE ! if ((pw->pw_uid != 0) && (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0)) { ! if (loginmsg && *loginmsg) { ! /* Remove embedded newlines (if any) */ ! char *p; ! for (p = loginmsg; *p; p++) { ! if (*p == '\n'...

...================ RCS file: /usr/local/.cvs/auth/openssh/auth.c,v retrieving revision 1.1.1.5 diff -c -r1.1.1.5 auth.c *** auth.c 2002/03/08 07:55:38 1.1.1.5 --- auth.c 2002/03/15 12:54:01 *************** *** 177,183 **** } #ifdef WITH_AIXAUTHENTICATE ! if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { if (loginmsg && *loginmsg) { /* Remove embedded newlines (if any) */ char *p; --- 177,190 ---- } #ifdef WITH_AIXAUTHENTICATE ! /* ! * To let the user read a possible message in /etc/nologin we have to ! * accept him here. Otherwise th...

...+++ auth.c 5 Jul 2003 01:30:52 -0000 @@ -206,26 +206,23 @@ * PermitRootLogin to control logins via ssh), or if running as * non-root user (since loginrestrictions will always fail). */ - if ((pw->pw_uid != 0) && (geteuid() == 0) && - loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { - int loginrestrict_errno = errno; + if ((pw->pw_uid != 0) && (geteuid() == 0)) { + char *msg; - if (loginmsg && *loginmsg) { - /* Remove embedded newlines (if any) */ - char *p; - for (p = loginmsg; *p; p++) { - if (*p == '\n')...

...************** Shouldn't need to edit below this line ************** */ diff -ruw -x configure ../dist/auth.c ./auth.c --- ../dist/auth.c Mon Jun 26 03:31:33 2000 +++ ./auth.c Sat Jul 8 19:53:37 2000 @@ -145,7 +145,8 @@ } #ifdef WITH_AIXAUTHENTICATE - if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { + if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0 && + pw->pw_uid != 0) { if (loginmsg && *loginmsg) { /* Remove embedded newlines (if any) */ char *p; diff -ruw -x configure ../dist/config.h.in ./config.h.in ---...

...auth.c /* mpi change expiresmsg */ #ifdef WITH_AIXAUTHENTICATE char *loginmsg; char *expiresmsg; int passexpcode; #endif /* WITH_AIXAUTHENTICATE */ #ifdef WITH_AIXAUTHENTICATE auth.c /* mpi change passwdexpires hinein */ if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { if (loginmsg && *loginmsg) { char *p; for (p = loginmsg; *p; p++) { if (*p == '\n') *p = ' ';...

...t check loginrestrictions or expiry for root account (use * PermitRootLogin to control logins via ssh), or if running as * non-root user (since loginrestrictions will always fail). */ - if ( (pw->pw_uid != 0) && (geteuid() == 0) && - loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { - if (loginmsg && *loginmsg) { - /* Remove embedded newlines (if any) */ - char *p; - for (p = loginmsg; *p; p++) { - if (*p == '\n') - *p = ' '; + if ( (pw->pw_uid != 0) && (geteuid() == 0) ) { + char *msg; + int pass...

...- openssh-4.3p2/openbsd-compat/port-aix.c Sat May 28 19:54:28 2005 +++ 52/openbsd-compat/port-aix.c Sun May 14 05:19:43 2006 @@ -231,231 +231,234 @@ debug3("%s: not checking", __func__); return 1; } + if (getuserattr(pw->pw_name, S_RLOGINCHK, &rlogin, SEC_BOOL) == -1) + rlogin=1; - result = loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &msg); + result = loginrestrictions(pw->pw_name, 0, NULL, &msg); if (result == 0) permitted = 1; /* --- openssh-4.3p2/sess...

...inrestrictions will always fail). */ if ( (pw->pw_uid != 0) && (geteuid() == 0) ) { - int loginrestrict_errno = errno; char *msg; /* check for AIX account restrictions */ if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &msg) != 0) { + int loginrestrict_errno = errno; + if (msg && *msg) { aix_remove_embedded_newlines(msg); log("Login restricted for %s: %.100s",

...;match.h" +#ifdef HAVE_LOGIN_H +#include <login.h> +#endif #include "bufaux.h" #include "ssh2.h" @@ -111,8 +114,20 @@ } #ifdef WITH_AIXAUTHENTICATE - if (loginrestrictions(pw->pw_name,S_LOGIN,NULL,&loginmsg) != 0) + if (loginrestrictions(pw->pw_name,S_RLOGIN,NULL,&loginmsg) != 0) { + if (loginmsg && *loginmsg) { + /* Remove embedded newlines (if any) */ + char *p; + for (p = loginmsg; *p; p++) + if (*p == '\n') + *p = ' '; + /* Remove trailing newline */ + *--p = '\0'; + log("Login restricted...

The following aix patch to configure.in forces /usr/include to be searched before /usr/local/include on AIX systems only. This allows the normal include rules to untangle <login.h> from "login.h" on AIX when using the AIX cc compiler or gcc. Please see that it gets applied to the current cvs source tree. It fixes the only compile time error the current cvs tree has on aix with

Hi there, I have just compiled up 3.6.1p2 both with and without Darren Tuckers passexpire patch. However, with the patch applied /etc/nologin isn't displayed to users (on AIX 5.1 / PSSP) The patched vesion seems to fail with "illegal user" - some parts of a debug 3 log... debug1: userauth-request for user ade45 service ssh-connection method none debug1: attempt 0 failures 0

OpenSSH 3.0 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. This release contains many portability bug-fixes (listed in the ChangeLog) as well as several new features (listed below). We would like to thank the