From 18f9620ca2529945be9517778f58b4c42ff347b8 Mon Sep 17 00:00:00 2001 From: reyk Date: Tue, 22 Apr 2014 11:03:39 +0000 Subject: [PATCH] Remove the kerberos login methods. ok henning@ --- etc/etc.alpha/login.conf | 4 +- etc/etc.amd64/login.conf | 4 +- etc/etc.armish/login.conf | 4 +- etc/etc.armv7/login.conf | 4 +- etc/etc.aviion/login.conf | 4 +- etc/etc.hppa/login.conf | 4 +- etc/etc.hppa64/login.conf | 4 +- etc/etc.i386/login.conf | 4 +- etc/etc.landisk/login.conf | 4 +- etc/etc.loongson/login.conf | 4 +- etc/etc.luna88k/login.conf | 4 +- etc/etc.macppc/login.conf | 4 +- etc/etc.octeon/login.conf | 4 +- etc/etc.sgi/login.conf | 4 +- etc/etc.socppc/login.conf | 4 +- etc/etc.sparc/login.conf | 4 +- etc/etc.sparc64/login.conf | 4 +- etc/etc.vax/login.conf | 4 +- etc/etc.zaurus/login.conf | 4 +- libexec/login_krb5-or-pwd/Makefile | 20 ----- libexec/login_krb5-or-pwd/login_krb5-or-pwd.8 | 82 ------------------- libexec/login_krb5/Makefile | 27 ------ 22 files changed, 19 insertions(+), 186 deletions(-) delete mode 100644 libexec/login_krb5-or-pwd/Makefile delete mode 100644 libexec/login_krb5-or-pwd/login_krb5-or-pwd.8 delete mode 100644 libexec/login_krb5/Makefile diff --git a/etc/etc.alpha/login.conf b/etc/etc.alpha/login.conf index 8a4d91488ce..b7f4c928466 100644 --- a/etc/etc.alpha/login.conf +++ b/etc/etc.alpha/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:39 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.amd64/login.conf b/etc/etc.amd64/login.conf index 8a4d91488ce..75577c072a2 100644 --- a/etc/etc.amd64/login.conf +++ b/etc/etc.amd64/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.armish/login.conf b/etc/etc.armish/login.conf index 8a4d91488ce..75577c072a2 100644 --- a/etc/etc.armish/login.conf +++ b/etc/etc.armish/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.armv7/login.conf b/etc/etc.armv7/login.conf index 8a4d91488ce..75577c072a2 100644 --- a/etc/etc.armv7/login.conf +++ b/etc/etc.armv7/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.aviion/login.conf b/etc/etc.aviion/login.conf index 8a4d91488ce..75577c072a2 100644 --- a/etc/etc.aviion/login.conf +++ b/etc/etc.aviion/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.hppa/login.conf b/etc/etc.hppa/login.conf index 8a4d91488ce..75577c072a2 100644 --- a/etc/etc.hppa/login.conf +++ b/etc/etc.hppa/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.hppa64/login.conf b/etc/etc.hppa64/login.conf index 8a4d91488ce..75577c072a2 100644 --- a/etc/etc.hppa64/login.conf +++ b/etc/etc.hppa64/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.i386/login.conf b/etc/etc.i386/login.conf index 8a4d91488ce..75577c072a2 100644 --- a/etc/etc.i386/login.conf +++ b/etc/etc.i386/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:00 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.landisk/login.conf b/etc/etc.landisk/login.conf index 04c02ecb84f..75577c072a2 100644 --- a/etc/etc.landisk/login.conf +++ b/etc/etc.landisk/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.loongson/login.conf b/etc/etc.loongson/login.conf index 04c02ecb84f..75577c072a2 100644 --- a/etc/etc.loongson/login.conf +++ b/etc/etc.loongson/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.luna88k/login.conf b/etc/etc.luna88k/login.conf index 04c02ecb84f..75577c072a2 100644 --- a/etc/etc.luna88k/login.conf +++ b/etc/etc.luna88k/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.macppc/login.conf b/etc/etc.macppc/login.conf index 04c02ecb84f..75577c072a2 100644 --- a/etc/etc.macppc/login.conf +++ b/etc/etc.macppc/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.octeon/login.conf b/etc/etc.octeon/login.conf index 04c02ecb84f..75577c072a2 100644 --- a/etc/etc.octeon/login.conf +++ b/etc/etc.octeon/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.sgi/login.conf b/etc/etc.sgi/login.conf index 04c02ecb84f..75577c072a2 100644 --- a/etc/etc.sgi/login.conf +++ b/etc/etc.sgi/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.socppc/login.conf b/etc/etc.socppc/login.conf index 04c02ecb84f..75577c072a2 100644 --- a/etc/etc.socppc/login.conf +++ b/etc/etc.socppc/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.sparc/login.conf b/etc/etc.sparc/login.conf index 04c02ecb84f..75577c072a2 100644 --- a/etc/etc.sparc/login.conf +++ b/etc/etc.sparc/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.sparc64/login.conf b/etc/etc.sparc64/login.conf index 04c02ecb84f..75577c072a2 100644 --- a/etc/etc.sparc64/login.conf +++ b/etc/etc.sparc64/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.vax/login.conf b/etc/etc.vax/login.conf index 04c02ecb84f..75577c072a2 100644 --- a/etc/etc.vax/login.conf +++ b/etc/etc.vax/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/etc/etc.zaurus/login.conf b/etc/etc.zaurus/login.conf index 04c02ecb84f..75577c072a2 100644 --- a/etc/etc.zaurus/login.conf +++ b/etc/etc.zaurus/login.conf @@ -1,4 +1,4 @@ -# $OpenBSD: login.conf,v 1.1 2014/03/26 20:17:01 tedu Exp $ +# $OpenBSD: login.conf,v 1.2 2014/04/22 11:03:40 reyk Exp $ # # Sample login.conf file. See login.conf(5) for details. @@ -7,9 +7,7 @@ # # Standard authentication styles: # -# krb5-or-pwd First try Kerberos V password, then local password file # passwd Use only the local password file -# krb5 Use only the Kerberos V password # chpass Do not authenticate, but change users password (change # the YP password if the user has one, else change the # local password) diff --git a/libexec/login_krb5-or-pwd/Makefile b/libexec/login_krb5-or-pwd/Makefile deleted file mode 100644 index 1857f5da110..00000000000 --- a/libexec/login_krb5-or-pwd/Makefile +++ /dev/null @@ -1,20 +0,0 @@ -# $OpenBSD: Makefile,v 1.19 2014/04/22 10:21:56 reyk Exp $ - -.include - -PROG= login_krb5-or-pwd -SRCS= login.c login_passwd.c pwd_gensalt.c -MAN= ${PROG}.8 -CFLAGS+=-DPASSWD -Wall -I${.CURDIR}/../login_passwd - -DPADD+= ${LIBUTIL} -LDADD+= -lutil - -.PATH: ${.CURDIR}/../login_passwd ${.CURDIR}/../../usr.bin/passwd - -BINOWN= root -BINGRP= auth -BINMODE=4555 -BINDIR= /usr/libexec/auth - -.include diff --git a/libexec/login_krb5-or-pwd/login_krb5-or-pwd.8 b/libexec/login_krb5-or-pwd/login_krb5-or-pwd.8 deleted file mode 100644 index 5a7af7a5ab0..00000000000 --- a/libexec/login_krb5-or-pwd/login_krb5-or-pwd.8 +++ /dev/null @@ -1,82 +0,0 @@ -.\" $OpenBSD: login_krb5-or-pwd.8,v 1.15 2007/05/31 19:19:40 jmc Exp $ -.\" -.\" Copyright (c) 2000 Todd C. Miller -.\" -.\" Permission to use, copy, modify, and distribute this software for any -.\" purpose with or without fee is hereby granted, provided that the above -.\" copyright notice and this permission notice appear in all copies. -.\" -.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -.\" -.Dd $Mdocdate: May 31 2007 $ -.Dt LOGIN_KRB5-OR-PWD 8 -.Os -.Sh NAME -.Nm login_krb5-or-pwd -.Nd provide KerberosV or password authentication type -.Sh SYNOPSIS -.Nm login_krb5-or-pwd -.Op Fl s Ar service -.Op Fl v Ar arguments -.Ar user -.Op Ar class -.Sh DESCRIPTION -The -.Nm -program first attempts to authenticate the user via KerberosV and, -failing that, falls back to standard password authentication. -.Pp -If KerberosV is not configured on the system, -.Nm -is equivalent to calling -.Xr login_passwd 8 . -When root tries to login, -.Nm -skips KerberosV authentication, as this may give problems in case of a -network failure. -.Pp -The -.Ar user -argument is the user's name to be authenticated. -.Pp -The -.Ar service -argument specifies which protocol to use with the -invoking program. -The allowed protocols are -.Em login , -.Em challenge , -and -.Em response . -(The -.Em challenge -protocol is silently ignored but will report success as KerberosV -authentication is not challenge-response based). -.Pp -The arguments following -.Fl v -are the same as for -.Xr login_krb5 8 -and -.Xr login_passwd 8 . -Unknown arguments are ignored. -.Pp -.Nm -will prompt the user for a password and report back to the -invoking program whether or not the authentication was -successful. -.Sh SEE ALSO -.Xr login 1 , -.Xr passwd 1 , -.Xr su 1 , -.Xr login.conf 5 , -.Xr ftpd 8 , -.Xr kerberos 8 , -.Xr login_krb5 8 , -.Xr login_passwd 8 diff --git a/libexec/login_krb5/Makefile b/libexec/login_krb5/Makefile deleted file mode 100644 index 7e0b9966a06..00000000000 --- a/libexec/login_krb5/Makefile +++ /dev/null @@ -1,27 +0,0 @@ -# $OpenBSD: Makefile,v 1.21 2014/04/15 20:55:42 miod Exp $ - -.include - -PROG= login_krb5 -SRCS= login.c -MAN= ${PROG}.8 -CFLAGS+=-Wall -I${.CURDIR}/../login_passwd -.PATH: ${.CURDIR}/../login_passwd - -.if (${KERBEROS5:L} == "yes") -SRCS+= login_krb5.c -DPADD+= ${LIBKRB5} ${LIBASN1} ${LIBCRYPTO} -LDADD+= -lkrb5 -lasn1 -lcrypto -LDADD+= -lwind -lroken -lcom_err -lheimbase -CFLAGS+=-DKRB5 -.endif - -DPADD+= ${LIBUTIL} -LDADD+= -lutil - -BINOWN= root -BINGRP= auth -BINMODE=4555 -BINDIR= /usr/libexec/auth - -.include -- 2.20.1