| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
| |
* let's assume that --pty is stable enough that we do not have to remove it ;-)
* add --pty to the runuser.1 man page
Addresses: https://github.com/karelzak/util-linux/issues/760
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
| |
ENV_SUPATH and ENV_ROOTPATH are equivalent and ENV_ROOTPATH takes
precedence in both login and su. It makes no sense. More logical would be
precedence of ENV_SUPATH in su and ENV_ROOTPATH in login.
Signed-off-by: Stanislav Brabec <sbrabec@suse.cz>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* usable with --login to whitelist specified environment variables
* the list is ignored for the core variables like HOME, SHELL, USER,
LOGNAME and PATH (su --login always resets these variables)
Note that su(1) requires password and after successful authentication
user has full control over the session, so he can set arbitrary
environment variables. The whitelist makes things more user friendly
only.
The patch removes unnecessary optimization when allocate environ[]. It
seems better to keep all in glibc hands and just reset the environment
array only.
Addresses: https://github.com/karelzak/util-linux/issues/221
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
| |
The links to ftp://ftp.kernel.org/ are replaced by
https://www.kernel.org/.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Use consistent terminology for set-user-ID and set-group-ID bits.
There's much inconsistency in the pages. "suid",
"set-user-identifier", "setuid". Stick with one terminology,
"set-user-ID" and set-grout-ID, as suggested in man-pages(7).
Signed-off-by: <mtk.man-pages@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch does only the following:
* Order SEE ALSO entries first by section name, then alphabetically
within section
* Adds one or two missing commas in SEE ALSO lists
* Removes one or two periods that were (inconsistently) used
at the end of SEE ALSO lists.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
|
|
|
|
|
|
|
| |
.. and add notes about differences between the utuils.
Reported-by: Lennart Poettering <lennart@poettering.net>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch does not change any su/runuser behaviour, code changes:
* don't use huge groups[NGROUPS_MAX]; the array has 256k, but we need
it only occasionally when -G/-g specified.
* the current code uses groups[0] for -g and the rest for -G, this patch adds
'gid' to remember -g argument to avoid memmove()
* add function add_supp_group() to simplify su_main()
* add note about -G and -g relation to the man pages (undocumented now)
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
runuser.1: fix spelling implemenation -> implementation
scriptreplay.1: fix spelling overide -> override
unshare.1: fix spelling permamently -> permanently
last.1: fix spelling preferrable -> preferable
lslogins.1: fix spelling priviliges -> privileges
hwclock.8.in: fix spelling transfered -> transferred
prlimit.1: fix typo umlimited -> unlimited
agetty.8: fix typo unnsupported -> unsupported
Signed-off-by: Bill Pemberton <wfp5p@worldbroken.com>
|
|
|
|
| |
Signed-off-by: J William Piggott <elseifthen@gmx.com>
|
|
|
|
| |
Signed-off-by: Benno Schulenberg <bensberg@justemail.net>
|
|
|
|
| |
Signed-off-by: Ondrej Oprala <ooprala@redhat.com>
|
|
|
|
|
| |
Reported-by: Bernhard Voelker <mail@bernhard-voelker.de>
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
|
|
| |
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
This command is based on su(1), the differences:
- based on Fedora runuser su(1) patch
- not installed with suid rights
- allowed for root users only
- don't ask for password
- uses PAM session, for example:
$ cat /etc/pam.d/runuser
auth sufficient pam_rootok.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session required pam_unix.so
$ cat /etc/pam.d/runuser-l
auth include runuser
session optional pam_keyinit.so force revoke
session include runuser
Signed-off-by: Karel Zak <kzak@redhat.com>
|