From owner-cvs-all@FreeBSD.ORG Tue May 1 19:07:47 2007 Return-Path: X-Original-To: cvs-all@freebsd.org Delivered-To: cvs-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 454A016A406; Tue, 1 May 2007 19:07:47 +0000 (UTC) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su (comp.chem.msu.su [158.250.32.97]) by mx1.freebsd.org (Postfix) with ESMTP id 9E08413C465; Tue, 1 May 2007 19:07:46 +0000 (UTC) (envelope-from yar@comp.chem.msu.su) Received: from comp.chem.msu.su (localhost [127.0.0.1]) by comp.chem.msu.su (8.13.4/8.13.4) with ESMTP id l41J7h1L055834; Tue, 1 May 2007 23:07:43 +0400 (MSD) (envelope-from yar@comp.chem.msu.su) Received: (from yar@localhost) by comp.chem.msu.su (8.13.4/8.13.4/Submit) id l41J7gYs055829; Tue, 1 May 2007 23:07:42 +0400 (MSD) (envelope-from yar) Date: Tue, 1 May 2007 23:07:42 +0400 From: Yar Tikhiy To: Ceri Davies Message-ID: <20070501190742.GC51428@comp.chem.msu.su> References: <200704260639.l3Q6d1SH027885@repoman.freebsd.org> <20070426105458.GA98415@nevermind.kiev.ua> <20070426114638.GC77408@submonkey.net> <20070427160740.GF3991@comp.chem.msu.su> <20070430131503.GY77408@submonkey.net> <20070430134227.GG32601@comp.chem.msu.su> <20070430134617.GZ77408@submonkey.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20070430134617.GZ77408@submonkey.net> User-Agent: Mutt/1.5.9i Cc: cvs-src@freebsd.org, src-committers@freebsd.org, cvs-all@freebsd.org Subject: Re: cvs commit: src/lib/libpam/modules/pam_unix pam_unix.8 pam_unix.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 May 2007 19:07:47 -0000 On Mon, Apr 30, 2007 at 02:46:18PM +0100, Ceri Davies wrote: > On Mon, Apr 30, 2007 at 05:42:28PM +0400, Yar Tikhiy wrote: > > On Mon, Apr 30, 2007 at 02:15:04PM +0100, Ceri Davies wrote: > > > > > > Well, we currently have an *NP* case as per above, but not a *LK* case, > > > so I disagree somewhat. > > > > Why? Now *LOCKED* in FreeBSD is nearly the same as *LK* in Solaris > > with the only difference being that cron or at doesn't seem to care > > about it. And a single asterisk works for us as *NP* does in > > Solaris, although it isn't a prefix, it occupies the whole password > > field. Did I miss anything? > > Well, because of the cron thing :) If we want to propagate account locking semantics to cron and atrun, which is a good idea IMHO, we should avoid code duplication. I haven't yet found a suitable place in src/lib to put the check at, but we need to find one as more checks can be done there, e.g., that for expired account because expired accounts shouldn't run scheduled jobs either. Any ideas? Of course, the most obvious way is to add the respective function to libutil, but I'm still unsure if it's the best way. -- Yar