Re: Patch for typo in PLIST of sysutils/login_krb5
On Tue, Jun 23, 2015 at 09:47:19AM -0400, Kurt Mosiejczuk wrote: > On Mon, Jun 22, 2015 at 11:06:36PM +0200, Antoine Jacoutot wrote: > > On Mon, Jun 22, 2015 at 09:09:01AM +0100, Stuart Henderson wrote: > > > > IIRC it is correct that "non-system" methods have a - prefix. > > > How is your login class set? I haven't used krb5, but I *think* it should > > > look like this, > > > > :auth=-krb5-or-pwd: > > > Correct, this is all explained in login.conf(5): > > > Local authentication styles may be added by creating a login script for > > the style (see below). To prevent collisions with future official BSD > > Authentication style names, all local style names should start with a > > dash (-). Current plans are for all official BSD Authentication style > > names to begin with a lower case alphabetic character. For example, if > > you have a new style you refer to as slick then you should create an > > authentication script named /usr/libexec/auth/login_-slick using the > > style name -slick. When logging in via the login(1) program, the > > syntax > > user:-slick would be used. > > I had wondered if I was missing something. Would it be good to note the > difference in the manpages? The manpage talks only about it being login_krb5. > Between that and my historical usage when it was in base, I just put it in > without the dash. Yes that's a good idea, I will do that. Thanks. -- Antoine
Re: Patch for typo in PLIST of sysutils/login_krb5
On Mon, Jun 22, 2015 at 11:06:36PM +0200, Antoine Jacoutot wrote: > On Mon, Jun 22, 2015 at 09:09:01AM +0100, Stuart Henderson wrote: > > IIRC it is correct that "non-system" methods have a - prefix. > > How is your login class set? I haven't used krb5, but I *think* it should > > look like this, > > :auth=-krb5-or-pwd: > Correct, this is all explained in login.conf(5): > Local authentication styles may be added by creating a login script for > the style (see below). To prevent collisions with future official BSD > Authentication style names, all local style names should start with a > dash (-). Current plans are for all official BSD Authentication style > names to begin with a lower case alphabetic character. For example, if > you have a new style you refer to as slick then you should create an > authentication script named /usr/libexec/auth/login_-slick using the > style name -slick. When logging in via the login(1) program, the syntax > user:-slick would be used. I had wondered if I was missing something. Would it be good to note the difference in the manpages? The manpage talks only about it being login_krb5. Between that and my historical usage when it was in base, I just put it in without the dash. --Kurt
Re: Patch for typo in PLIST of sysutils/login_krb5
On Mon, Jun 22, 2015 at 09:09:01AM +0100, Stuart Henderson wrote: > On 2015/06/21 13:37, Kurt Mosiejczuk wrote: > > I was having problems getting login_krb5 to work. It would work if I ran > > the login_-krb5-or-pwd directly, but logins wouldn't work. Finally I tried > > su and got: > > > > -bash-4.3$ su kurt > > su: invalid script: /usr/libexec/auth/login_krb5-or-pwd > > Sorry > > -bash-4.3$ > > > > It's invalid because the package put the file in as login_-krb5-or-pwd in > > /usr/libexec/auth but as login_krb5-or-pwd in /usr/local/libexec/auth. > > > > Either providing a hardlink or renaming the file as login_krb5-or-pwd and > > everything happily works. > > > > So I believe it was down to a couple typos in the PLIST. I've provided > > a patch below. > > IIRC it is correct that "non-system" methods have a - prefix. > How is your login class set? I haven't used krb5, but I *think* it should > look like this, > > :auth=-krb5-or-pwd: Correct, this is all explained in login.conf(5): Local authentication styles may be added by creating a login script for the style (see below). To prevent collisions with future official BSD Authentication style names, all local style names should start with a dash (-). Current plans are for all official BSD Authentication style names to begin with a lower case alphabetic character. For example, if you have a new style you refer to as slick then you should create an authentication script named /usr/libexec/auth/login_-slick using the style name -slick. When logging in via the login(1) program, the syntax user:-slick would be used. -- Antoine
Re: Patch for typo in PLIST of sysutils/login_krb5
On 2015/06/21 13:37, Kurt Mosiejczuk wrote: > I was having problems getting login_krb5 to work. It would work if I ran > the login_-krb5-or-pwd directly, but logins wouldn't work. Finally I tried > su and got: > > -bash-4.3$ su kurt > su: invalid script: /usr/libexec/auth/login_krb5-or-pwd > Sorry > -bash-4.3$ > > It's invalid because the package put the file in as login_-krb5-or-pwd in > /usr/libexec/auth but as login_krb5-or-pwd in /usr/local/libexec/auth. > > Either providing a hardlink or renaming the file as login_krb5-or-pwd and > everything happily works. > > So I believe it was down to a couple typos in the PLIST. I've provided > a patch below. IIRC it is correct that "non-system" methods have a - prefix. How is your login class set? I haven't used krb5, but I *think* it should look like this, :auth=-krb5-or-pwd:
Patch for typo in PLIST of sysutils/login_krb5
I was having problems getting login_krb5 to work. It would work if I ran the login_-krb5-or-pwd directly, but logins wouldn't work. Finally I tried su and got: -bash-4.3$ su kurt su: invalid script: /usr/libexec/auth/login_krb5-or-pwd Sorry -bash-4.3$ It's invalid because the package put the file in as login_-krb5-or-pwd in /usr/libexec/auth but as login_krb5-or-pwd in /usr/local/libexec/auth. Either providing a hardlink or renaming the file as login_krb5-or-pwd and everything happily works. So I believe it was down to a couple typos in the PLIST. I've provided a patch below. --Kurt Index: sysutils/login_krb5/pkg/PLIST === RCS file: /cvs/ports/sysutils/login_krb5/pkg/PLIST,v retrieving revision 1.1.1.1 diff -u -p -r1.1.1.1 PLIST --- sysutils/login_krb5/pkg/PLIST 10 Dec 2014 12:48:12 - 1.1.1.1 +++ sysutils/login_krb5/pkg/PLIST 21 Jun 2015 17:25:18 - @@ -5,13 +5,13 @@ libexec/auth/ @bin libexec/auth/login_krb5 @mode 4555 @owner root -@sample /usr/libexec/auth/login_-krb5 +@sample /usr/libexec/auth/login_krb5 @mode @owner @bin libexec/auth/login_krb5-or-pwd @mode 4555 @owner root -@sample /usr/libexec/auth/login_-krb5-or-pwd +@sample /usr/libexec/auth/login_krb5-or-pwd @mode @owner @group
