From adrian@thneed.ubergeeks.com Thu Jun 24 07:45:57 1999
Return-Path: <adrian@thneed.ubergeeks.com>
Received: from thneed.ubergeeks.com (thneed.ubergeeks.com [206.205.41.245])
	by hub.freebsd.org (Postfix) with ESMTP id BD24A151C9
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 24 Jun 1999 07:45:54 -0700 (PDT)
	(envelope-from adrian@thneed.ubergeeks.com)
Received: (from adrian@localhost)
	by thneed.ubergeeks.com (8.9.3/8.9.3) id KAA03152;
	Thu, 24 Jun 1999 10:45:43 -0400 (EDT)
	(envelope-from adrian)
Message-Id: <199906241445.KAA03152@thneed.ubergeeks.com>
Date: Thu, 24 Jun 1999 10:45:43 -0400 (EDT)
From: adrian@ubergeeks.com
Sender: adrian@thneed.ubergeeks.com
Reply-To: adrian@ubergeeks.com
To: FreeBSD-gnats-submit@freebsd.org
Subject: doc patch for login_cap.
X-Send-Pr-Version: 3.2

>Number:         12377
>Category:       docs
>Synopsis:       differences of a NULL login class need amplification
>Confidential:   no
>Severity:       critical
>Priority:       low
>Responsible:    freebsd-doc
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          doc-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jun 24 07:50:01 PDT 1999
>Closed-Date:    Wed Jul 14 15:36:21 PDT 1999
>Last-Modified:  Wed Jul 14 15:37:17 PDT 1999
>Originator:     Adrian Filipi-Martin
>Release:        FreeBSD 3.2-RELEASE i386
>Organization:
Ubergeeks Consulting
>Environment:

	stock 3.2 installation.

>Description:

	The fact that the root account has a different default
	login class is not well documented.  It is documented, but
	only in passing in a paragraph low in the login_cap(3)
	manpage and in the login_cap.h header.  The fact that the
	NULL login class has different interpretations depending
	upon the context of the capability lookup should be noted
	clearly or the behavior of the look up should be modified
	to make it more intuitive.  The fact that the NULL class
	has two default values begs the question, "is there really
	a default class?"

>How-To-Repeat:

	N/A

>Fix:
	
	A quick fix is to apply the following doc patch.  A better fix is to
	make all accounts with NULL login classes default to the "default"
	class and explicitly set root's class to 'root' in master.passwd.
	This would be an application of the "principle of least surprise".

*** login.conf.orig	Thu Jun 24 10:24:22 1999
--- login.conf	Thu Jun 24 10:25:22 1999
***************
*** 60,65 ****
--- 60,66 ----
  #
  # Root can always login
  #
+ # N.B. This is the default class for the root account, not 'default'.
  root:\
  	:ignorenologin:\
  	:tc=default:
--- login_cap.3.orig	Thu Jun 24 10:27:45 1999
+++ login_cap.3	Thu Jun 24 10:32:53 1999
@@ -139,14 +139,15 @@
 .Fn login_getclass
 or
 .Fn login_getuserclass .
-If the referenced user has no login class specified in
+If the referenced user is not root and has no login class specified in
 .Pa /etc/master.passwd ,
 the class name is NULL or an empty string, or if the class
 specified does not exist in the database, each of these
 functions will search for a record with an id of "default",
 with that name returned in the
 .Ar lc_class
-field.
+field.  If the user is root, then record with an id of "root" will 
+be returned instead of "default".
 .Pp
 The
 .Ar lc_cap

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: nik 
State-Changed-When: Wed Jul 14 15:36:21 PDT 1999 
State-Changed-Why:  
Committed text to the man page and login.conf to make this clearer. 
Not the submitter's text, but a rewrite thereof. 

Thanks for the report. 

>Unformatted:
