Re: AIX rlogind

[casper () fwi uva nl (Casper Dik)]

> > > the reason some ports of shadow are `bad' and some aren't is
> > > directly related to how the getopt(3) routine works on that os.  if
> > > it allows "-froot" to mean the same as "-f root", then it's going to
> > > be ``buggy''.
> > i would have sworn that POSIX defines that as correct behaviour for
> > getopt().
>
> Then either (a) login shouldn't use getopt(), (b) all programs that
> call login should check what they pass for sanity (effectively,
> reimplement login's argument parsing themselves), or (c) an option
> should be defined for login that says "the next argument is a username
> regardless of what it looks like".

The problem is not so much using getopt.  It's using f: for an
option that doesn't expect an argument.  The AIX and shadow 3.x
login program used getopt(, "f:h:") instead of getopt(, "fh:)".

Instead of the normal login usage of:

        login [-r host] [ -h host ] [-p] [-f] [username]

they implemented

        login [-r host] [ -h host ] [-p] [-f username] [username]

> Personally, I prefer option (c), though if I were to write a login, it
> would also take tack (a) because I never use getopt.

You can also modify rlogind and telnetd to pass the end of options
string "--" before the username, though this requires a login that
uses getopt.

Casper