These directories contain modified 43BSD source to network daemons or
daemon front-end programs that report the remote host name and, if
possible, the remote user name. Tested with SunOS 4.x.

Some of the programs use the libwrap.a library that comes with recent
tcp wrapper (log_tcp) implementations. In order to build, you will
have to do a 

	setenv LOG_TCP directory_with_the_libwrap.a_library

Modified versions of BSD 4.3 r-command daemons, hacked to report remote
host/user names, and hacked to run with SunOS 4.x. 

	rlogind	BSD 4.3 rlogind, hacked for SunOS 4.x. With logging and
		access control in the style of the tcp wrapper (log_tcp)
		package.

	rshd	BSD 4.3 rshd, hacked for SunOS4.x. Ultrix needs -Dnotdef. 
		With logging and access control in the style of the tcp 
		wrapper (log_tcp) package.

Other stuff:

	login	BSD 4.3 login, hacked for SunOS 4.x., with optional
		access control on a per (user,host) or per (user,tty) basis.

	telnetd	43BSD telnetd hacked for SunOS 4.x. No access control
		or logging, just an attempt to improve pty security.

	lib	additional routines used by login and others

The BSD 4.3 login is probably required if you want to run the BSD 4.3
rlogind.  The hacked rlogind expects that the 43BSD login is installed
as /usr/etc/login. This is so that you can test things out without
clobbering /usr/bin/login, thus making the machine inaccessible in case
of mistakes....

This version of the login command reports every login failure that is
not followed by a successful login. It is an excellent replacement for
the standard SunOS 4.x login (unless you have shadow passwords). You
will have to modify the syslog.conf file so that auth.info messages
will be logged. For example:

*.err;kern.debug;auth.info;user.none		/dev/console
*.err;kern.debug;daemon,auth.info;mail.crit;user.none	/var/adm/messages
auth.debug			ifdef(`LOGHOST', /var/log/syslog, @loghost)

If you find that /usr/etc/login works well, you can move it to /usr/bin
and install a symlink /usr/etc/login -> /usr/bin/login so that rlogin
can find it.

Please report any problems to:

	Wietse Venema (wietse@wzv.win.tue.nl)
	Eindhoven University of Technology
	Eindhoven, The Netherlands

Change log:

901218	Fixed a problem with NOFLSH in login.c that caused interrupts
	to not flush the terminal input queue.

910209	Added per-user login access control.

911128	Added support to login for /etc/fbtab, a table of additional
	devices whose protection and ownership is to be adjusted when 
	a user logs in.

920609	Added tcp wrapper (log_tcp) style access control to rlogind and
	rshd. Improved the remote host name verification code. Added the
	LD_ environment fix to login.

920624	Login no longer just dies when the connection is broken, but first
	reports a login failure.
