The pam_unix module attempts to resolve users via NIS, regardless of
whether the "nis" flag is set. When the system has a working NIS setup
not enabled in /etc/nsswitch.conf, e.g. during an LDAP migration,
password changes are reported as successful, but no action is taken.
Fix attached.
--
Aaron Hope <Aaron.Hope@xxxxxxx>
NPG System Administrator
PGP key: http://perennialmind.cjb.net/gpg_key.txt
--- Linux-PAM/modules/pam_unix/pam_unix_passwd.c.cvs 2005-08-25 13:39:24.270406862 -0400
+++ Linux-PAM/modules/pam_unix/pam_unix_passwd.c 2005-08-25 13:58:13.915126603 -0400
@@ -1051,10 +1051,10 @@
* getpwnam() doesn't tell you *where* the information it gives you
* came from, nor should it. That's our job.
*/
- if (_unix_comesfromsource(pamh, user, 1, 1) == 0) {
+ if (_unix_comesfromsource(pamh, user, 1, on(UNIX_NIS,ctrl)) == 0) {
_log_err(LOG_DEBUG, pamh,
- "user \"%s\" does not exist in /etc/passwd or NIS",
- user);
+ "user \"%s\" does not exist in /etc/passwd%s",
+ user, on(UNIX_NIS,ctrl) ? " or NIS" : "");
return PAM_USER_UNKNOWN;
} else {
struct passwd *pwd;
_______________________________________________
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list
