On Wed, Feb 06, 2013 at 11:22:19PM -0700, Cody Maloney wrote:
> login-utils/Makemodule.am | 2 ++
> login-utils/auth.c | 47 +++++++++++++++++++++++++++++++++++++++++++++++
> login-utils/auth.h | 13 +++++++++++++
> login-utils/chfn.c | 33 +++------------------------------
> login-utils/chsh.c | 33 +++------------------------------
> 5 files changed, 68 insertions(+), 60 deletions(-)
> create mode 100644 login-utils/auth.c
> create mode 100644 login-utils/auth.h
Fixed and applied.
> +int auth_pam(const char *service_name, uid_t uid, const char *username) {
> +#ifdef REQUIRE_PASSWORD
> + if (uid != 0) {
> + pam_handle_t *pamh = NULL;
> + struct pam_conv conv = { misc_conv, NULL };
> + int retcode;
> +
> + retcode = pam_start(service_name, username, &conv, &pamh);
> + if (pam_fail_check(pamh, retcode))
> + return FALSE;
> +
> + retcode = pam_authenticate(pamh, 0);
> + if (pam_fail_check(pamh, retcode))
> + return FALSE;
> +
> + retcode = pam_acct_mgmt(pamh, 0);
> + if (retcode == PAM_NEW_AUTHTOK_REQD)
> + retcode =
> + pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
> + if (pam_fail_check(pamh, retcode))
> + return FALSE;
> +
> + retcode = pam_setcred(pamh, 0);
> + if (pam_fail_check(pamh, retcode))
> + return FALSE;
> +
> + pam_end(pamh, 0);
> + /* no need to establish a session; this isn't a
> + * session-oriented activity... */
> + }
> + return TRUE;
> +#endif /* REQUIRE_PASSWORD */
> +}
what happen if REQUIRE_PASSWORD is not defined?
Karel
--
Karel Zak <kzak@xxxxxxxxxx>
http://karelzak.blogspot.com
--
To unsubscribe from this list: send the line "unsubscribe util-linux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
