[prev in list] [next in list] [prev in thread] [next in thread] 

List:       busybox
Subject:    Fwd: login -f with PAM enabled
From:       Sergey Naumov <sknaumov () gmail ! com>
Date:       2012-01-22 9:59:51
Message-ID: CAH3pVZN4fcM8zuFOkV15COx-ZaokHv8wT=0QsfoRhrNbrpMH+g () mail ! gmail ! com
[Download RAW message or body]

Don't know whether this mail was delivered.

---------- Forwarded message ----------
From: Sergey Naumov <sknaumov@gmail.com>
Date: 2012/1/19
Subject: login -f with PAM enabled
To: busybox <busybox@busybox.net>


Denys, unlike standard login, busybox login asks for password even if
-f <user> is specified while PAM is enabled.
Here is a patch for 1.15.3, but you can apply it on trunk too.

Sergey Naumov.

["busybox-login-f-pam.patch" (text/x-diff)]

diff -uNr busybox-1.15.3-orig/loginutils/login.c busybox-1.15.3/loginutils/login.c
--- busybox-1.15.3-orig/loginutils/login.c	2012-01-18 14:41:26.397167635 +0400
+++ busybox-1.15.3/loginutils/login.c	2012-01-19 12:10:45.836414633 +0400
@@ -363,14 +363,16 @@
 			failed_msg = "set_item(TTY)";
 			goto pam_auth_failed;
 		}
-		pamret = pam_authenticate(pamh, 0);
-		if (pamret != PAM_SUCCESS) {
-			failed_msg = "authenticate";
-			goto pam_auth_failed;
-			/* TODO: or just "goto auth_failed"
-			 * since user seems to enter wrong password
-			 * (in this case pamret == 7)
-			 */
+		if (!(opt & LOGIN_OPT_f)) {
+			pamret = pam_authenticate(pamh, 0);
+			if (pamret != PAM_SUCCESS) {
+				failed_msg = "authenticate";
+				goto pam_auth_failed;
+				/* TODO: or just "goto auth_failed"
+				 * since user seems to enter wrong password
+				 * (in this case pamret == 7)
+				 */
+			}
 		}
 		/* check that the account is healthy */
 		pamret = pam_acct_mgmt(pamh, 0);


_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox

[prev in list] [next in list] [prev in thread] [next in thread]