diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2002-10-16 00:12:12 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-10-16 00:12:12 +0000 |
commit | f5e4fded0d4d74802e0d9b288fc538754a391454 (patch) | |
tree | a4fe0d74e6d39eff6b5d83ee8ec8fe38603607f7 | |
parent | 07368b1abc20e68aca6eb8db0b40efdc8dd8eaea (diff) |
- (bal) Fix bug id 383 and only call loginrestrict for AIX if not root.
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | auth.c | 8 |
2 files changed, 11 insertions, 2 deletions
@@ -1,3 +1,6 @@ +20021015 + - (bal) Fix bug id 383 and only call loginrestrict for AIX if not root. + 20021004 - (bal) Disable post-authentication Privsep for OSF/1. It conflicts with SIA. @@ -761,4 +764,4 @@ save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@ -$Id: ChangeLog,v 1.2491.2.2 2002/10/05 00:14:05 mouring Exp $ +$Id: ChangeLog,v 1.2491.2.3 2002/10/16 00:12:12 mouring Exp $ @@ -202,7 +202,13 @@ allowed_user(struct passwd * pw) } #ifdef WITH_AIXAUTHENTICATE - if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { + /* + * Don't check loginrestrictions() for root account (use + * PermitRootLogin to control logins via ssh), or if running as + * non-root user (since loginrestrictions will always fail). + */ + if ( (pw->pw_uid != 0) && (geteuid() == 0) && + loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { if (loginmsg && *loginmsg) { /* Remove embedded newlines (if any) */ char *p; |