diff options
author | Damien Miller <djm@mindrot.org> | 2012-04-22 11:08:10 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2012-04-22 11:08:10 +1000 |
commit | 29cd1888873d453f28609d8b301062cbaa4ab4d8 (patch) | |
tree | 8969f031134672e2c20e736efc83aea4a7445505 | |
parent | a563cced062d0d74843c0ee56a82faa860f10855 (diff) |
- guenther@cvs.openbsd.org 2012/03/15 03:10:27
[session.c]
root should always be excluded from the test for /etc/nologin instead
of having it always enforced even when marked as ignorenologin. This
regressed when the logic was incompletely flipped around in rev 1.251
ok halex@ millert@
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | session.c | 4 |
2 files changed, 8 insertions, 2 deletions
@@ -3,6 +3,12 @@ - djm@cvs.openbsd.org 2012/02/29 11:21:26 [ssh-keygen.c] allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@ + - guenther@cvs.openbsd.org 2012/03/15 03:10:27 + [session.c] + root should always be excluded from the test for /etc/nologin instead + of having it always enforced even when marked as ignorenologin. This + regressed when the logic was incompletely flipped around in rev 1.251 + ok halex@ millert@ 20120420 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.259 2011/10/24 02:13:13 djm Exp $ */ +/* $OpenBSD: session.c,v 1.260 2012/03/15 03:10:27 guenther Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * All rights reserved @@ -1390,7 +1390,7 @@ do_nologin(struct passwd *pw) struct stat sb; #ifdef HAVE_LOGIN_CAP - if (login_getcapbool(lc, "ignorenologin", 0) && pw->pw_uid) + if (login_getcapbool(lc, "ignorenologin", 0) || pw->pw_uid == 0) return; nl = login_getcapstr(lc, "nologin", def_nl, def_nl); #else |