diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2002-10-16 00:13:52 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-10-16 00:13:52 +0000 |
| commit | 97e38d866778f1c36486af5f7f1a238c41693d58 (patch) | |
| tree | 3c4e79c803afb2a290130e681cd8e5191f8c1353 | |
| parent | 94f628f0abc38aeef6368178f2341d3747a3e5c8 (diff) | |
- (bal) Fix bug id 383 and only call loginrestrict for AIX if not root.
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | auth.c | 8 |
2 files changed, 11 insertions, 2 deletions
@@ -1,4 +1,7 @@ 20021015 + - (bal) Fix bug id 383 and only call loginrestrict for AIX if not root. + +20021015 - (tim) [contrib/caldera/openssh.spec] make ssh-agent setgid nobody 20021004 @@ -764,4 +767,4 @@ save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@ -$Id: ChangeLog,v 1.2494 2002/10/15 20:16:55 tim Exp $ +$Id: ChangeLog,v 1.2495 2002/10/16 00:13:52 mouring Exp $ @@ -202,7 +202,13 @@ allowed_user(struct passwd * pw) } #ifdef WITH_AIXAUTHENTICATE - if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { + /* + * Don't check loginrestrictions() for root account (use + * PermitRootLogin to control logins via ssh), or if running as + * non-root user (since loginrestrictions will always fail). + */ + if ( (pw->pw_uid != 0) && (geteuid() == 0) && + loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { if (loginmsg && *loginmsg) { /* Remove embedded newlines (if any) */ char *p; |