diff options
author | Darren Tucker <dtucker@zip.com.au> | 2004-06-23 13:45:24 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2004-06-23 13:45:24 +1000 |
commit | 0a9d43d7264ff0a74c4f9493be238e35ef04c952 (patch) | |
tree | 5734ef5253ba9f4dac817c7987a00671c77d9fc6 /auth.c | |
parent | ef8f8af86c3df4d769892baeca5d18a7a8599908 (diff) |
- (dtucker) [auth.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
Move loginrestrictions test to port-aix.c, replace with a generic hook.
Diffstat (limited to 'auth.c')
-rw-r--r-- | auth.c | 29 |
1 files changed, 4 insertions, 25 deletions
@@ -203,31 +203,10 @@ allowed_user(struct passwd * pw) ga_free(); } -#ifdef WITH_AIXAUTHENTICATE - /* - * Don't check loginrestrictions() for root account (use - * PermitRootLogin to control logins via ssh), or if running as - * non-root user (since loginrestrictions will always fail). - */ - if ((pw->pw_uid != 0) && (geteuid() == 0)) { - char *msg; - - if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &msg) != 0) { - int loginrestrict_errno = errno; - - if (msg && *msg) { - buffer_append(&loginmsg, msg, strlen(msg)); - aix_remove_embedded_newlines(msg); - logit("Login restricted for %s: %.100s", - pw->pw_name, msg); - } - /* Don't fail if /etc/nologin set */ - if (!(loginrestrict_errno == EPERM && - stat(_PATH_NOLOGIN, &st) == 0)) - return 0; - } - } -#endif /* WITH_AIXAUTHENTICATE */ +#ifdef CUSTOM_SYS_AUTH_ALLOWED_USER + if (!sys_auth_allowed_user(pw)) + return 0; +#endif /* We found no reason not to let this user try to log on... */ return 1; |