diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | auth.c | 8 |
2 files changed, 11 insertions, 2 deletions
@@ -1,3 +1,6 @@ +20021015 + - (bal) Fix bug id 383 and only call loginrestrict for AIX if not root. + 20021004 - (bal) Disable post-authentication Privsep for OSF/1. It conflicts with SIA. @@ -761,4 +764,4 @@ save auth method before monitor_reset_key_state(); bugzilla bug #284; ok provos@ -$Id: ChangeLog,v 1.2491.2.2 2002/10/05 00:14:05 mouring Exp $ +$Id: ChangeLog,v 1.2491.2.3 2002/10/16 00:12:12 mouring Exp $ @@ -202,7 +202,13 @@ allowed_user(struct passwd * pw) } #ifdef WITH_AIXAUTHENTICATE - if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { + /* + * Don't check loginrestrictions() for root account (use + * PermitRootLogin to control logins via ssh), or if running as + * non-root user (since loginrestrictions will always fail). + */ + if ( (pw->pw_uid != 0) && (geteuid() == 0) && + loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) { if (loginmsg && *loginmsg) { /* Remove embedded newlines (if any) */ char *p; |