diff options
| author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2002-01-24 16:16:01 +0000 |
|---|---|---|
| committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2002-01-24 16:16:01 +0000 |
| commit | d233082fbe0cec3ecc10ef4211e5df216adf69ef (patch) | |
| tree | 75bd43050585fc18889aae1f802b373fbf44a42a /lib/libpam | |
| parent | e4536f1138599d98fa750125c15b26c430567d9b (diff) | |
| download | src-d233082fbe0cec3ecc10ef4211e5df216adf69ef.tar.gz src-d233082fbe0cec3ecc10ef4211e5df216adf69ef.zip | |
Correctly interpret PAM_RHOST being unset as an indicator of a local
login.
Notes
Notes:
svn path=/head/; revision=89744
Diffstat (limited to 'lib/libpam')
| -rw-r--r-- | lib/libpam/modules/pam_login_access/pam_login_access.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/libpam/modules/pam_login_access/pam_login_access.c b/lib/libpam/modules/pam_login_access/pam_login_access.c index 66b67cae8ae8..cf5b9ccf1772 100644 --- a/lib/libpam/modules/pam_login_access/pam_login_access.c +++ b/lib/libpam/modules/pam_login_access/pam_login_access.c @@ -109,16 +109,20 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc ,const char **argv) gethostname(hostname, sizeof hostname); - if (strcmp(hostname, rhost) == 0) { + if (rhost == NULL) { PAM_LOG("Checking login.access for user %s on tty %s", user, tty); if (login_access(user, tty) != 0) PAM_RETURN(PAM_SUCCESS); + PAM_VERBOSE_ERROR("%s is not allowed to log in on %s", + user, tty); } else { PAM_LOG("Checking login.access for user %s from host %s", user, rhost); if (login_access(user, rhost) != 0) PAM_RETURN(PAM_SUCCESS); + PAM_VERBOSE_ERROR("%s is not allowed to log in from %s", + user, rhost); } PAM_RETURN(PAM_AUTH_ERR); |