Removed broken PAM support from rshd(8) and rlogind(8). rshd does

not allocate a pty(4) so it is not suitable at all for interactive
PAM modules.  rlogind calls login(1) which is already PAM enabled.

Approved by:	markm

2 files changed, 1 insertions, 28 deletions

diff --git a/libexec/rshd/Makefile b/libexec/rshd/Makefile
index b54f7632e029..2e40e4fdad4e 100644
--- a/libexec/rshd/Makefile
+++ b/libexec/rshd/Makefile
@@ -5,14 +5,7 @@ PROG=	rshd
 SRCS=	rshd.c
 MAN8=	rshd.8
 
-.if defined(NOPAM)
-CFLAGS+= -DNO_PAM
-.else
-#CFLAGS+= -DCRYPT -DNO_PAM
-SRCS+=	auth_pam.c
-DPADD+= ${LIBPAM}
-LDADD+= ${MINUSLPAM}
-.endif
+#CFLAGS+= -DCRYPT
 
 # For login_cap handling
 CFLAGS+=-DLOGIN_CAP -Wall
@@ -23,5 +16,3 @@ LDADD+= -lutil
 CFLAGS+= -DINET6
 
 .include <bsd.prog.mk>
-
-.PATH:	${.CURDIR}/../rlogind
diff --git a/libexec/rshd/rshd.c b/libexec/rshd/rshd.c
index 374d1374c39a..27f992edf74d 100644
--- a/libexec/rshd/rshd.c
+++ b/libexec/rshd/rshd.c
@@ -113,9 +113,6 @@ int	 local_domain __P((char *));
 char	*topdomain __P((char *));
 void	 usage __P((void));
 
-#ifndef NO_PAM
-extern int auth_pam __P((char *));
-#endif
 
 #define	OPTIONS	"alnDL"
 
@@ -216,7 +213,6 @@ doit(fromp)
 	char fromhost[2 * MAXHOSTNAMELEN + 1];
 	char numericname[INET6_ADDRSTRLEN];
 	int af = fromp->su_family, err;
-	int retval;
 #ifdef	CRYPT
 	int rc;
 	int pv1[2], pv2[2];
@@ -382,20 +378,6 @@ doit(fromp)
 		pwd->pw_dir = "/";
 	}
 
-#ifndef  NO_PAM
-	retval = auth_pam(locuser);
-
-	if (retval) {
-		if (retval == -1) {
-			syslog(LOG_ERR,"PAM authentication failed");
-		}
-		else {
-			syslog(LOG_ERR,
-				"User %s failed PAM authentication", locuser);
-			exit(1);
-		}
-	}
-#endif 
 
 		if (errorstr ||
 		    (pwd->pw_expire && time(NULL) >= pwd->pw_expire) ||