pam_exec: allow expose_authtok for password PAM_TYPE

Before this change, pam_exec allowed expose_authtok option to be specified for "auth" PAM_TYPE only. * modules/pam_exec/pam_exec.c (call_exec): Allow expose_authtok to be specified for "password" PAM_TYPE. * modules/pam_exec/pam_exec.8.xml: Document it.
author: Anton Gubarkov <anton.gubarkov@gmail.com> 2023-12-15 16:58:24 +0300
committer: Dmitry V. Levin <ldv@strace.io> 2024-01-02 18:24:08 +0000
commit: 515546d1117ab89a3597176689273ce7734a77d3 (patch)
tree: a6a129756d6aa4fcdd2fbb76f4d841b2c8d29c6b /modules/pam_exec/pam_exec.c
parent: 2d04ce36c1d5d5abe2e0b90d60ed896947439a9e (diff)
download: pam-515546d1117ab89a3597176689273ce7734a77d3.tar.gz
pam-515546d1117ab89a3597176689273ce7734a77d3.tar.bz2
pam-515546d1117ab89a3597176689273ce7734a77d3.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c
index e79cb905..24c99a32 100644
--- a/modules/pam_exec/pam_exec.c
+++ b/modules/pam_exec/pam_exec.c
@@ -156,7 +156,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh,
 
   if (expose_authtok == 1)
     {
-      if (strcmp (pam_type, "auth") != 0)
+      if (strcmp (pam_type, "auth") != 0 && strcmp (pam_type, "password") != 0)
 	{
 	  pam_syslog (pamh, LOG_ERR,
 		      "expose_authtok not supported for type %s", pam_type);
author	Anton Gubarkov <anton.gubarkov@gmail.com>	2023-12-15 16:58:24 +0300
committer	Dmitry V. Levin <ldv@strace.io>	2024-01-02 18:24:08 +0000
commit	515546d1117ab89a3597176689273ce7734a77d3 (patch)
tree	a6a129756d6aa4fcdd2fbb76f4d841b2c8d29c6b /modules/pam_exec/pam_exec.c
parent	2d04ce36c1d5d5abe2e0b90d60ed896947439a9e (diff)
download	pam-515546d1117ab89a3597176689273ce7734a77d3.tar.gz pam-515546d1117ab89a3597176689273ce7734a77d3.tar.bz2 pam-515546d1117ab89a3597176689273ce7734a77d3.zip