aboutsummaryrefslogtreecommitdiff
path: root/modules/pam_group/pam_group.c
diff options
context:
space:
mode:
authorThorsten Kukuk <kukuk@thkukuk.de>2010-08-04 13:00:59 +0000
committerThorsten Kukuk <kukuk@thkukuk.de>2010-08-04 13:00:59 +0000
commit0e73991710adce250f8cc56040528ae25e68bad0 (patch)
tree61b59602b9e275313747ffee90039c88508e4934 /modules/pam_group/pam_group.c
parentc9dd97e696e70900869af7f50f647c2517aab405 (diff)
downloadpam-0e73991710adce250f8cc56040528ae25e68bad0.tar.gz
pam-0e73991710adce250f8cc56040528ae25e68bad0.tar.bz2
pam-0e73991710adce250f8cc56040528ae25e68bad0.zip
Relevant BUGIDs: #3035919, #3002340, #3037155
Purpose of commit: bugfix Commit summary: --------------- 2010-08-04 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_access/pam_access.c (user_match): Make sure that user@host will not match @@netgroup. Bug #3035919. * modules/pam_group/pam_group.c (check_account): Add '%' for UNIX groups. * modules/pam_group/group.conf: Add example for '%'. * modules/pam_group/group.conf.5.xml: Document '%' syntax. Bug #3002340, #3037155.
Diffstat (limited to 'modules/pam_group/pam_group.c')
-rw-r--r--modules/pam_group/pam_group.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/modules/pam_group/pam_group.c b/modules/pam_group/pam_group.c
index 3dc7f78e..310b2622 100644
--- a/modules/pam_group/pam_group.c
+++ b/modules/pam_group/pam_group.c
@@ -660,6 +660,9 @@ static int check_account(pam_handle_t *pamh, const char *service,
/* If buffer starts with @, we are using netgroups */
if (buffer[0] == '@')
good &= innetgr (&buffer[1], NULL, user, NULL);
+ /* otherwise, if the buffer starts with %, it's a UNIX group */
+ else if (buffer[0] == '%')
+ good &= pam_modutil_user_in_group_nam_nam(pamh, user, &buffer[1]);
else
good &= logic_field(pamh,user, buffer, count, is_same);
D(("with user: %s", good ? "passes":"fails" ));
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-18 00:15:30 +0000