diff options
| author | Dmitry V. Levin <ldv@altlinux.org> | 2020-05-14 08:00:00 +0000 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@altlinux.org> | 2020-05-15 08:00:00 +0000 |
| commit | ab4f7c33e2d6fb64ebf2e2ee0a2f3cfb06ed3f68 (patch) | |
| tree | 8f50711c4c5cf17fd6597a9666cde36a292765bf /modules/pam_securetty | |
| parent | 5aca62a102b7309f1d96ded01ad1e7f94310fade (diff) | |
| download | pam-ab4f7c33e2d6fb64ebf2e2ee0a2f3cfb06ed3f68.tar.gz pam-ab4f7c33e2d6fb64ebf2e2ee0a2f3cfb06ed3f68.tar.bz2 pam-ab4f7c33e2d6fb64ebf2e2ee0a2f3cfb06ed3f68.zip | |
pam_securetty: forward error values returned by pam_get_user
Starting with commit c2c601f5340a59c5c62193d55b555d384380ea38,
pam_get_user is guaranteed to return one of the following values:
PAM_SUCCESS, PAM_BUF_ERR, PAM_CONV_AGAIN, or PAM_CONV_ERR.
* modules/pam_securetty/pam_securetty.c (pam_sm_authenticate): Do not
replace non-PAM_CONV_AGAIN error values returned by pam_get_user with
PAM_SERVICE_ERR.
* modules/pam_securetty/pam_securetty.8.xml (RETURN VALUES): Document
new return values.
Diffstat (limited to 'modules/pam_securetty')
| -rw-r--r-- | modules/pam_securetty/pam_securetty.8.xml | 22 | ||||
| -rw-r--r-- | modules/pam_securetty/pam_securetty.c | 2 |
2 files changed, 20 insertions, 4 deletions
diff --git a/modules/pam_securetty/pam_securetty.8.xml b/modules/pam_securetty/pam_securetty.8.xml index b5e83691..e49d572b 100644 --- a/modules/pam_securetty/pam_securetty.8.xml +++ b/modules/pam_securetty/pam_securetty.8.xml @@ -115,12 +115,28 @@ </listitem> </varlistentry> <varlistentry> + <term>PAM_BUF_ERR</term> + <listitem> + <para> + Memory buffer error. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>PAM_CONV_ERR</term> + <listitem> + <para> + The conversation method supplied by the application + failed to obtain the username. + </para> + </listitem> + </varlistentry> + <varlistentry> <term>PAM_INCOMPLETE</term> <listitem> <para> - An application error occurred. pam_securetty was not able - to get information it required from the application that - called it. + The conversation method supplied by the application + returned PAM_CONV_AGAIN. </para> </listitem> </varlistentry> diff --git a/modules/pam_securetty/pam_securetty.c b/modules/pam_securetty/pam_securetty.c index 355a23ab..5f52d3a9 100644 --- a/modules/pam_securetty/pam_securetty.c +++ b/modules/pam_securetty/pam_securetty.c @@ -85,7 +85,7 @@ securetty_perform_check (pam_handle_t *pamh, int ctrl, retval = pam_get_user(pamh, &username, NULL); if (retval != PAM_SUCCESS) { pam_syslog(pamh, LOG_WARNING, "cannot determine username"); - return (retval == PAM_CONV_AGAIN ? PAM_INCOMPLETE:PAM_SERVICE_ERR); + return (retval == PAM_CONV_AGAIN ? PAM_INCOMPLETE : retval); } user_pwd = pam_modutil_getpwnam(pamh, username); |