diff options
| author | Steve Langasek <steve.langasek@canonical.com> | 2020-08-11 14:54:29 -0700 |
|---|---|---|
| committer | Steve Langasek <steve.langasek@canonical.com> | 2020-08-11 14:54:29 -0700 |
| commit | f6d08ed47a3da3c08345bce2ca366e961c52ad7c (patch) | |
| tree | dcbd0efb229b17f696f7195671f05b354b4f70fc /modules/pam_shells/pam_shells.c | |
| parent | 668b13da8f830c38388cecac45539972e80cb246 (diff) | |
| parent | 9e5bea9e146dee574796259ca464ad2435be3590 (diff) | |
| download | pam-f6d08ed47a3da3c08345bce2ca366e961c52ad7c.tar.gz pam-f6d08ed47a3da3c08345bce2ca366e961c52ad7c.tar.bz2 pam-f6d08ed47a3da3c08345bce2ca366e961c52ad7c.zip | |
New upstream version 1.4.0
Diffstat (limited to 'modules/pam_shells/pam_shells.c')
| -rw-r--r-- | modules/pam_shells/pam_shells.c | 39 |
1 files changed, 10 insertions, 29 deletions
diff --git a/modules/pam_shells/pam_shells.c b/modules/pam_shells/pam_shells.c index c8acb9e2..dc8f4878 100644 --- a/modules/pam_shells/pam_shells.c +++ b/modules/pam_shells/pam_shells.c @@ -1,8 +1,6 @@ -/* pam_shells module */ - -#define SHELL_FILE "/etc/shells" - /* + * pam_shells module + * * by Erik Troan <ewt@redhat.com>, Red Hat Software. * August 5, 1996. * This code shamelessly ripped from the pam_securetty module. @@ -15,30 +13,23 @@ #include <string.h> #include <stdio.h> #include <stdlib.h> -#include <string.h> #include <sys/stat.h> #include <syslog.h> #include <unistd.h> -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include <security/pam_modules.h> #include <security/pam_modutil.h> #include <security/pam_ext.h> +#define SHELL_FILE "/etc/shells" + +#define DEFAULT_SHELL "/bin/sh" + static int perform_check(pam_handle_t *pamh) { int retval = PAM_AUTH_ERR; const char *userName; - char *userShell; + const char *userShell; char shellFileLine[256]; struct stat sb; struct passwd * pw; @@ -49,23 +40,13 @@ static int perform_check(pam_handle_t *pamh) return PAM_SERVICE_ERR; } - if (!userName || (userName[0] == '\0')) { - - /* Don't let them use a NULL username... */ - retval = pam_get_user(pamh,&userName,NULL); - if (retval != PAM_SUCCESS) - return PAM_SERVICE_ERR; - - /* It could still be NULL the second time. */ - if (!userName || (userName[0] == '\0')) - return PAM_SERVICE_ERR; - } - pw = pam_modutil_getpwnam(pamh, userName); - if (!pw) { + if (pw == NULL || pw->pw_shell == NULL) { return PAM_AUTH_ERR; /* user doesn't exist */ } userShell = pw->pw_shell; + if (userShell[0] == '\0') + userShell = DEFAULT_SHELL; if (stat(SHELL_FILE,&sb)) { pam_syslog(pamh, LOG_ERR, "Cannot stat %s: %m", SHELL_FILE); |