2 files changed, 21 insertions, 0 deletions

diff --git a/modules/pam_time/pam_time.8.xml b/modules/pam_time/pam_time.8.xml
index 4708220c..a33744ea 100644
--- a/modules/pam_time/pam_time.8.xml
+++ b/modules/pam_time/pam_time.8.xml
@@ -51,6 +51,11 @@
       <filename>/etc/security/time.conf</filename>.
       An alternative file can be specified with the <emphasis>conffile</emphasis> option.
     </para>
+    <para condition="with_vendordir">
+      If there is no explicitly specified configuration file and
+      <filename>/etc/security/time.conf</filename> does not exist,
+      <filename>%vendordir%/security/time.conf</filename> is used.
+    </para>
     <para>
       If Linux PAM is compiled with audit support the module will report
       when it denies access.
diff --git a/modules/pam_time/pam_time.c b/modules/pam_time/pam_time.c
index 8eebc914..b99e4c32 100644
--- a/modules/pam_time/pam_time.c
+++ b/modules/pam_time/pam_time.c
@@ -34,6 +34,9 @@
 #endif
 
 #define PAM_TIME_CONF	(SCONFIGDIR "/time.conf")
+#ifdef VENDOR_SCONFIGDIR
+#define VENDOR_PAM_TIME_CONF (VENDOR_SCONFIGDIR "/time.conf")
+#endif
 
 #define PAM_TIME_BUFLEN        1000
 #define FIELD_SEPARATOR        ';'   /* this is new as of .02 */
@@ -79,6 +82,19 @@ _pam_parse (const pam_handle_t *pamh, int argc, const char **argv, const char **
 	}
     }
 
+#ifdef VENDOR_PAM_TIME_CONF
+    if (*conffile == PAM_TIME_CONF) {
+	/*
+	 * Check whether PAM_TIME_CONF file is available.
+	 * If it does not exist, fall back to VENDOR_PAM_TIME_CONF file.
+	 */
+	struct stat buffer;
+	if (stat(*conffile, &buffer) != 0 && errno == ENOENT) {
+	    *conffile = VENDOR_PAM_TIME_CONF;
+	}
+    }
+#endif
+
     return ctrl;
 }