From df0d27720e578a37b46ec938efff4f7ec4cdcb6c Mon Sep 17 00:00:00 2001
From: Shreenidhi Shedi <sshedi@vmware.com>
Date: Fri, 1 Jul 2022 12:00:23 +0530
Subject: faillock: error out if user does not exist

No need to do any further processing if a non existent username is given
to faillock.

For first time successful login, failure field should be 0 and faillock
should show something like pam_tally2 did.

Signed-off-by: Shreenidhi Shedi <sshedi@vmware.com>
---
 modules/pam_faillock/main.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'modules/pam_faillock')

diff --git a/modules/pam_faillock/main.c b/modules/pam_faillock/main.c
index 35208870..a5e2cd60 100644
--- a/modules/pam_faillock/main.c
+++ b/modules/pam_faillock/main.c
@@ -137,8 +137,12 @@ do_user(struct options *opts, const char *user)
 	const char *dir = get_tally_dir(opts);
 
 	pwd = getpwnam(user);
+	if (pwd == NULL) {
+	    fprintf(stderr, "%s: Error no such user: %s\n", opts->progname, user);
+	    return 1;
+	}
 
-	fd = open_tally(dir, user, pwd != NULL ? pwd->pw_uid : 0, 0);
+	fd = open_tally(dir, user, pwd->pw_uid, 1);
 
 	if (fd == -1) {
 		if (errno == ENOENT) {
-- 
cgit v1.2.3