From 1b9a74bd77740df08b87b225ea70afcfaa02636d Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Fri, 1 May 2020 21:44:59 +0000 Subject: pam_localuser: return PAM_SERVICE_ERR instead of PAM_SYSTEM_ERR When passwd file cannot be opened or the user name either cannot be obtained or is not valid, return PAM_SERVICE_ERR instead of PAM_SYSTEM_ERR. * modules/pam_localuser/pam_localuser.c (pam_sm_authenticate): Return PAM_SERVICE_ERR instead of PAM_SYSTEM_ERR. --- modules/pam_localuser/pam_localuser.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'modules/pam_localuser/pam_localuser.c') diff --git a/modules/pam_localuser/pam_localuser.c b/modules/pam_localuser/pam_localuser.c index 2020eced..2aa60600 100644 --- a/modules/pam_localuser/pam_localuser.c +++ b/modules/pam_localuser/pam_localuser.c @@ -91,19 +91,19 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, if(fp == NULL) { pam_syslog (pamh, LOG_ERR, "error opening \"%s\": %m", filename); - return PAM_SYSTEM_ERR; + return PAM_SERVICE_ERR; } if(pam_get_user(pamh, &user, NULL) != PAM_SUCCESS) { pam_syslog (pamh, LOG_ERR, "user name not specified yet"); fclose(fp); - return PAM_SYSTEM_ERR; + return PAM_SERVICE_ERR; } if (strlen(user) == 0) { pam_syslog (pamh, LOG_ERR, "user name not valid"); fclose(fp); - return PAM_SYSTEM_ERR; + return PAM_SERVICE_ERR; } if (strlen(user) > sizeof(name) - sizeof(":")) { -- cgit v1.2.3