Date: Thu, 12 Jul 2007 14:11:57 +0000 (UTC) From: Yar Tikhiy <yar@FreeBSD.org> To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/lib/libpam/modules/pam_nologin pam_nologin.8 pam_nologin.c Message-ID: <200707121411.l6CEBvbs043894@repoman.freebsd.org>
index | next in thread | raw e-mail
yar 2007-07-12 14:11:57 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_6)
lib/libpam/modules/pam_nologin pam_nologin.8 pam_nologin.c
Log:
MFC:
Use the current user's login class for the decisions about where
the nologin(5) file is located and whether the user may bypass its
restriction.
Add some error checks.
Revision Changes Path
1.7 +16 -15 src/lib/libpam/modules/pam_nologin/pam_nologin.8
1.13 +42 -29 src/lib/libpam/modules/pam_nologin/pam_nologin.c
Note: To avoid POLA violation, the merged module still lets root
in irrespective of login.conf settings. In HEAD, root has to have
an explicit "ignorenologin" capability to bypass nologin(5).
PR: bin/107612
Revision Changes Path
1.5.14.1 +17 -16 src/lib/libpam/modules/pam_nologin/pam_nologin.8
1.10.14.1 +47 -28 src/lib/libpam/modules/pam_nologin/pam_nologin.c
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200707121411.l6CEBvbs043894>