diff options
| author | Dmitry V. Levin <ldv@altlinux.org> | 2020-05-01 21:44:59 +0000 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@altlinux.org> | 2020-05-21 16:51:52 +0000 |
| commit | ac85f26ed489a9f8ecbf4775237dd1561a28bfbc (patch) | |
| tree | d73fa1d37683f7bc960789bec7d4de4d1ba0b42b /modules | |
| parent | 7d878c8471b56c018c04bfe9b83bea5fecd70f90 (diff) | |
pam_localuser: forward error values returned by pam_get_user
Starting with commit c2c601f5340a59c5c62193d55b555d384380ea38,
pam_get_user is guaranteed to return one of the following values:
PAM_SUCCESS, PAM_BUF_ERR, PAM_CONV_AGAIN, or PAM_CONV_ERR.
* modules/pam_localuser/pam_localuser.c (pam_sm_authenticate): Do not
replace non-PAM_CONV_AGAIN error values returned by pam_get_user with
PAM_SERVICE_ERR.
* modules/pam_localuser/pam_localuser.8.xml (RETURN VALUES): Document
new return values.
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/pam_localuser/pam_localuser.8.xml | 21 | ||||
| -rw-r--r-- | modules/pam_localuser/pam_localuser.c | 2 |
2 files changed, 21 insertions, 2 deletions
diff --git a/modules/pam_localuser/pam_localuser.8.xml b/modules/pam_localuser/pam_localuser.8.xml index 4d3daa9e..b3c1886b 100644 --- a/modules/pam_localuser/pam_localuser.8.xml +++ b/modules/pam_localuser/pam_localuser.8.xml @@ -103,6 +103,25 @@ </varlistentry> <varlistentry> + <term>PAM_BUF_ERR</term> + <listitem> + <para> + Memory buffer error. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>PAM_CONV_ERR</term> + <listitem> + <para> + The conversation method supplied by the application + failed to obtain the username. + </para> + </listitem> + </varlistentry> + + <varlistentry> <term>PAM_INCOMPLETE</term> <listitem> <para> @@ -116,7 +135,7 @@ <term>PAM_SERVICE_ERR</term> <listitem> <para> - No username was given. + The user name is not valid or the passwd file is unavailable. </para> </listitem> </varlistentry> diff --git a/modules/pam_localuser/pam_localuser.c b/modules/pam_localuser/pam_localuser.c index 9ffd54a3..2452563a 100644 --- a/modules/pam_localuser/pam_localuser.c +++ b/modules/pam_localuser/pam_localuser.c @@ -98,7 +98,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, /* Obtain the user name. */ if ((ret = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS) { pam_syslog (pamh, LOG_ERR, "cannot determine user name"); - return ret == PAM_CONV_AGAIN ? PAM_INCOMPLETE : PAM_SERVICE_ERR; + return ret == PAM_CONV_AGAIN ? PAM_INCOMPLETE : ret; } if ((user_len = strlen(user)) == 0) { |