summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog3
-rw-r--r--modules/pam_sepermit/pam_sepermit.c2
2 files changed, 4 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index aaf8737a..dc7a49f4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,9 @@
(pam_sm_authenticate): Call gethostname() to fill hostname in the
loginfo.
+ * modules/pam_sepermit/pam_sepermit.c(sepermit_match): Do not try
+ to lock if euid != 0.
+
2008-04-16 Tomas Mraz <t8m@centrum.cz>
* modules/pam_unix/Makefile.am: Link unix_chkpwd with libaudit.
diff --git a/modules/pam_sepermit/pam_sepermit.c b/modules/pam_sepermit/pam_sepermit.c
index 0d5ab21a..15cdc3e1 100644
--- a/modules/pam_sepermit/pam_sepermit.c
+++ b/modules/pam_sepermit/pam_sepermit.c
@@ -305,7 +305,7 @@ sepermit_match(pam_handle_t *pamh, const char *cfgfile, const char *user,
free(line);
fclose(f);
if (matched)
- return exclusive ? sepermit_lock(pamh, user, debug) : 0;
+ return (geteuid() == 0 && exclusive) ? sepermit_lock(pamh, user, debug) : 0;
else
return -1;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-30 17:19:37 +0000