summaryrefslogtreecommitdiff
path: root/debian/patches-applied/021_nis_cleanup
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches-applied/021_nis_cleanup')
-rw-r--r--debian/patches-applied/021_nis_cleanup44
1 files changed, 44 insertions, 0 deletions
diff --git a/debian/patches-applied/021_nis_cleanup b/debian/patches-applied/021_nis_cleanup
new file mode 100644
index 00000000..f3345052
--- /dev/null
+++ b/debian/patches-applied/021_nis_cleanup
@@ -0,0 +1,44 @@
+Patch from Philippe Troin <phil@fifi.org>
+
+Originally this included a bunch of changes to locking, but the more
+recent code pulled from Linux_pam CVS seems to fix that issue.
+
+Index: Linux-PAM/modules/pam_unix/pam_unix_passwd.c
+===================================================================
+--- Linux-PAM/modules/pam_unix/pam_unix_passwd.c.orig
++++ Linux-PAM/modules/pam_unix/pam_unix_passwd.c
+@@ -1107,7 +1107,7 @@
+
+ if (_unix_blankpasswd(pamh, ctrl, user)) {
+ return PAM_SUCCESS;
+- } else if (off(UNIX__IAMROOT, ctrl)) {
++ } else if (off(UNIX__IAMROOT, ctrl) || on(UNIX_NIS, ctrl)) {
+ /* instruct user what is happening */
+ if (asprintf(&Announce, _("Changing password for %s."),
+ user) < 0) {
+@@ -1120,7 +1120,9 @@
+ set(UNIX__OLD_PASSWD, lctrl);
+ retval = _unix_read_password(pamh, lctrl
+ ,Announce
+- ,_("(current) UNIX password: ")
++ ,(on(UNIX__IAMROOT, ctrl)
++ ? _("NIS server root password: ")
++ : _("(current) UNIX password: "))
+ ,NULL
+ ,_UNIX_OLD_AUTHTOK
+ ,&pass_old);
+@@ -1131,9 +1133,12 @@
+ "password - (old) token not obtained");
+ return retval;
+ }
+- /* verify that this is the password for this user */
++ /* verify that this is the password for this user
++ * if we're not using NIS */
+
+- retval = _unix_verify_password(pamh, user, pass_old, ctrl);
++ if (off(UNIX_NIS, ctrl)) {
++ retval = _unix_verify_password(pamh, user, pass_old, ctrl);
++ }
+ } else {
+ D(("process run by root so do nothing this time around"));
+ pass_old = NULL;