summaryrefslogtreecommitdiff
path: root/debian/patches-applied/055_pam_unix_nullok_secure
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches-applied/055_pam_unix_nullok_secure')
-rw-r--r--debian/patches-applied/055_pam_unix_nullok_secure22
1 files changed, 11 insertions, 11 deletions
diff --git a/debian/patches-applied/055_pam_unix_nullok_secure b/debian/patches-applied/055_pam_unix_nullok_secure
index 7ef6a6a2..18f9f95b 100644
--- a/debian/patches-applied/055_pam_unix_nullok_secure
+++ b/debian/patches-applied/055_pam_unix_nullok_secure
@@ -67,11 +67,11 @@ Index: pam.deb/modules/pam_unix/support.c
args[2]=strdup("nullok");
} else {
args[2]=strdup("nonull");
-@@ -554,6 +573,17 @@
- if (salt)
- _pam_delete(salt);
+@@ -527,6 +546,17 @@
+ if (on(UNIX__NONULL, ctrl))
+ return 0; /* will fail but don't let on yet */
-+ if ((retval == 1) && on(UNIX_NULLOK_SECURE, ctrl)) {
++ if (on(UNIX_NULLOK_SECURE, ctrl)) {
+ int retval2;
+ const void *uttyname;
+ retval2 = pam_get_item(pamh, PAM_TTY, &uttyname);
@@ -82,9 +82,9 @@ Index: pam.deb/modules/pam_unix/support.c
+ return 0;
+ }
+
- return retval;
- }
+ /* UNIX passwords area */
+ retval = get_pwd_hash(pamh, name, &pwd, &salt);
@@ -613,7 +643,8 @@
}
}
@@ -179,17 +179,17 @@ Index: pam.deb/modules/pam_unix/pam_unix.8
+++ pam.deb/modules/pam_unix/pam_unix.8
@@ -62,7 +62,14 @@
.RS 4
- The default action of this module is to not permit the user access to a service if their official password is blank\. The
+ The default action of this module is to not permit the user access to a service if their official password is blank\&. The
\fBnullok\fR
--argument overrides this default\.
-+argument overrides this default and allows any user with a blank password to access the service\.
+-argument overrides this default\&.
++argument overrides this default and allows any user with a blank password to access the service\&.
+.RE
+.PP
+\fBnullok_secure\fR
+.RS 4
-+The default action of this module is to not permit the user access to a service if their official password is blank\. The
++The default action of this module is to not permit the user access to a service if their official password is blank\&. The
+\fBnullok_secure\fR
-+argument overrides this default and allows any user with a blank password to access the service as long as the value of PAM_TTY is set to one of the values found in /etc/securetty\.
++argument overrides this default and allows any user with a blank password to access the service as long as the value of PAM_TTY is set to one of the values found in /etc/securetty\&.
.RE
.PP
\fBtry_first_pass\fR