From 385f8fbd1ce9b8950c02dff94f5e89df7e77a752 Mon Sep 17 00:00:00 2001
From: "Dmitry V. Levin" <ldv@altlinux.org>
Date: Sat, 9 May 2020 08:00:00 +0000
Subject: pam_mkhomedir: fix return value when the user is unknown

From the very beginning pam_mkhomedir module used to return
PAM_CRED_INSUFFICIENT when getpwnam() or pam_modutil_getpwnam()
returned an error.  Fix this now by changing the return value
to PAM_USER_UNKNOWN.

* modules/pam_mkhomedir/mkhomedir_helper.c (main): Return
PAM_USER_UNKNOWN instead of PAM_CRED_INSUFFICIENT.
* modules/pam_mkhomedir/pam_mkhomedir.c (pam_sm_open_session): Likewise.
* modules/pam_mkhomedir/pam_mkhomedir.8.xml (PAM_CRED_INSUFFICIENT):
Remove.
---
 modules/pam_mkhomedir/mkhomedir_helper.c  | 2 +-
 modules/pam_mkhomedir/pam_mkhomedir.8.xml | 8 --------
 modules/pam_mkhomedir/pam_mkhomedir.c     | 2 +-
 3 files changed, 2 insertions(+), 10 deletions(-)

(limited to 'modules')

diff --git a/modules/pam_mkhomedir/mkhomedir_helper.c b/modules/pam_mkhomedir/mkhomedir_helper.c
index 9e204c16..8969da52 100644
--- a/modules/pam_mkhomedir/mkhomedir_helper.c
+++ b/modules/pam_mkhomedir/mkhomedir_helper.c
@@ -373,7 +373,7 @@ main(int argc, char *argv[])
    pwd = getpwnam(argv[1]);
    if (pwd == NULL) {
 	pam_syslog(NULL, LOG_ERR, "User unknown.");
-	return PAM_CRED_INSUFFICIENT;
+	return PAM_USER_UNKNOWN;
    }
 
    if (argc >= 3) {
diff --git a/modules/pam_mkhomedir/pam_mkhomedir.8.xml b/modules/pam_mkhomedir/pam_mkhomedir.8.xml
index d7606f2b..19744de8 100644
--- a/modules/pam_mkhomedir/pam_mkhomedir.8.xml
+++ b/modules/pam_mkhomedir/pam_mkhomedir.8.xml
@@ -130,14 +130,6 @@
           </para>
         </listitem>
       </varlistentry>
-      <varlistentry>
-        <term>PAM_CRED_INSUFFICIENT</term>
-        <listitem>
-           <para>
-             Insufficient credentials to access authentication data.
-          </para>
-        </listitem>
-      </varlistentry>
       <varlistentry>
         <term>PAM_PERM_DENIED</term>
         <listitem>
diff --git a/modules/pam_mkhomedir/pam_mkhomedir.c b/modules/pam_mkhomedir/pam_mkhomedir.c
index 5f9b1661..cb773e8f 100644
--- a/modules/pam_mkhomedir/pam_mkhomedir.c
+++ b/modules/pam_mkhomedir/pam_mkhomedir.c
@@ -208,7 +208,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc,
    {
       pam_syslog(pamh, LOG_NOTICE, "User unknown.");
       D(("couldn't identify user %s", user));
-      return PAM_CRED_INSUFFICIENT;
+      return PAM_USER_UNKNOWN;
    }
 
    /* Stat the home directory, if something exists then we assume it is
-- 
cgit v1.2.3