blob: 01d67d411bd896c45945d12987f32e3c82392678 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
Previously jumps were treated as PAM_IGNORE in the freezing part of
the chain and PAM_OK (aka required) in the frozen part of the chain.
No one on pam-list was able to explain this behavior, so I changed it
to be consistent.
Index: Linux-PAM/libpam/pam_dispatch.c
===================================================================
--- Linux-PAM/libpam/pam_dispatch.c.orig
+++ Linux-PAM/libpam/pam_dispatch.c
@@ -229,19 +229,7 @@
if ( _PAM_ACTION_IS_JUMP(action) ) {
/* If we are evaluating a cached chain, we treat this
- module as required (aka _PAM_ACTION_OK) as well as
- executing the jump. */
-
- if (use_cached_chain) {
- if (impression == _PAM_UNDEF
- || (impression == _PAM_POSITIVE
- && status == PAM_SUCCESS) ) {
- if ( retval != PAM_IGNORE || cached_retval == retval ) {
- impression = _PAM_POSITIVE;
- status = retval;
- }
- }
- }
+ module as ignored as well as executing the jump. */
/* this means that we need to skip #action stacked modules */
do {
|
