From owner-freebsd-current Fri Apr 27 15:40:59 2001 Delivered-To: freebsd-current@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id 7583737B42C; Fri, 27 Apr 2001 15:40:55 -0700 (PDT) (envelope-from bde@zeta.org.au) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id IAA19707; Sat, 28 Apr 2001 08:40:52 +1000 Date: Sat, 28 Apr 2001 08:39:49 +1000 (EST) From: Bruce Evans X-Sender: bde@besplex.bde.org To: Mark Murray Cc: current@FreeBSD.org Subject: PAMmed su still broken for passwordless accounts In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 28 Mar 2001, Bruce Evans wrote: > > markm 2001/03/27 11:40:51 PST > > > > Modified files: > > etc pam.conf > > libexec/rshd Makefile rshd.8 rshd.c > > libexec/ftpd Makefile ftpd.c > > usr.bin/login Makefile login.1 login.c > > usr.bin/su Makefile su.1 su.c > > Log: > > Add full PAM support for account management and sessions. > > > > The PAM_FAIL_CHECK and PAM_END macros in su.c came from the util-linux > > package's PAM patches to the BSD login.c > > > > Submitted by: "David J. MacKenzie" > > This breaks: > > 1) su on passwordless accounts. > (a) `su ' now bogusly prompts for a password. It lets > you in if you type an empty password. > (b) `echo somecommand | su ' now bogusly prompts for > a password. su doesn't find a password, and exits without printing > anything or running `somecommand'. I use the latter form a lot. > (2) static linkage of rshd. Previously, only static linkage of many other > commands that are linked to libpam was broken (ftpd was one). > > Bruce I use the quick fix of removing -DPAM from su/Makefile. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message