diff options
| author | des <des@FreeBSD.org> | 2002-04-26 19:28:17 +0000 |
|---|---|---|
| committer | des <des@FreeBSD.org> | 2002-04-26 19:28:17 +0000 |
| commit | a6e173ee3355f49affa5d31181daa19bb6c1229d (patch) | |
| tree | 0cff8239253d3dd617f64da3ed0480b61f310485 /lib/libpam | |
| parent | d4ef4eff54a39c421ffd777f7e7e8e6b703b5178 (diff) | |
| download | FreeBSD-src-a6e173ee3355f49affa5d31181daa19bb6c1229d.zip FreeBSD-src-a6e173ee3355f49affa5d31181daa19bb6c1229d.tar.gz | |
Don't ask root for the old password, except in the NIS case.
Sponsored by: DARPA, NAI Labs
Diffstat (limited to 'lib/libpam')
| -rw-r--r-- | lib/libpam/modules/pam_unix/pam_unix.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/lib/libpam/modules/pam_unix/pam_unix.c b/lib/libpam/modules/pam_unix/pam_unix.c index 510eb39..cdf1955 100644 --- a/lib/libpam/modules/pam_unix/pam_unix.c +++ b/lib/libpam/modules/pam_unix/pam_unix.c @@ -313,6 +313,11 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, PAM_LOG("PRELIM round"); + if (getuid() == 0 && + (pwd->pw_fields & _PWF_SOURCE) == _PWF_FILES) + /* root doesn't need the old password */ + return (pam_set_item(pamh, PAM_OLDAUTHTOK, "")); + if (pwd->pw_passwd[0] == '\0' && pam_test_option(&options, PAM_OPT_NULLOK, NULL)) { /* @@ -338,7 +343,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, PAM_LOG("UPDATE round"); retval = pam_get_authtok(pamh, - PAM_AUTHTOK, &old_pass, NULL); + PAM_OLDAUTHTOK, &old_pass, NULL); if (retval != PAM_SUCCESS) return (retval); PAM_LOG("Got old password"); |
