diff options
| author | abial <abial@FreeBSD.org> | 1999-01-19 22:59:37 +0000 |
|---|---|---|
| committer | abial <abial@FreeBSD.org> | 1999-01-19 22:59:37 +0000 |
| commit | 77b333d7ef37a9e3188b9979279e5bf76f32f1f4 (patch) | |
| tree | e4fb733aa30e7249176b4f457cdc8cd76695a705 /usr.bin/login | |
| parent | 0f233bf5558e704f03b50e62d4904e581433673a (diff) | |
| download | FreeBSD-src-77b333d7ef37a9e3188b9979279e5bf76f32f1f4.zip FreeBSD-src-77b333d7ef37a9e3188b9979279e5bf76f32f1f4.tar.gz | |
Add a compile knob to avoid using PAM code (login will use standard Unix
authentication only). This comes handy when you're tight on space.
Submitted by: mostly John Baldwin <jobaldwi@vt.edu>
Reviewed by: John D. Polstra <jdp@polstra.com>
Diffstat (limited to 'usr.bin/login')
| -rw-r--r-- | usr.bin/login/Makefile | 14 | ||||
| -rw-r--r-- | usr.bin/login/login.c | 12 |
2 files changed, 22 insertions, 4 deletions
diff --git a/usr.bin/login/Makefile b/usr.bin/login/Makefile index c9a40d3..f29d08a 100644 --- a/usr.bin/login/Makefile +++ b/usr.bin/login/Makefile @@ -1,5 +1,5 @@ # From: @(#)Makefile 8.1 (Berkeley) 7/19/93 -# $Id: Makefile,v 1.24 1998/11/21 02:22:14 jdp Exp $ +# $Id: Makefile,v 1.25 1998/11/21 18:27:15 jdp Exp $ PROG= login MAN1= login.1 @@ -8,9 +8,17 @@ SRCS= login.c login_access.c login_fbtab.c CFLAGS+=-Wall -DLOGIN_ACCESS -DLOGALL -DPADD= ${LIBUTIL} ${LIBCRYPT} ${LIBPAM} -LDADD= -lutil -lcrypt -lpam +DPADD= ${LIBUTIL} ${LIBCRYPT} +LDADD= -lutil -lcrypt + +.if defined(NOPAM) +CFLAGS+= -DNO_PAM +.else +DPADD+= ${LIBPAM} +LDADD+= -lpam NOSHARED=no +.endif + BINMODE=4555 INSTALLFLAGS=-fschg diff --git a/usr.bin/login/login.c b/usr.bin/login/login.c index 2cd1199..3ee0c74 100644 --- a/usr.bin/login/login.c +++ b/usr.bin/login/login.c @@ -42,7 +42,7 @@ static char copyright[] = static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94"; #endif static const char rcsid[] = - "$Id: login.c,v 1.43 1998/11/21 02:22:14 jdp Exp $"; + "$Id: login.c,v 1.44 1999/01/03 23:39:33 eivind Exp $"; #endif /* not lint */ /* @@ -77,8 +77,10 @@ static const char rcsid[] = #include <unistd.h> #include <utmp.h> +#ifndef NO_PAM #include <security/pam_appl.h> #include <security/pam_misc.h> +#endif #include "pathnames.h" @@ -96,7 +98,9 @@ void timedout __P((int)); int login_access __P((char *, char *)); void login_fbtab __P((char *, uid_t, gid_t)); +#ifndef NO_PAM static int auth_pam __P((void)); +#endif static int auth_traditional __P((void)); extern void login __P((struct utmp *)); static void usage __P((void)); @@ -294,16 +298,19 @@ main(argc, argv) (void)setpriority(PRIO_PROCESS, 0, -4); +#ifndef NO_PAM /* * Try to authenticate using PAM. If a PAM system error * occurs, perhaps because of a botched configuration, * then fall back to using traditional Unix authentication. */ if ((rval = auth_pam()) == -1) +#endif /* NO_PAM */ rval = auth_traditional(); (void)setpriority(PRIO_PROCESS, 0, 0); +#ifndef NO_PAM /* * PAM authentication may have changed "pwd" to the * entry for the template user. Check again to see if @@ -311,6 +318,7 @@ main(argc, argv) */ if (pwd != NULL && pwd->pw_uid == 0) rootlogin = 1; +#endif /* NO_PAM */ ttycheck: /* @@ -613,6 +621,7 @@ auth_traditional() return rval; } +#ifndef NO_PAM /* * Attempt to authenticate the user using PAM. Returns 0 if the user is * authenticated, or 1 if not authenticated. If some sort of PAM system @@ -694,6 +703,7 @@ auth_pam() } return rval; } +#endif /* NO_PAM */ static void usage() |
