From 77b333d7ef37a9e3188b9979279e5bf76f32f1f4 Mon Sep 17 00:00:00 2001 From: abial Date: Tue, 19 Jan 1999 22:59:37 +0000 Subject: Add a compile knob to avoid using PAM code (login will use standard Unix authentication only). This comes handy when you're tight on space. Submitted by: mostly John Baldwin Reviewed by: John D. Polstra --- usr.bin/login/Makefile | 14 +++++++++++--- usr.bin/login/login.c | 12 +++++++++++- 2 files changed, 22 insertions(+), 4 deletions(-) (limited to 'usr.bin') diff --git a/usr.bin/login/Makefile b/usr.bin/login/Makefile index c9a40d3..f29d08a 100644 --- a/usr.bin/login/Makefile +++ b/usr.bin/login/Makefile @@ -1,5 +1,5 @@ # From: @(#)Makefile 8.1 (Berkeley) 7/19/93 -# $Id: Makefile,v 1.24 1998/11/21 02:22:14 jdp Exp $ +# $Id: Makefile,v 1.25 1998/11/21 18:27:15 jdp Exp $ PROG= login MAN1= login.1 @@ -8,9 +8,17 @@ SRCS= login.c login_access.c login_fbtab.c CFLAGS+=-Wall -DLOGIN_ACCESS -DLOGALL -DPADD= ${LIBUTIL} ${LIBCRYPT} ${LIBPAM} -LDADD= -lutil -lcrypt -lpam +DPADD= ${LIBUTIL} ${LIBCRYPT} +LDADD= -lutil -lcrypt + +.if defined(NOPAM) +CFLAGS+= -DNO_PAM +.else +DPADD+= ${LIBPAM} +LDADD+= -lpam NOSHARED=no +.endif + BINMODE=4555 INSTALLFLAGS=-fschg diff --git a/usr.bin/login/login.c b/usr.bin/login/login.c index 2cd1199..3ee0c74 100644 --- a/usr.bin/login/login.c +++ b/usr.bin/login/login.c @@ -42,7 +42,7 @@ static char copyright[] = static char sccsid[] = "@(#)login.c 8.4 (Berkeley) 4/2/94"; #endif static const char rcsid[] = - "$Id: login.c,v 1.43 1998/11/21 02:22:14 jdp Exp $"; + "$Id: login.c,v 1.44 1999/01/03 23:39:33 eivind Exp $"; #endif /* not lint */ /* @@ -77,8 +77,10 @@ static const char rcsid[] = #include #include +#ifndef NO_PAM #include #include +#endif #include "pathnames.h" @@ -96,7 +98,9 @@ void timedout __P((int)); int login_access __P((char *, char *)); void login_fbtab __P((char *, uid_t, gid_t)); +#ifndef NO_PAM static int auth_pam __P((void)); +#endif static int auth_traditional __P((void)); extern void login __P((struct utmp *)); static void usage __P((void)); @@ -294,16 +298,19 @@ main(argc, argv) (void)setpriority(PRIO_PROCESS, 0, -4); +#ifndef NO_PAM /* * Try to authenticate using PAM. If a PAM system error * occurs, perhaps because of a botched configuration, * then fall back to using traditional Unix authentication. */ if ((rval = auth_pam()) == -1) +#endif /* NO_PAM */ rval = auth_traditional(); (void)setpriority(PRIO_PROCESS, 0, 0); +#ifndef NO_PAM /* * PAM authentication may have changed "pwd" to the * entry for the template user. Check again to see if @@ -311,6 +318,7 @@ main(argc, argv) */ if (pwd != NULL && pwd->pw_uid == 0) rootlogin = 1; +#endif /* NO_PAM */ ttycheck: /* @@ -613,6 +621,7 @@ auth_traditional() return rval; } +#ifndef NO_PAM /* * Attempt to authenticate the user using PAM. Returns 0 if the user is * authenticated, or 1 if not authenticated. If some sort of PAM system @@ -694,6 +703,7 @@ auth_pam() } return rval; } +#endif /* NO_PAM */ static void usage() -- cgit v1.1