[Bug 1188] keyboard-interactive should not allow retry after pam_acct_mgmt fails

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu May 4 12:57:22 EST 2006


------- Comment #7 from dtucker at zip.com.au  2006-05-04 12:57 -------
(In reply to comment #6)
> it sounds like the patch DTRT.

Thanks for reviewing it.

> >> Also, if the account IS expired, the user should be given a chance
> >> to update their password.
> >
> > If pam_acct_mgmt failed for any reason other than
> > PAM_NEW_AUTHTOK_REQD then no, they shouldn't.
> That's what I just said.  Since the patch doesn't have the effect I
> thought it did, you can obviously ignore this comment.

Actually you said "if the *account* is expired.  Since you apparently
meant "if the password is expired" then we're in agreement and you can
ignore my comment too :-)

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the openssh-bugs mailing list