[PATCH] Only call loginrestiction on AIX if running as root
Darren Tucker
dtucker at zip.com.au
Sun Sep 29 18:09:08 EST 2002
Hi All,
I have found that the regression tests on AIX failed as a
non-root
user. This is due to a call to loginrestrictions() failing.
The man page for loginrestrictions says:
"Access Control:The calling process must have access to the account
information in the user database and the port information in the port
database."
These files are: /etc/security/user, /etc/security/login.cfg and
/etc/security/portlog, which are readable only by root or group
"security".
Please consider applying the attached patch, which calls
loginrestrictions only if running as root.
With this patch, AIX 4.2.1 & 4.3.3 complete the entire
regression suite
without sudo.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
-------------- next part --------------
Index: auth.c
===================================================================
RCS file: /cvs/openssh/auth.c,v
retrieving revision 1.58
diff -u -r1.58 auth.c
--- auth.c 21 Sep 2002 15:26:53 -0000 1.58
+++ auth.c 29 Sep 2002 05:53:43 -0000
@@ -202,7 +202,7 @@
}
#ifdef WITH_AIXAUTHENTICATE
- if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) {
+ if ((geteuid()==0) && loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) {
if (loginmsg && *loginmsg) {
/* Remove embedded newlines (if any) */
char *p;
More information about the openssh-unix-dev
mailing list