svn commit: r239062 - head/lib/libpam/modules/pam_krb5
Doug Rabson
dfr at FreeBSD.org
Sun Aug 5 13:40:35 UTC 2012
Author: dfr
Date: Sun Aug 5 13:40:35 2012
New Revision: 239062
URL: http://svn.freebsd.org/changeset/base/239062
Log:
Add an option for pam_krb5 to allow it to authenticate users which don't have
a local account.
PR: 76678
Submitted by: daved at tamu.edu
MFC after: 2 weeks
Modified:
head/lib/libpam/modules/pam_krb5/pam_krb5.c
Modified: head/lib/libpam/modules/pam_krb5/pam_krb5.c
==============================================================================
--- head/lib/libpam/modules/pam_krb5/pam_krb5.c Sun Aug 5 13:38:15 2012 (r239061)
+++ head/lib/libpam/modules/pam_krb5/pam_krb5.c Sun Aug 5 13:40:35 2012 (r239062)
@@ -91,6 +91,7 @@ static void compat_free_data_contents(kr
#define PAM_OPT_NO_CCACHE "no_ccache"
#define PAM_OPT_NO_USER_CHECK "no_user_check"
#define PAM_OPT_REUSE_CCACHE "reuse_ccache"
+#define PAM_OPT_NO_USER_CHECK "no_user_check"
#define PAM_LOG_KRB5_ERR(ctx, rv, fmt, ...) \
do { \
@@ -218,10 +219,12 @@ pam_sm_authenticate(pam_handle_t *pamh,
PAM_LOG("PAM_USER Redone");
}
- pwd = getpwnam(user);
- if (pwd == NULL) {
- retval = PAM_USER_UNKNOWN;
- goto cleanup2;
+ if (!openpam_get_option(pamh, PAM_OPT_NO_USER_CHECK)) {
+ pwd = getpwnam(user);
+ if (pwd == NULL) {
+ retval = PAM_USER_UNKNOWN;
+ goto cleanup2;
+ }
}
PAM_LOG("Done getpwnam()");
More information about the svn-src-all
mailing list