- (dtucker) [session.c] Bug #1045do not check /etc/nologin when PAM is

   enabled, instead allow PAM to handle it.  Note that on platforms using PAM,
   the pam_nologin module should be added to sshd's session stack in order to
   maintain exising behaviour.  Based on patch and discussion from t8m at
   centrum.cz, ok djm@

diff --git a/ChangeLog b/ChangeLog
index 030a40ecc9699c1a4c1d8a90cf787a21102eaab5..b84373f37f4ca092ca11d5c614b03d78392389a7 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,11 @@
  - (djm) [contrib/suse/openssh.spec contrib/suse/rc.
    sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init 
    files from imorgan AT nas.nasa.gov
+ - (dtucker) [session.c] Bug #1045do not check /etc/nologin when PAM is
+   enabled, instead allow PAM to handle it.  Note that on platforms using PAM,
+   the pam_nologin module should be added to sshd's session stack in order to
+   maintain exising behaviour.  Based on patch and discussion from t8m at
+   centrum.cz, ok djm@
 
 20051025
  - (dtucker) [configure.ac] Relocate LLONG_MAX calculation to after the

diff --git a/session.c b/session.c
index db8722f47ceb7f9cc0165ad743a1b3b36313adb8..2a1a25ac4a202508b1f67c7944f51f9af1f501a4 100644 (file)
--- a/session.c
+++ b/session.c
@@ -1471,7 +1471,9 @@ do_child(Session *s, const char *command)
                if (!check_quietlogin(s, command))
                        do_motd();
 #else /* HAVE_OSF_SIA */
-               do_nologin(pw);
+               /* When PAM is enabled we rely on it to do the nologin check */
+               if (!options.use_pam)
+                       do_nologin(pw);
                do_setusercontext(pw);
                /*
                 * PAM session modules in do_setusercontext may have