diff options
author | Damien Miller <djm@mindrot.org> | 2000-06-22 21:44:54 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2000-06-22 21:44:54 +1000 |
commit | c19fd5f4e25f58af35cbede8a442ed3965e32eb0 (patch) | |
tree | 9e9447364c72efc5a73cc07bf6eca0ce74ee50cf | |
parent | 8b7c6af89ec12e392877dc90f4c84f13d8100577 (diff) |
Add explanation of PAM_TTY kludge
-rw-r--r-- | auth-pam.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/auth-pam.c b/auth-pam.c index 8ceb26917..da8c50d8d 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -34,7 +34,7 @@ | |||
34 | #include "xmalloc.h" | 34 | #include "xmalloc.h" |
35 | #include "servconf.h" | 35 | #include "servconf.h" |
36 | 36 | ||
37 | RCSID("$Id: auth-pam.c,v 1.7 2000/06/18 04:07:04 djm Exp $"); | 37 | RCSID("$Id: auth-pam.c,v 1.8 2000/06/22 11:44:54 djm Exp $"); |
38 | 38 | ||
39 | #define NEW_AUTHTOK_MSG \ | 39 | #define NEW_AUTHTOK_MSG \ |
40 | "Warning: You password has expired, please change it now" | 40 | "Warning: You password has expired, please change it now" |
@@ -245,7 +245,14 @@ void start_pam(struct passwd *pw) | |||
245 | fatal("PAM initialisation failed: %.200s", | 245 | fatal("PAM initialisation failed: %.200s", |
246 | PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); | 246 | PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); |
247 | } | 247 | } |
248 | 248 | ||
249 | /* | ||
250 | * Some PAM modules (e.g. pam_time) require a TTY to operate, | ||
251 | * and will fail in various stupid ways if they don't get one. | ||
252 | * sshd doesn't set the tty until too late in the auth process and may | ||
253 | * not even need one (for tty-less connections) | ||
254 | * Kludge: Set a fake PAM_TTY | ||
255 | */ | ||
249 | pam_retval = pam_set_item((pam_handle_t *)pamh, PAM_TTY, "ssh"); | 256 | pam_retval = pam_set_item((pam_handle_t *)pamh, PAM_TTY, "ssh"); |
250 | if (pam_retval != PAM_SUCCESS) { | 257 | if (pam_retval != PAM_SUCCESS) { |
251 | fatal("PAM set tty failed: %.200s", | 258 | fatal("PAM set tty failed: %.200s", |