diff options
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | session.c | 4 |
2 files changed, 8 insertions, 2 deletions
| @@ -3,6 +3,12 @@ | |||
| 3 | - djm@cvs.openbsd.org 2012/02/29 11:21:26 | 3 | - djm@cvs.openbsd.org 2012/02/29 11:21:26 |
| 4 | [ssh-keygen.c] | 4 | [ssh-keygen.c] |
| 5 | allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@ | 5 | allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@ |
| 6 | - guenther@cvs.openbsd.org 2012/03/15 03:10:27 | ||
| 7 | [session.c] | ||
| 8 | root should always be excluded from the test for /etc/nologin instead | ||
| 9 | of having it always enforced even when marked as ignorenologin. This | ||
| 10 | regressed when the logic was incompletely flipped around in rev 1.251 | ||
| 11 | ok halex@ millert@ | ||
| 6 | 12 | ||
| 7 | 20120420 | 13 | 20120420 |
| 8 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | 14 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: session.c,v 1.259 2011/10/24 02:13:13 djm Exp $ */ | 1 | /* $OpenBSD: session.c,v 1.260 2012/03/15 03:10:27 guenther Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 3 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 4 | * All rights reserved | 4 | * All rights reserved |
| @@ -1390,7 +1390,7 @@ do_nologin(struct passwd *pw) | |||
| 1390 | struct stat sb; | 1390 | struct stat sb; |
| 1391 | 1391 | ||
| 1392 | #ifdef HAVE_LOGIN_CAP | 1392 | #ifdef HAVE_LOGIN_CAP |
| 1393 | if (login_getcapbool(lc, "ignorenologin", 0) && pw->pw_uid) | 1393 | if (login_getcapbool(lc, "ignorenologin", 0) || pw->pw_uid == 0) |
| 1394 | return; | 1394 | return; |
| 1395 | nl = login_getcapstr(lc, "nologin", def_nl, def_nl); | 1395 | nl = login_getcapstr(lc, "nologin", def_nl, def_nl); |
| 1396 | #else | 1396 | #else |