diff options
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 30 |
1 files changed, 17 insertions, 13 deletions
| @@ -456,11 +456,13 @@ do_exec_no_pty(Session *s, const char *command) | |||
| 456 | session_proctitle(s); | 456 | session_proctitle(s); |
| 457 | 457 | ||
| 458 | #if defined(USE_PAM) | 458 | #if defined(USE_PAM) |
| 459 | do_pam_session(s->pw->pw_name, NULL); | 459 | if (options.use_pam) { |
| 460 | do_pam_setcred(1); | 460 | do_pam_session(s->pw->pw_name, NULL); |
| 461 | if (is_pam_password_change_required()) | 461 | do_pam_setcred(1); |
| 462 | packet_disconnect("Password change required but no " | 462 | if (is_pam_password_change_required()) |
| 463 | "TTY available"); | 463 | packet_disconnect("Password change required but no " |
| 464 | "TTY available"); | ||
| 465 | } | ||
| 464 | #endif /* USE_PAM */ | 466 | #endif /* USE_PAM */ |
| 465 | 467 | ||
| 466 | /* Fork the child. */ | 468 | /* Fork the child. */ |
| @@ -583,8 +585,10 @@ do_exec_pty(Session *s, const char *command) | |||
| 583 | ttyfd = s->ttyfd; | 585 | ttyfd = s->ttyfd; |
| 584 | 586 | ||
| 585 | #if defined(USE_PAM) | 587 | #if defined(USE_PAM) |
| 586 | do_pam_session(s->pw->pw_name, s->tty); | 588 | if (options.use_pam) { |
| 587 | do_pam_setcred(1); | 589 | do_pam_session(s->pw->pw_name, s->tty); |
| 590 | do_pam_setcred(1); | ||
| 591 | } | ||
| 588 | #endif | 592 | #endif |
| 589 | 593 | ||
| 590 | /* Fork the child. */ | 594 | /* Fork the child. */ |
| @@ -753,7 +757,7 @@ do_login(Session *s, const char *command) | |||
| 753 | * If password change is needed, do it now. | 757 | * If password change is needed, do it now. |
| 754 | * This needs to occur before the ~/.hushlogin check. | 758 | * This needs to occur before the ~/.hushlogin check. |
| 755 | */ | 759 | */ |
| 756 | if (is_pam_password_change_required()) { | 760 | if (options.use_pam && is_pam_password_change_required()) { |
| 757 | print_pam_messages(); | 761 | print_pam_messages(); |
| 758 | do_pam_chauthtok(); | 762 | do_pam_chauthtok(); |
| 759 | } | 763 | } |
| @@ -763,7 +767,7 @@ do_login(Session *s, const char *command) | |||
| 763 | return; | 767 | return; |
| 764 | 768 | ||
| 765 | #ifdef USE_PAM | 769 | #ifdef USE_PAM |
| 766 | if (!is_pam_password_change_required()) | 770 | if (options.use_pam && !is_pam_password_change_required()) |
| 767 | print_pam_messages(); | 771 | print_pam_messages(); |
| 768 | #endif /* USE_PAM */ | 772 | #endif /* USE_PAM */ |
| 769 | #ifdef WITH_AIXAUTHENTICATE | 773 | #ifdef WITH_AIXAUTHENTICATE |
| @@ -1077,10 +1081,9 @@ do_setup_env(Session *s, const char *shell) | |||
| 1077 | * Pull in any environment variables that may have | 1081 | * Pull in any environment variables that may have |
| 1078 | * been set by PAM. | 1082 | * been set by PAM. |
| 1079 | */ | 1083 | */ |
| 1080 | { | 1084 | if (options.use_pam) { |
| 1081 | char **p; | 1085 | char **p = fetch_pam_environment(); |
| 1082 | 1086 | ||
| 1083 | p = fetch_pam_environment(); | ||
| 1084 | copy_environment(p, &env, &envsize); | 1087 | copy_environment(p, &env, &envsize); |
| 1085 | free_pam_environment(p); | 1088 | free_pam_environment(p); |
| 1086 | } | 1089 | } |
| @@ -1248,7 +1251,8 @@ do_setusercontext(struct passwd *pw) | |||
| 1248 | * These will have been wiped by the above initgroups() call. | 1251 | * These will have been wiped by the above initgroups() call. |
| 1249 | * Reestablish them here. | 1252 | * Reestablish them here. |
| 1250 | */ | 1253 | */ |
| 1251 | do_pam_setcred(0); | 1254 | if (options.use_pam) |
| 1255 | do_pam_setcred(0); | ||
| 1252 | # endif /* USE_PAM */ | 1256 | # endif /* USE_PAM */ |
| 1253 | # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) | 1257 | # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) |
| 1254 | irix_setusercontext(pw); | 1258 | irix_setusercontext(pw); |