diff options
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 30 |
1 files changed, 17 insertions, 13 deletions
@@ -456,11 +456,13 @@ do_exec_no_pty(Session *s, const char *command) | |||
456 | session_proctitle(s); | 456 | session_proctitle(s); |
457 | 457 | ||
458 | #if defined(USE_PAM) | 458 | #if defined(USE_PAM) |
459 | do_pam_session(s->pw->pw_name, NULL); | 459 | if (options.use_pam) { |
460 | do_pam_setcred(1); | 460 | do_pam_session(s->pw->pw_name, NULL); |
461 | if (is_pam_password_change_required()) | 461 | do_pam_setcred(1); |
462 | packet_disconnect("Password change required but no " | 462 | if (is_pam_password_change_required()) |
463 | "TTY available"); | 463 | packet_disconnect("Password change required but no " |
464 | "TTY available"); | ||
465 | } | ||
464 | #endif /* USE_PAM */ | 466 | #endif /* USE_PAM */ |
465 | 467 | ||
466 | /* Fork the child. */ | 468 | /* Fork the child. */ |
@@ -583,8 +585,10 @@ do_exec_pty(Session *s, const char *command) | |||
583 | ttyfd = s->ttyfd; | 585 | ttyfd = s->ttyfd; |
584 | 586 | ||
585 | #if defined(USE_PAM) | 587 | #if defined(USE_PAM) |
586 | do_pam_session(s->pw->pw_name, s->tty); | 588 | if (options.use_pam) { |
587 | do_pam_setcred(1); | 589 | do_pam_session(s->pw->pw_name, s->tty); |
590 | do_pam_setcred(1); | ||
591 | } | ||
588 | #endif | 592 | #endif |
589 | 593 | ||
590 | /* Fork the child. */ | 594 | /* Fork the child. */ |
@@ -753,7 +757,7 @@ do_login(Session *s, const char *command) | |||
753 | * If password change is needed, do it now. | 757 | * If password change is needed, do it now. |
754 | * This needs to occur before the ~/.hushlogin check. | 758 | * This needs to occur before the ~/.hushlogin check. |
755 | */ | 759 | */ |
756 | if (is_pam_password_change_required()) { | 760 | if (options.use_pam && is_pam_password_change_required()) { |
757 | print_pam_messages(); | 761 | print_pam_messages(); |
758 | do_pam_chauthtok(); | 762 | do_pam_chauthtok(); |
759 | } | 763 | } |
@@ -763,7 +767,7 @@ do_login(Session *s, const char *command) | |||
763 | return; | 767 | return; |
764 | 768 | ||
765 | #ifdef USE_PAM | 769 | #ifdef USE_PAM |
766 | if (!is_pam_password_change_required()) | 770 | if (options.use_pam && !is_pam_password_change_required()) |
767 | print_pam_messages(); | 771 | print_pam_messages(); |
768 | #endif /* USE_PAM */ | 772 | #endif /* USE_PAM */ |
769 | #ifdef WITH_AIXAUTHENTICATE | 773 | #ifdef WITH_AIXAUTHENTICATE |
@@ -1077,10 +1081,9 @@ do_setup_env(Session *s, const char *shell) | |||
1077 | * Pull in any environment variables that may have | 1081 | * Pull in any environment variables that may have |
1078 | * been set by PAM. | 1082 | * been set by PAM. |
1079 | */ | 1083 | */ |
1080 | { | 1084 | if (options.use_pam) { |
1081 | char **p; | 1085 | char **p = fetch_pam_environment(); |
1082 | 1086 | ||
1083 | p = fetch_pam_environment(); | ||
1084 | copy_environment(p, &env, &envsize); | 1087 | copy_environment(p, &env, &envsize); |
1085 | free_pam_environment(p); | 1088 | free_pam_environment(p); |
1086 | } | 1089 | } |
@@ -1248,7 +1251,8 @@ do_setusercontext(struct passwd *pw) | |||
1248 | * These will have been wiped by the above initgroups() call. | 1251 | * These will have been wiped by the above initgroups() call. |
1249 | * Reestablish them here. | 1252 | * Reestablish them here. |
1250 | */ | 1253 | */ |
1251 | do_pam_setcred(0); | 1254 | if (options.use_pam) |
1255 | do_pam_setcred(0); | ||
1252 | # endif /* USE_PAM */ | 1256 | # endif /* USE_PAM */ |
1253 | # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) | 1257 | # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) |
1254 | irix_setusercontext(pw); | 1258 | irix_setusercontext(pw); |