diff options
author | Sumit Bose <sbose@redhat.com> | 2009-04-23 16:33:39 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-04-27 07:03:08 -0400 |
commit | 1cabd594f224825bd0eae543216d87801091c33c (patch) | |
tree | 8fec444497a911e377d42de9e156eacb54a184b9 /server/providers/data_provider.h | |
parent | a03f9612e6560d4aa32e2813cce1bad88b550713 (diff) | |
download | sssd-1cabd594f224825bd0eae543216d87801091c33c.tar.gz sssd-1cabd594f224825bd0eae543216d87801091c33c.tar.bz2 sssd-1cabd594f224825bd0eae543216d87801091c33c.zip |
fix for pam proxy chauthtok
When a user from a domain served by the proxy backend changes his
password with passwd the passwd command asks for the old password,
but it is not validated by the pam_chauthtok call in the proxy
backend, because it is running as root.
If the request is coming the unpriviledged socket we now call
pam_authenticate explicitly before pam_chauthtok.
Diffstat (limited to 'server/providers/data_provider.h')
-rw-r--r-- | server/providers/data_provider.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/server/providers/data_provider.h b/server/providers/data_provider.h index 2c828fab..9278e396 100644 --- a/server/providers/data_provider.h +++ b/server/providers/data_provider.h @@ -115,6 +115,7 @@ struct pam_data { struct response_data *resp_list; bool offline_auth; + int priv; }; void pam_print_data(int l, struct pam_data *pd); |