diff options
author | Sumit Bose <sbose@redhat.com> | 2009-03-05 15:50:40 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-03-05 11:17:45 -0500 |
commit | 917979b52ceb2519be8b114ecb51d6a8e01fe0d7 (patch) | |
tree | f3352806b401ddb39b1fe66c409c9ef7b53c673b /server/responder/pam | |
parent | 52c4af0623a9fc22640a73935cb1b316583cc398 (diff) | |
download | sssd-917979b52ceb2519be8b114ecb51d6a8e01fe0d7.tar.gz sssd-917979b52ceb2519be8b114ecb51d6a8e01fe0d7.tar.bz2 sssd-917979b52ceb2519be8b114ecb51d6a8e01fe0d7.zip |
added password reset by root
Diffstat (limited to 'server/responder/pam')
-rw-r--r-- | server/responder/pam/pam_LOCAL_domain.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/server/responder/pam/pam_LOCAL_domain.c b/server/responder/pam/pam_LOCAL_domain.c index 995dfc2d..4671eb9b 100644 --- a/server/responder/pam/pam_LOCAL_domain.c +++ b/server/responder/pam/pam_LOCAL_domain.c @@ -310,6 +310,11 @@ static void pam_handler_callback(void *pvt, int ldb_status, switch (lreq->pd->cmd) { case SSS_PAM_AUTHENTICATE: case SSS_PAM_CHAUTHTOK: + if (lreq->pd->cmd == SSS_PAM_CHAUTHTOK && lreq->cctx->priv == 1) { +/* TODO: maybe this is a candiate for an explicit audit message. */ + DEBUG(4, ("allowing root to reset a password.\n")); + break; + } ret = authtok2str(lreq, lreq->pd->authtok, lreq->pd->authtok_size, &authtok); NEQ_CHECK_OR_JUMP(ret, EOK, ("authtok2str failed.\n"), |