summaryrefslogtreecommitdiff
path: root/server/responder/pam
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2009-12-18 15:17:16 -0500
committerStephen Gallagher <sgallagh@redhat.com>2009-12-18 15:41:30 -0500
commit0c3c38247e7912f43c1c3b8b57c664f3d2e3b8f2 (patch)
tree7dd2e0f6f4541239acf86d879e29dc06ea6ff91e /server/responder/pam
parent2b4d76971e4ad803b42051fddb3add9fe2215dc2 (diff)
downloadsssd-0c3c38247e7912f43c1c3b8b57c664f3d2e3b8f2.tar.gz
sssd-0c3c38247e7912f43c1c3b8b57c664f3d2e3b8f2.tar.bz2
sssd-0c3c38247e7912f43c1c3b8b57c664f3d2e3b8f2.zip
Fix broken password changes for local users
Diffstat (limited to 'server/responder/pam')
-rw-r--r--server/responder/pam/pam_LOCAL_domain.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/server/responder/pam/pam_LOCAL_domain.c b/server/responder/pam/pam_LOCAL_domain.c
index 41d64b3e..b98459d6 100644
--- a/server/responder/pam/pam_LOCAL_domain.c
+++ b/server/responder/pam/pam_LOCAL_domain.c
@@ -367,7 +367,10 @@ static void local_handler_callback(void *pvt, int ldb_status,
switch (pd->cmd) {
case SSS_PAM_AUTHENTICATE:
case SSS_PAM_CHAUTHTOK:
- if (pd->cmd == SSS_PAM_CHAUTHTOK && lreq->preq->cctx->priv == 1) {
+ case SSS_PAM_CHAUTHTOK_PRELIM:
+ if ((pd->cmd == SSS_PAM_CHAUTHTOK ||
+ pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM) &&
+ lreq->preq->cctx->priv == 1) {
/* TODO: maybe this is a candiate for an explicit audit message. */
DEBUG(4, ("allowing root to reset a password.\n"));
break;
@@ -417,6 +420,8 @@ static void local_handler_callback(void *pvt, int ldb_status,
break;
case SSS_PAM_CLOSE_SESSION:
break;
+ case SSS_PAM_CHAUTHTOK_PRELIM:
+ break;
default:
lreq->error = EINVAL;
DEBUG(1, ("Unknown PAM task [%d].\n"));