summaryrefslogtreecommitdiff
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/responder/pam/pam_LOCAL_domain.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/server/responder/pam/pam_LOCAL_domain.c b/server/responder/pam/pam_LOCAL_domain.c
index 41d64b3e..b98459d6 100644
--- a/server/responder/pam/pam_LOCAL_domain.c
+++ b/server/responder/pam/pam_LOCAL_domain.c
@@ -367,7 +367,10 @@ static void local_handler_callback(void *pvt, int ldb_status,
switch (pd->cmd) {
case SSS_PAM_AUTHENTICATE:
case SSS_PAM_CHAUTHTOK:
- if (pd->cmd == SSS_PAM_CHAUTHTOK && lreq->preq->cctx->priv == 1) {
+ case SSS_PAM_CHAUTHTOK_PRELIM:
+ if ((pd->cmd == SSS_PAM_CHAUTHTOK ||
+ pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM) &&
+ lreq->preq->cctx->priv == 1) {
/* TODO: maybe this is a candiate for an explicit audit message. */
DEBUG(4, ("allowing root to reset a password.\n"));
break;
@@ -417,6 +420,8 @@ static void local_handler_callback(void *pvt, int ldb_status,
break;
case SSS_PAM_CLOSE_SESSION:
break;
+ case SSS_PAM_CHAUTHTOK_PRELIM:
+ break;
default:
lreq->error = EINVAL;
DEBUG(1, ("Unknown PAM task [%d].\n"));
generated by cgit (git 2.34.1) at 2024-11-18 08:52:48 +0000