[Pkg-shadow-commits] r1366 - in upstream/trunk: . src

[nekral-guest at alioth.debian.org]

Author: nekral-guest
Date: 2007-11-17 16:05:54 +0000 (Sat, 17 Nov 2007)
New Revision: 1366

Modified:
   upstream/trunk/ChangeLog
   upstream/trunk/src/login.c
Log:
Log an error if the password entry could not be
found (respect LOG_UNKFAIL_ENAB to avoid logging a password). This
fixes the Debian bug http://bugs.debian.org/451521


Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog	2007-11-17 15:27:12 UTC (rev 1365)
+++ upstream/trunk/ChangeLog	2007-11-17 16:05:54 UTC (rev 1366)
@@ -1,5 +1,11 @@
 2007-11-17  Nicolas François  <nicolas.francois at centraliens.net>
 
+	* src/login.c: Log an error if the password entry could not be
+	found (respect LOG_UNKFAIL_ENAB to avoid logging a password). This
+	fixes the Debian bug http://bugs.debian.org/451521
+
+2007-11-17  Nicolas François  <nicolas.francois at centraliens.net>
+
 	* man/useradd.8.xml: -b documenation: Use the same notation for
 	the -d argument as in the -d documentation.
 

Modified: upstream/trunk/src/login.c
===================================================================
--- upstream/trunk/src/login.c	2007-11-17 15:27:12 UTC (rev 1365)
+++ upstream/trunk/src/login.c	2007-11-17 16:05:54 UTC (rev 1366)
@@ -739,17 +739,23 @@
 		    pam_get_item (pamh, PAM_USER, (const void **) &pam_user);
 		setpwent ();
 		pwd = getpwnam (pam_user);
+		if (!pwd) {
+			SYSLOG ((LOG_ERR, "getpwnam(%s) failed",
+				 getdef_bool ("LOG_UNKFAIL_ENAB") ?
+				 pam_user : "UNKNOWN"));
+			exit (1);
+		}
 
 		if (fflg) {
 			retcode = pam_acct_mgmt (pamh, 0);
 			PAM_FAIL_CHECK;
 		}
 
-		if (!pwd || setup_groups (pwd))
+		if (setup_groups (pwd)) {
 			exit (1);
-		else
-			pwent = *pwd;
 
+		pwent = *pwd;
+
 		retcode = pam_setcred (pamh, PAM_ESTABLISH_CRED);
 		PAM_FAIL_CHECK;