Bug#321384: [Pkg-shadow-devel] Bug#321384: su refuses to change an
expired password for root
Alexander Gattin
arg at online.com.ua
Sat Aug 6 13:47:01 UTC 2005
And even more, I think it may/should include:
> > if (amroot) {
> > fprintf (stderr, _("%s: %s\n(Ignored)\n"), Prog,
> > pam_strerror (pamh, ret));
> > + } else if (ret == PAM_NEW_AUTHTOK_REQD) {
+ SYSLOG ((LOG_NOTICE, "pam_chauthtok: %s",
+ pam_strerror (pamh, ret)));
> > + ret = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
I.e. make notice to syslog independently on the user
changing her "authtok" successfully or not.
and instead of:
> > + if (ret != PAM_SUCCESS) {
> > + SYSLOG ((LOG_ERR, "pam_chauthtok: %s",
> > + pam_strerror (pamh, ret)));
> > + fprintf (stderr, _("%s: %s\n"), Prog,
> > + pam_strerror (pamh, ret));
> > + pam_end (pamh, ret);
> > + su_failure (tty);
> > + }
maybe just PAM_FAIL_CHECK;???
More information about the Pkg-shadow-devel
mailing list