diff options
Diffstat (limited to 'loginutils')
-rw-r--r-- | loginutils/login.c | 40 |
1 files changed, 26 insertions, 14 deletions
diff --git a/loginutils/login.c b/loginutils/login.c index 3b4cf2af8..7f8907543 100644 --- a/loginutils/login.c +++ b/loginutils/login.c | |||
@@ -307,18 +307,26 @@ int login_main(int argc, char **argv) | |||
307 | goto pam_auth_failed; | 307 | goto pam_auth_failed; |
308 | } | 308 | } |
309 | pamret = pam_authenticate(pamh, 0); | 309 | pamret = pam_authenticate(pamh, 0); |
310 | if (pamret == PAM_SUCCESS) { | 310 | if (pamret != PAM_SUCCESS) { |
311 | char *pamuser; | 311 | failed_msg = "pam_authenticate"; |
312 | /* check that the account is healthy. */ | 312 | goto pam_auth_failed; |
313 | pamret = pam_acct_mgmt(pamh, 0); | 313 | /* TODO: or just "goto auth_failed" |
314 | if (pamret != PAM_SUCCESS) { | 314 | * since user seems to enter wrong password |
315 | failed_msg = "account setup"; | 315 | * (in this case pamret == 7) |
316 | goto pam_auth_failed; | 316 | */ |
317 | } | 317 | } |
318 | /* read user back */ | 318 | /* check that the account is healthy */ |
319 | pamret = pam_acct_mgmt(pamh, 0); | ||
320 | if (pamret != PAM_SUCCESS) { | ||
321 | failed_msg = "account setup"; | ||
322 | goto pam_auth_failed; | ||
323 | } | ||
324 | /* read user back */ | ||
325 | { | ||
326 | const char *pamuser; | ||
319 | /* gcc: "dereferencing type-punned pointer breaks aliasing rules..." | 327 | /* gcc: "dereferencing type-punned pointer breaks aliasing rules..." |
320 | * thus we use double cast */ | 328 | * thus we cast to (void*) */ |
321 | if (pam_get_item(pamh, PAM_USER, (const void **)(void*)&pamuser) != PAM_SUCCESS) { | 329 | if (pam_get_item(pamh, PAM_USER, (void*)&pamuser) != PAM_SUCCESS) { |
322 | failed_msg = "pam_get_item(USER)"; | 330 | failed_msg = "pam_get_item(USER)"; |
323 | goto pam_auth_failed; | 331 | goto pam_auth_failed; |
324 | } | 332 | } |
@@ -331,7 +339,7 @@ int login_main(int argc, char **argv) | |||
331 | break; | 339 | break; |
332 | goto auth_failed; | 340 | goto auth_failed; |
333 | pam_auth_failed: | 341 | pam_auth_failed: |
334 | bb_error_msg("%s failed: %s", failed_msg, pam_strerror(pamh, pamret)); | 342 | bb_error_msg("%s failed: %s (%d)", failed_msg, pam_strerror(pamh, pamret), pamret); |
335 | safe_strncpy(username, "UNKNOWN", sizeof(username)); | 343 | safe_strncpy(username, "UNKNOWN", sizeof(username)); |
336 | #else /* not PAM */ | 344 | #else /* not PAM */ |
337 | pw = getpwnam(username); | 345 | pw = getpwnam(username); |
@@ -360,6 +368,7 @@ int login_main(int argc, char **argv) | |||
360 | auth_failed: | 368 | auth_failed: |
361 | opt &= ~LOGIN_OPT_f; | 369 | opt &= ~LOGIN_OPT_f; |
362 | bb_do_delay(FAIL_DELAY); | 370 | bb_do_delay(FAIL_DELAY); |
371 | /* TODO: doesn't sound like correct English phrase to me */ | ||
363 | puts("Login incorrect"); | 372 | puts("Login incorrect"); |
364 | if (++count == 3) { | 373 | if (++count == 3) { |
365 | syslog(LOG_WARNING, "invalid password for '%s'%s", | 374 | syslog(LOG_WARNING, "invalid password for '%s'%s", |
@@ -423,7 +432,9 @@ int login_main(int argc, char **argv) | |||
423 | tmp = pw->pw_shell; | 432 | tmp = pw->pw_shell; |
424 | if (!tmp || !*tmp) | 433 | if (!tmp || !*tmp) |
425 | tmp = DEFAULT_SHELL; | 434 | tmp = DEFAULT_SHELL; |
435 | /* setup_environment params: shell, loginshell, changeenv, pw */ | ||
426 | setup_environment(tmp, 1, !(opt & LOGIN_OPT_p), pw); | 436 | setup_environment(tmp, 1, !(opt & LOGIN_OPT_p), pw); |
437 | /* FIXME: login shell = 1 -> 3rd parameter is ignored! */ | ||
427 | 438 | ||
428 | motd(); | 439 | motd(); |
429 | 440 | ||
@@ -454,7 +465,8 @@ int login_main(int argc, char **argv) | |||
454 | * should it leave SIGINT etc enabled or disabled? */ | 465 | * should it leave SIGINT etc enabled or disabled? */ |
455 | signal(SIGINT, SIG_DFL); | 466 | signal(SIGINT, SIG_DFL); |
456 | 467 | ||
457 | run_shell(tmp, 1, 0, 0); /* exec the shell finally */ | 468 | /* Exec login shell with no additional parameters */ |
469 | run_shell(tmp, 1, NULL, NULL); | ||
458 | 470 | ||
459 | return EXIT_FAILURE; | 471 | /* return EXIT_FAILURE; - not reached */ |
460 | } | 472 | } |