Change in ovirt-guest-agent[master]: pam: Fix the pam conversation approach
vfeenstr at redhat.com
vfeenstr at redhat.com
Tue Dec 10 08:25:52 UTC 2013
Vinzenz Feenstra has submitted this change and it was merged.
Change subject: pam: Fix the pam conversation approach
......................................................................
pam: Fix the pam conversation approach
Until now our PAM conversation was errorneous using pam_get_user
which is not correct for requests other than accquiring the username.
To correctly request the Token from the frontend we have to use a PAM
conversation. This is done via the pam_prompt function.
We also do check now, if the requesting user (if set) is identical with
the preset user. If this is not the case we will not unlock the screen.
Preset users should only be available if the screen was locked.
If the usernames aren't equal, the module will return PAM_CRED_UNAVAIL.
Additionally the logging was rewritten to use the syslog and more comments
have been added to describe the steps we're doing.
Change-Id: I4455ea61ffb27e854fe93bdc51068e12617955a2
Signed-off-by: Vinzenz Feenstra <vfeenstr at redhat.com>
---
M pam-ovirt-cred/pam_ovirt_cred.c
1 file changed, 59 insertions(+), 26 deletions(-)
Approvals:
Vinzenz Feenstra: Verified; Looks good to me, approved
--
To view, visit http://gerrit.ovirt.org/20073
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: I4455ea61ffb27e854fe93bdc51068e12617955a2
Gerrit-PatchSet: 5
Gerrit-Project: ovirt-guest-agent
Gerrit-Branch: master
Gerrit-Owner: Vinzenz Feenstra <vfeenstr at redhat.com>
Gerrit-Reviewer: Michal Skrivanek <michal.skrivanek at redhat.com>
Gerrit-Reviewer: Vinzenz Feenstra <vfeenstr at redhat.com>
Gerrit-Reviewer: oVirt Jenkins CI Server
More information about the Engine-commits
mailing list