Use a better method of getting user credentials to account for

(legal) UID duplication.

Rename use_uid to auth_as_self for consistency with other modules.

lib/libpam/modules/pam_wheel/pam_wheel.8

@@ -61,13 +61,13 @@ The following options may be passed to the authentication module:
 debugging information at
 .Dv LOG_DEBUG
 level.
-.It Cm use_uid
+.It Cm auth_as_self
 check for
 .Dq Li wheel
 membership against
-the current UID
+the current login name
 (given by
-.Xr getuid 2 ) .
+.Xr getlogin 2 ) .
 .It Cm trust
 return
 .Dv PAM_SUCCESS
@@ -92,7 +92,7 @@ instead of the default group
 .Dq Li wheel .
 .El
 .Sh SEE ALSO
-.Xr getuid 2 ,
+.Xr getlogin 2 ,
 .Xr syslog 3 ,
 .Xr group 5 ,
 .Xr pam.conf 5 ,

lib/libpam/modules/pam_wheel/pam_wheel.c

@@ -42,13 +42,13 @@
 #include <pam_mod_misc.h>
 
 enum { PAM_OPT_DENY=PAM_OPT_STD_MAX, PAM_OPT_GROUP, PAM_OPT_TRUST,
-	PAM_OPT_USE_UID };
+	PAM_OPT_AUTH_AS_SELF };
 
 static struct opttab other_options[] = {
 	{ "deny",		PAM_OPT_DENY },
 	{ "group",		PAM_OPT_GROUP },
 	{ "trust",		PAM_OPT_TRUST },
-	{ "use_uid",		PAM_OPT_USE_UID },
+	{ "auth_as_self",	PAM_OPT_AUTH_AS_SELF },
 	{ NULL, 0 }
 };
 
@@ -92,8 +92,8 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, const char **argv)
 
 	PAM_LOG("Not superuser");
 
-	if (pam_test_option(&options, PAM_OPT_USE_UID, NULL)) {
-		temppwd = getpwuid(getuid());
+	if (pam_test_option(&options, PAM_OPT_AUTH_AS_SELF, NULL)) {
+		temppwd = getpwnam(getlogin());
 		if (temppwd == NULL)
 			PAM_RETURN(PAM_SERVICE_ERR);
 		fromsu = temppwd->pw_name;