From f042a54245e8a56aa441b9e0414c2a250da55fd6 Mon Sep 17 00:00:00 2001 From: Mark Murray Date: Sat, 14 Jul 2001 08:42:39 +0000 Subject: [PATCH] Use a better method of getting user credentials to account for (legal) UID duplication. Rename use_uid to auth_as_self for consistency with other modules. --- lib/libpam/modules/pam_wheel/pam_wheel.8 | 8 ++++---- lib/libpam/modules/pam_wheel/pam_wheel.c | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/lib/libpam/modules/pam_wheel/pam_wheel.8 b/lib/libpam/modules/pam_wheel/pam_wheel.8 index 1437234cb40a..57657e5d62c3 100644 --- a/lib/libpam/modules/pam_wheel/pam_wheel.8 +++ b/lib/libpam/modules/pam_wheel/pam_wheel.8 @@ -61,13 +61,13 @@ The following options may be passed to the authentication module: debugging information at .Dv LOG_DEBUG level. -.It Cm use_uid +.It Cm auth_as_self check for .Dq Li wheel membership against -the current UID +the current login name (given by -.Xr getuid 2 ) . +.Xr getlogin 2 ) . .It Cm trust return .Dv PAM_SUCCESS @@ -92,7 +92,7 @@ instead of the default group .Dq Li wheel . .El .Sh SEE ALSO -.Xr getuid 2 , +.Xr getlogin 2 , .Xr syslog 3 , .Xr group 5 , .Xr pam.conf 5 , diff --git a/lib/libpam/modules/pam_wheel/pam_wheel.c b/lib/libpam/modules/pam_wheel/pam_wheel.c index e5005e33fa72..9535d3e7d6f3 100644 --- a/lib/libpam/modules/pam_wheel/pam_wheel.c +++ b/lib/libpam/modules/pam_wheel/pam_wheel.c @@ -42,13 +42,13 @@ #include enum { PAM_OPT_DENY=PAM_OPT_STD_MAX, PAM_OPT_GROUP, PAM_OPT_TRUST, - PAM_OPT_USE_UID }; + PAM_OPT_AUTH_AS_SELF }; static struct opttab other_options[] = { { "deny", PAM_OPT_DENY }, { "group", PAM_OPT_GROUP }, { "trust", PAM_OPT_TRUST }, - { "use_uid", PAM_OPT_USE_UID }, + { "auth_as_self", PAM_OPT_AUTH_AS_SELF }, { NULL, 0 } }; @@ -92,8 +92,8 @@ pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, const char **argv) PAM_LOG("Not superuser"); - if (pam_test_option(&options, PAM_OPT_USE_UID, NULL)) { - temppwd = getpwuid(getuid()); + if (pam_test_option(&options, PAM_OPT_AUTH_AS_SELF, NULL)) { + temppwd = getpwnam(getlogin()); if (temppwd == NULL) PAM_RETURN(PAM_SERVICE_ERR); fromsu = temppwd->pw_name;