mirror of git://anongit.mindrot.org/openssh.git
- dtucker@cvs.openbsd.org 2010/01/12 01:31:05
[session.c] Do not allow logins if /etc/nologin exists but is not readable by the user logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@
This commit is contained in:
parent
c6cc90b465
commit
1b0c2455da
|
@ -27,6 +27,10 @@
|
|||
[roaming_common.c]
|
||||
delete with extreme prejudice a debug() that fired with every keypress;
|
||||
ok dtucker deraadt
|
||||
- dtucker@cvs.openbsd.org 2010/01/12 01:31:05
|
||||
[session.c]
|
||||
Do not allow logins if /etc/nologin exists but is not readable by the user
|
||||
logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@
|
||||
|
||||
20100110
|
||||
- (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c]
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: session.c,v 1.249 2009/11/20 00:15:41 dtucker Exp $ */
|
||||
/* $OpenBSD: session.c,v 1.250 2010/01/12 01:31:05 dtucker Exp $ */
|
||||
/*
|
||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
* All rights reserved
|
||||
|
@ -1387,10 +1387,12 @@ do_nologin(struct passwd *pw)
|
|||
if (pw->pw_uid)
|
||||
f = fopen(_PATH_NOLOGIN, "r");
|
||||
#endif
|
||||
if (f) {
|
||||
if (f != NULL || errno == EPERM) {
|
||||
/* /etc/nologin exists. Print its contents and exit. */
|
||||
logit("User %.100s not allowed because %s exists",
|
||||
pw->pw_name, _PATH_NOLOGIN);
|
||||
if (f == NULL)
|
||||
exit(254);
|
||||
while (fgets(buf, sizeof(buf), f))
|
||||
fputs(buf, stderr);
|
||||
fclose(f);
|
||||
|
|
Loading…
Reference in New Issue