Steve Langasek <[email protected]> writes: > Russ, this seems to me like it might be a bug in pam_krb5 itself, rather > than in the new PAM config? I see the following code in api-password.c: > > if (args->ignore_root || args->minimum_uid > 0) { > status = pam_get_user(pamh, &user, NULL); > if (status == PAM_SUCCESS && pamk5_should_ignore(args, user)) { > pamret = PAM_PERM_DENIED; > goto done; > } > } > > So if pam_krb5 "should ignore" the user, the module returns > PAM_PERM_DENIED instead of PAM_IGNORE? Is this the intended behavior?
Ah, I missed this one on my sweep of implementing PAM_IGNORE (when I first started working on the module, PAM_IGNORE was not documented anywhere that I saw, so I didn't realize it existed). This should indeed be PAM_IGNORE instead. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> -- cannot change password https://bugs.launchpad.net/bugs/334795 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
