- (djm) Add new UsePAM configuration directive to allow runtime control

over usage of PAM. This allows non-root use of sshd when built with --with-pam
author: djm <djm> 2003-05-14 05:11:48 +0000
committer: djm <djm> 2003-05-14 05:11:48 +0000
commit: a57327190a1c0fe3e456b7c3ca6d550bb2172056 (patch)
tree: bcbef19aa3a83f9b4ffd5556a9d917654b944dee /auth1.c
parent: b084f3eb966ff2100a6c545d9d9c6ade5c27f0a8 (diff)
download: openssh-a57327190a1c0fe3e456b7c3ca6d550bb2172056.tar.gz
1 files changed, 2 insertions, 6 deletions
diff --git a/auth1.c b/auth1.c
index 7fe36315..6cb0b04b 100644
--- a/auth1.c
+++ b/auth1.c
@@ -342,11 +342,6 @@ do_authloop(Authctxt *authctxt)
 		    !auth_root_allowed(get_authname(type)))
 			authenticated = 0;
 #endif
-#ifdef USE_PAM
-		if (!use_privsep && authenticated && 
-		    !do_pam_account(pw->pw_name, client_user))
-			authenticated = 0;
-#endif
 
 		/* Log before sending the reply */
 		auth_log(authctxt, authenticated, get_authname(type), info);
@@ -413,7 +408,8 @@ do_authentication(void)
 	    use_privsep ? " [net]" : "");
 
 #ifdef USE_PAM
-	PRIVSEP(start_pam(user));
+	if (options.use_pam)
+		PRIVSEP(start_pam(user));
 #endif
 
 	/*
author	djm <djm>	2003-05-14 05:11:48 +0000
committer	djm <djm>	2003-05-14 05:11:48 +0000
commit	a57327190a1c0fe3e456b7c3ca6d550bb2172056 (patch)
tree	bcbef19aa3a83f9b4ffd5556a9d917654b944dee /auth1.c
parent	b084f3eb966ff2100a6c545d9d9c6ade5c27f0a8 (diff)
download	openssh-a57327190a1c0fe3e456b7c3ca6d550bb2172056.tar.gz