diff options
Diffstat (limited to 'tests/pam-exec')
-rwxr-xr-x | tests/pam-exec | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/tests/pam-exec b/tests/pam-exec index 775ae49..81b3d12 100755 --- a/tests/pam-exec +++ b/tests/pam-exec @@ -2,18 +2,12 @@ echo "$0: $PAM_TYPE $PAM_USER" -if [ "$PAM_TYPE" == 'auth' ] || [ "$PAM_TYPE" == 'account' ] ; then +if [ "$PAM_TYPE" == 'auth' ] ; then PAM_FILE="/etc/pam-auth/$PAM_USER" if ! [ -f $PAM_FILE ] ; then echo "No [$PAM_FILE] for user [$PAM_USER]" >&2 exit 2 fi - if [ $PAM_TYPE == 'account' ] ; then - # For account check, existing file is enough to allow access - echo "$0: account [$PAM_USER] ok" - exit 0 - fi - # For auth, we compare the passwords read PASSWORD read CHECK_PASSWORD < $PAM_FILE @@ -24,5 +18,17 @@ if [ "$PAM_TYPE" == 'auth' ] || [ "$PAM_TYPE" == 'account' ] ; then echo "Provided password [$PASSWORD] does not match expected [$CHECK_PASSWORD]" >&2 exit 3 fi + +if [ "$PAM_TYPE" == 'account' ] ; then + PAM_FILE="/etc/pam-account/$PAM_USER" + if ! [ -f $PAM_FILE ] ; then + echo "No [$PAM_FILE] for user [$PAM_USER]" >&2 + exit 2 + fi + # For account check, existing file is enough to allow access + echo "$0: account [$PAM_USER] ok" + exit 0 +fi + echo "Unsupported PAM_TYPE [$PAM_TYPE]" >&2 exit 4 |