fix for pam proxy chauthtok

When a user from a domain served by the proxy backend changes his password with passwd the passwd command asks for the old password, but it is not validated by the pam_chauthtok call in the proxy backend, because it is running as root. If the request is coming the unpriviledged socket we now call pam_authenticate explicitly before pam_chauthtok.
author: Sumit Bose <sbose@redhat.com> 2009-04-23 16:33:39 +0200
committer: Stephen Gallagher <sgallagh@redhat.com> 2009-04-27 07:03:08 -0400
commit: 1cabd594f224825bd0eae543216d87801091c33c (patch)
tree: 8fec444497a911e377d42de9e156eacb54a184b9 /server/providers/data_provider.h
parent: a03f9612e6560d4aa32e2813cce1bad88b550713 (diff)
download: sssd-1cabd594f224825bd0eae543216d87801091c33c.tar.gz
sssd-1cabd594f224825bd0eae543216d87801091c33c.tar.xz
sssd-1cabd594f224825bd0eae543216d87801091c33c.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/server/providers/data_provider.h b/server/providers/data_provider.h
index 2c828fab3..9278e3961 100644
--- a/server/providers/data_provider.h
+++ b/server/providers/data_provider.h
@@ -115,6 +115,7 @@ struct pam_data {
     struct response_data *resp_list;
 
     bool offline_auth;
+    int priv;
 };
 
 void pam_print_data(int l, struct pam_data *pd);
author	Sumit Bose <sbose@redhat.com>	2009-04-23 16:33:39 +0200
committer	Stephen Gallagher <sgallagh@redhat.com>	2009-04-27 07:03:08 -0400
commit	1cabd594f224825bd0eae543216d87801091c33c (patch)
tree	8fec444497a911e377d42de9e156eacb54a184b9 /server/providers/data_provider.h
parent	a03f9612e6560d4aa32e2813cce1bad88b550713 (diff)
download	sssd-1cabd594f224825bd0eae543216d87801091c33c.tar.gz sssd-1cabd594f224825bd0eae543216d87801091c33c.tar.xz sssd-1cabd594f224825bd0eae543216d87801091c33c.zip