diff options
author | Sumit Bose <sbose@redhat.com> | 2009-11-30 13:32:56 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-12-01 07:46:55 -0500 |
commit | ef79efc0c972e206d3dfa4923608a0aa97522987 (patch) | |
tree | 196065afcb4e6f372904bab19d2f8aa1f47405f9 | |
parent | fec8e03ce26a01a6c7304cb068038e2d0d8676df (diff) | |
download | sssd_unused-ef79efc0c972e206d3dfa4923608a0aa97522987.tar.gz sssd_unused-ef79efc0c972e206d3dfa4923608a0aa97522987.tar.xz sssd_unused-ef79efc0c972e206d3dfa4923608a0aa97522987.zip |
Immediately return a krb5 change password request when offline
-rw-r--r-- | server/providers/krb5/krb5_auth.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/server/providers/krb5/krb5_auth.c b/server/providers/krb5/krb5_auth.c index d5c25039..8848a510 100644 --- a/server/providers/krb5/krb5_auth.c +++ b/server/providers/krb5/krb5_auth.c @@ -801,6 +801,13 @@ void krb5_pam_handler(struct be_req *be_req) goto done; } + if (be_is_offline(be_req->be_ctx) && pd->cmd == SSS_PAM_CHAUTHTOK) { + DEBUG(9, ("Password changes are not possible while offline.\n")); + pam_status = PAM_AUTHINFO_UNAVAIL; + dp_err = DP_ERR_OFFLINE; + goto done; + } + attrs = talloc_array(be_req, const char *, 4); if (attrs == NULL) { goto done; |