Displaying 3 results from an estimated 3 matches for "passexpcod".
Did you mean:
passexpcode
2001 Nov 05
2
Security - ssh allows unintended access on AIX
...I have added a routine passwdexpires ( AIX Lib )
directly after loginrestrictions with the same code. I think this should
be urgently added to the code - hope this helps.
auth.c
/* mpi change expiresmsg */
#ifdef WITH_AIXAUTHENTICATE
char *loginmsg;
char *expiresmsg;
int passexpcode;
#endif /* WITH_AIXAUTHENTICATE */
#ifdef WITH_AIXAUTHENTICATE
auth.c
/* mpi change passwdexpires hinein */
if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) !=
0) {
if (loginmsg && *loginmsg) {
char *p;...
2002 Oct 13
1
[PATCH] AIX password expiration
...*p = ' ';
+ /*
+ * Don't check loginrestrictions or expiry for root account (use
+ * PermitRootLogin to control logins via ssh), or if running as
+ * non-root user (since loginrestrictions will always fail).
+ */
+ if ( (pw->pw_uid != 0) && (geteuid() == 0) ) {
+ int passexpcode;
+
+ /* check for AIX account restrictions */
+ if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &loginmsg) != 0) {
+ if (loginmsg && *loginmsg) {
+ aix_remove_embedded_newlines(loginmsg);
+ log("Login restricted for %s: %.100s", pw->pw_name, loginmsg);...
2002 Nov 20
0
[PATCH #9] Password expiration via /bin/passwd.
...OGIN, NULL, &loginmsg) != 0) {
- if (loginmsg && *loginmsg) {
- /* Remove embedded newlines (if any) */
- char *p;
- for (p = loginmsg; *p; p++) {
- if (*p == '\n')
- *p = ' ';
+ if ( (pw->pw_uid != 0) && (geteuid() == 0) ) {
+ char *msg;
+ int passexpcode;
+
+ /* check for AIX account restrictions */
+ if (loginrestrictions(pw->pw_name, S_RLOGIN, NULL, &msg) != 0) {
+ if (msg && *msg) {
+ aix_remove_embedded_newlines(msg);
+ log("Login restricted for %s: %.100s", pw->pw_name, msg);
+ xfree(msg);
}
- /*...