$NetBSD: patch-an,v 1.2 2002/01/29 17:10:11 jlam Exp $ --- modules/pam_unix/pam_unix_acct.c.orig Wed Dec 20 00:15:05 2000 +++ modules/pam_unix/pam_unix_acct.c @@ -41,9 +41,12 @@ #include #include #include +#include #include #include +#ifndef BSD #include +#endif #include /* for time() */ #include @@ -72,7 +75,7 @@ const char *uname; int retval, daysleft; time_t curdays; - struct spwd *spent; + struct spwd *spent = NULL; struct passwd *pwent; char buf[80]; @@ -113,6 +116,9 @@ return PAM_CRED_INSUFFICIENT; } } +#ifdef BSD + spent = NULL; +#else spent = getspnam( uname ); if (save_uid == pwent->pw_uid) setreuid( save_uid, save_euid ); @@ -121,16 +127,42 @@ setreuid( save_uid, -1 ); setreuid( -1, save_euid ); } - +#endif } else if (!strcmp( pwent->pw_passwd, "x" )) { +#ifdef BSD + spent = NULL; +#else spent = getspnam(uname); +#endif } else { +#if (defined(BSD) && BSD >= 199306) + time_t now = time(NULL); + if (now > pwent->pw_expire) { + _log_err(LOG_NOTICE + ,"account %s has expired (account expired)" + ,uname); + _make_remark(pamh, ctrl, PAM_ERROR_MSG, + "Your account has expired; please contact your system administrator"); + D(("account expired")); + return PAM_ACCT_EXPIRED; + } + else if (now + _PASSWORD_WARNDAYS * 86400 > pwent->pw_expire) { + daysleft = (pwent->pw_expire - now) / 86400; + _log_err(LOG_DEBUG + ,"password for user %s will expire in %d days" + ,uname, daysleft); + snprintf(buf, 80, "Warning: your password will expire in %d day%.2s", + daysleft, daysleft == 1 ? "" : "s"); + _make_remark(pamh, ctrl, PAM_TEXT_INFO, buf); + } +#endif return PAM_SUCCESS; } if (!spent) return PAM_AUTHINFO_UNAVAIL; /* Couldn't get username from shadow */ +#ifndef BSD curdays = time(NULL) / (60 * 60 * 24); D(("today is %d, last change %d", curdays, spent->sp_lstchg)); if ((curdays > spent->sp_expire) && (spent->sp_expire != -1) @@ -183,7 +215,7 @@ daysleft, daysleft == 1 ? "" : "s"); _make_remark(pamh, ctrl, PAM_TEXT_INFO, buf); } - +#endif D(("all done")); return PAM_SUCCESS;