1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
|
$NetBSD: patch-an,v 1.2 2002/01/29 17:10:11 jlam Exp $
--- modules/pam_unix/pam_unix_acct.c.orig Wed Dec 20 00:15:05 2000
+++ modules/pam_unix/pam_unix_acct.c
@@ -41,9 +41,12 @@
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
+#include <sys/param.h>
#include <syslog.h>
#include <pwd.h>
+#ifndef BSD
#include <shadow.h>
+#endif
#include <time.h> /* for time() */
#include <security/_pam_macros.h>
@@ -72,7 +75,7 @@
const char *uname;
int retval, daysleft;
time_t curdays;
- struct spwd *spent;
+ struct spwd *spent = NULL;
struct passwd *pwent;
char buf[80];
@@ -113,6 +116,9 @@
return PAM_CRED_INSUFFICIENT;
}
}
+#ifdef BSD
+ spent = NULL;
+#else
spent = getspnam( uname );
if (save_uid == pwent->pw_uid)
setreuid( save_uid, save_euid );
@@ -121,16 +127,42 @@
setreuid( save_uid, -1 );
setreuid( -1, save_euid );
}
-
+#endif
} else if (!strcmp( pwent->pw_passwd, "x" )) {
+#ifdef BSD
+ spent = NULL;
+#else
spent = getspnam(uname);
+#endif
} else {
+#if (defined(BSD) && BSD >= 199306)
+ time_t now = time(NULL);
+ if (now > pwent->pw_expire) {
+ _log_err(LOG_NOTICE
+ ,"account %s has expired (account expired)"
+ ,uname);
+ _make_remark(pamh, ctrl, PAM_ERROR_MSG,
+ "Your account has expired; please contact your system administrator");
+ D(("account expired"));
+ return PAM_ACCT_EXPIRED;
+ }
+ else if (now + _PASSWORD_WARNDAYS * 86400 > pwent->pw_expire) {
+ daysleft = (pwent->pw_expire - now) / 86400;
+ _log_err(LOG_DEBUG
+ ,"password for user %s will expire in %d days"
+ ,uname, daysleft);
+ snprintf(buf, 80, "Warning: your password will expire in %d day%.2s",
+ daysleft, daysleft == 1 ? "" : "s");
+ _make_remark(pamh, ctrl, PAM_TEXT_INFO, buf);
+ }
+#endif
return PAM_SUCCESS;
}
if (!spent)
return PAM_AUTHINFO_UNAVAIL; /* Couldn't get username from shadow */
+#ifndef BSD
curdays = time(NULL) / (60 * 60 * 24);
D(("today is %d, last change %d", curdays, spent->sp_lstchg));
if ((curdays > spent->sp_expire) && (spent->sp_expire != -1)
@@ -183,7 +215,7 @@
daysleft, daysleft == 1 ? "" : "s");
_make_remark(pamh, ctrl, PAM_TEXT_INFO, buf);
}
-
+#endif
D(("all done"));
return PAM_SUCCESS;
|