Andrew Geissler | ac970dd | 2021-02-12 15:32:45 -0600 | [diff] [blame^] | 1 | From 497e0fc7010969759c8247f7013a89589c44234a Mon Sep 17 00:00:00 2001 |
| 2 | From: Kai Kang <kai.kang@windriver.com> |
| 3 | Date: Thu, 17 Dec 2020 18:12:29 +0800 |
| 4 | Subject: [PATCH 3/8] check whether password expired with pam |
| 5 | |
| 6 | Introduce a new enum AuthResult type AUTH_PASSWD_EXPIRE. When user's |
| 7 | password is expired, return it. Only work with pam. |
| 8 | |
| 9 | Upstream-Status: Submitted [https://sourceforge.net/p/lxdm/code/merge-requests/1/] |
| 10 | |
| 11 | Signed-off-by: Kai Kang <kai.kang@windriver.com> |
| 12 | --- |
| 13 | src/lxdm.h | 1 + |
| 14 | src/pam.c | 4 ++++ |
| 15 | 2 files changed, 5 insertions(+) |
| 16 | |
| 17 | diff --git a/src/lxdm.h b/src/lxdm.h |
| 18 | index 568573f..1c2f837 100644 |
| 19 | --- a/src/lxdm.h |
| 20 | +++ b/src/lxdm.h |
| 21 | @@ -41,6 +41,7 @@ enum AuthResult |
| 22 | AUTH_SUCCESS, |
| 23 | AUTH_BAD_USER, |
| 24 | AUTH_FAIL, |
| 25 | + AUTH_PASSWD_EXPIRE, |
| 26 | AUTH_PRIV, |
| 27 | AUTH_ERROR |
| 28 | }; |
| 29 | diff --git a/src/pam.c b/src/pam.c |
| 30 | index 43bd687..16a36f0 100644 |
| 31 | --- a/src/pam.c |
| 32 | +++ b/src/pam.c |
| 33 | @@ -257,6 +257,10 @@ int lxdm_auth_user_authenticate(LXDM_AUTH *a,const char *user,const char *pass,i |
| 34 | return AUTH_FAIL; |
| 35 | } |
| 36 | ret=pam_acct_mgmt(a->handle,PAM_SILENT); |
| 37 | + if (ret == PAM_NEW_AUTHTOK_REQD) { |
| 38 | + g_debug("user %s account has expired\n", user); |
| 39 | + return AUTH_PASSWD_EXPIRE; |
| 40 | + } |
| 41 | if(ret!=PAM_SUCCESS) |
| 42 | { |
| 43 | g_debug("user %s acct mgmt fail with %d\n",user,ret); |
| 44 | -- |
| 45 | 2.25.1 |
| 46 | |