Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
pam_unix: Always honor nis flag on password change (by Aaron Hope)

diff --git a/CHANGELOG b/CHANGELOG
index 64ff81086c7cdb65eb0d1a8ba8732c5cb5bc0e10..4957260fcb45a2c397c006b6cffdf81d2f21d373 100644 (file)
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -63,6 +63,7 @@ bug report - outstanding bugs are listed here:
 * pam_echo: New PAM module for message output (kukuk)
 * pam_limits: Fix regression from RLIMIT_NICE support (wrong limit
   values for other limits are applied) patch by Anton Guda
+* pam_unix: Always honor nis flag on password change (by Aaron Hope)
 
 0.80: Wed Jul 13 13:23:20 CEST 2005
 * pam_tally: test for NULL data before dereferencing them (t8m)

diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
index 7eb9bc73d02d5337ab4f388b3ff08b2206567c22..54b3de8326123a1b4c502f2664f062ed57abe7ca 100644 (file)
--- a/modules/pam_unix/pam_unix_passwd.c
+++ b/modules/pam_unix/pam_unix_passwd.c
@@ -1051,10 +1051,10 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
         * getpwnam() doesn't tell you *where* the information it gives you
         * came from, nor should it.  That's our job.
         */
-       if (_unix_comesfromsource(pamh, user, 1, 1) == 0) {
+       if (_unix_comesfromsource(pamh, user, 1, on(UNIX_NIS, ctrl)) == 0) {
                _log_err(LOG_DEBUG, pamh,
-                        "user \"%s\" does not exist in /etc/passwd or NIS",
-                        user);
+                        "user \"%s\" does not exist in /etc/passwd%s",
+                        user, on(UNIX_NIS, ctrl) ? " or NIS" : "");
                return PAM_USER_UNKNOWN;
        } else {
                struct passwd *pwd;