* src/login.c: fflg is already restricted to root. Move

	pam_acct_mgmt(), in case of fflg, earlier. This is equivalent and
	simplifies the code.

diff --git a/ChangeLog b/ChangeLog
index 02f6236df44c7fea47068adf49c4929162018227..0098d65c297f3091e425645ab940e46af1ec27ea 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2009-04-19  Nicolas François  <nicolas.francois@centraliens.net>
+
+       * src/login.c: fflg is already restricted to root. Move
+       pam_acct_mgmt(), in case of fflg, earlier. This is equivalent and
+       simplifies the code.
+
 2009-04-19  Paul Szabo  <psz@maths.usyd.edu.au>
 
        * libmisc/utmp.c: Always call endutent or endutxent when setutent

diff --git a/src/login.c b/src/login.c
index 94614a4f14a407e8d135a081fdb05f057f971047..4d60bc3d7235c1193ead2a74e7ae50d7d9a68f80 100644 (file)
--- a/src/login.c
+++ b/src/login.c
@@ -670,7 +670,7 @@ int main (int argc, char **argv)
        PAM_FAIL_CHECK;
 #endif
        /* if fflg, then the user has already been authenticated */
-       if (!fflg || (getuid () != 0)) {
+       if (!fflg) {
                int failcount = 0;
                char hostn[256];
                char loginprompt[256];  /* That's one hell of a prompt :) */
@@ -817,6 +817,9 @@ int main (int argc, char **argv)
                        retcode = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
                }
 
+               PAM_FAIL_CHECK;
+       } else (fflg) {
+               retcode = pam_acct_mgmt (pamh, 0);
                PAM_FAIL_CHECK;
        }
 
@@ -838,11 +841,6 @@ int main (int argc, char **argv)
                exit (1);
        }
 
-       if (fflg) {
-               retcode = pam_acct_mgmt (pamh, 0);
-               PAM_FAIL_CHECK;
-       }
-
        if (setup_groups (pwd) != 0) {
                exit (1);
        }