Relevant BUGIDs: Debian bugs #95220, #175900

author Steve Langasek <vorlon@debian.org>

Thu, 30 Aug 2007 15:15:41 +0000 (15:15 +0000)

committer Steve Langasek <vorlon@debian.org>

Thu, 30 Aug 2007 15:15:41 +0000 (15:15 +0000)
author Steve Langasek <vorlon@debian.org>
Thu, 30 Aug 2007 15:15:41 +0000 (15:15 +0000)
committer Steve Langasek <vorlon@debian.org>
Thu, 30 Aug 2007 15:15:41 +0000 (15:15 +0000)
diff --git a/ChangeLog b/ChangeLog

index 5c02eb4beb7829738c77db69986cf800f547628a..41094ad14170f5426873d6c2e6eef24e2b14b3b0 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -5,6 +5,11 @@
  
  2007-08-30  Steve Langasek  <vorlon@debian.org>
  
+       * modules/pam_unix/support.c, modules/pam_unix/unix_chkpwd.c:
+       A wrong username doesn't need to be logged at LOG_ALERT;
+       LOG_WARNING should be sufficient.
+       Patch from Sam Hartman <hartmans@debian.org>.
+
         * modules/pam_cracklib/pam_cracklib.c:
         s/CRACKLIB_DICT/CRACKLIB_DICTS/, for consistency with existing
         #define in pam_unix
diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c

index fc95f2c0eb4b12ab4d0710e05c0385a924679958..1472b96686f31523f5726d8d3c4236d7dbc323ea 100644 (file)
--- a/modules/pam_unix/support.c
+++ b/modules/pam_unix/support.c
@@ -665,12 +665,12 @@ int _unix_verify_password(pam_handle_t * pamh, const char *name
                         if (on(UNIX_AUDIT, ctrl)) {
                                 /* this might be a typo and the user has given a password
                                    instead of a username. Careful with this. */
-                               pam_syslog(pamh, LOG_ALERT,
+                               pam_syslog(pamh, LOG_WARNING,
                                          "check pass; user (%s) unknown", name);
                         } else {
                                 name = NULL;
                                 if (on(UNIX_DEBUG, ctrl) || pwd == NULL) {
-                                   pam_syslog(pamh, LOG_ALERT,
+                                   pam_syslog(pamh, LOG_WARNING,
                                             "check pass; user unknown");
                                 } else {
                                     /* don't log failure as another pam module can succeed */
diff --git a/modules/pam_unix/unix_chkpwd.c b/modules/pam_unix/unix_chkpwd.c

index 236ad5c213c3254f5c9bd67d19e818321a7f4316..486a8498b610322451af9774db223afca73444c3 100644 (file)
--- a/modules/pam_unix/unix_chkpwd.c
+++ b/modules/pam_unix/unix_chkpwd.c
@@ -179,7 +179,7 @@ static int _unix_verify_password(const char *name, const char *p, int nullok)
                 }
         }
         if (pwd == NULL || salt == NULL) {
-               _log_err(LOG_ALERT, "check pass; user unknown");
+               _log_err(LOG_WARNING, "check pass; user unknown");
                 p = NULL;
                 return PAM_USER_UNKNOWN;
         }
author	Steve Langasek <vorlon@debian.org>
	Thu, 30 Aug 2007 15:15:41 +0000 (15:15 +0000)
committer	Steve Langasek <vorlon@debian.org>
	Thu, 30 Aug 2007 15:15:41 +0000 (15:15 +0000)
ChangeLog		patch \| blob \| history
modules/pam_unix/support.c		patch \| blob \| history
modules/pam_unix/unix_chkpwd.c		patch \| blob \| history