- (djm) Add new UsePAM configuration directive to allow runtime control over usage of PAM. This allows non-root use of sshd when built with --with-pam

commit: 4e448a31ae12e6f84caa7cdfc8b4c23db92459db [log] [tgz]
author: Damien Miller <djm@mindrot.org> Wed May 14 15:11:48 2003 +1000
committer: Damien Miller <djm@mindrot.org> Wed May 14 15:11:48 2003 +1000
tree: 8f4c0885c8c91456b4d27d7f405e9125b83491a4
parent: 9c617693c2250c62e5e326372bc783e3416a94b0 [diff] [blame]
diff --git a/auth1.c b/auth1.c
index 7fe3631..6cb0b04 100644
--- a/auth1.c
+++ b/auth1.c

@@ -342,11 +342,6 @@
 		    !auth_root_allowed(get_authname(type)))
 			authenticated = 0;
 #endif
-#ifdef USE_PAM
-		if (!use_privsep && authenticated && 
-		    !do_pam_account(pw->pw_name, client_user))
-			authenticated = 0;
-#endif
 
 		/* Log before sending the reply */
 		auth_log(authctxt, authenticated, get_authname(type), info);
@@ -413,7 +408,8 @@
 	    use_privsep ? " [net]" : "");
 
 #ifdef USE_PAM
-	PRIVSEP(start_pam(user));
+	if (options.use_pam)
+		PRIVSEP(start_pam(user));
 #endif
 
 	/*
commit	4e448a31ae12e6f84caa7cdfc8b4c23db92459db	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Wed May 14 15:11:48 2003 +1000
committer	Damien Miller <djm@mindrot.org>	Wed May 14 15:11:48 2003 +1000
tree	8f4c0885c8c91456b4d27d7f405e9125b83491a4
parent	9c617693c2250c62e5e326372bc783e3416a94b0 [diff] [blame]