summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2012-04-22 11:08:10 +1000
committerDamien Miller <djm@mindrot.org>2012-04-22 11:08:10 +1000
commit29cd1888873d453f28609d8b301062cbaa4ab4d8 (patch)
tree8969f031134672e2c20e736efc83aea4a7445505
parenta563cced062d0d74843c0ee56a82faa860f10855 (diff)
- guenther@cvs.openbsd.org 2012/03/15 03:10:27
[session.c] root should always be excluded from the test for /etc/nologin instead of having it always enforced even when marked as ignorenologin. This regressed when the logic was incompletely flipped around in rev 1.251 ok halex@ millert@
-rw-r--r--ChangeLog6
-rw-r--r--session.c4
2 files changed, 8 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 179d3b50..5e621928 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,12 @@
- djm@cvs.openbsd.org 2012/02/29 11:21:26
[ssh-keygen.c]
allow conversion of RSA1 keys to public PEM and PKCS8; "nice" markus@
+ - guenther@cvs.openbsd.org 2012/03/15 03:10:27
+ [session.c]
+ root should always be excluded from the test for /etc/nologin instead
+ of having it always enforced even when marked as ignorenologin. This
+ regressed when the logic was incompletely flipped around in rev 1.251
+ ok halex@ millert@
20120420
- (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
diff --git a/session.c b/session.c
index 5dad2629..65bf2877 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.259 2011/10/24 02:13:13 djm Exp $ */
+/* $OpenBSD: session.c,v 1.260 2012/03/15 03:10:27 guenther Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -1390,7 +1390,7 @@ do_nologin(struct passwd *pw)
struct stat sb;
#ifdef HAVE_LOGIN_CAP
- if (login_getcapbool(lc, "ignorenologin", 0) && pw->pw_uid)
+ if (login_getcapbool(lc, "ignorenologin", 0) || pw->pw_uid == 0)
return;
nl = login_getcapstr(lc, "nologin", def_nl, def_nl);
#else