From nobody@FreeBSD.org  Fri Feb 29 23:42:36 2008
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 49518106566C
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 29 Feb 2008 23:42:36 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 3AE888FC12
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 29 Feb 2008 23:42:36 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m1TNdiPF000552
	for <freebsd-gnats-submit@FreeBSD.org>; Fri, 29 Feb 2008 23:39:44 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id m1TNdial000551;
	Fri, 29 Feb 2008 23:39:44 GMT
	(envelope-from nobody)
Message-Id: <200802292339.m1TNdial000551@www.freebsd.org>
Date: Fri, 29 Feb 2008 23:39:44 GMT
From: "O. Hartmann" <ohartman@zedat.fu-berlin.de>
To: freebsd-gnats-submit@FreeBSD.org
Subject: passwd.c patch for usage with PAM/LDAP
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         121243
>Category:       bin
>Synopsis:       [patch] passwd(1) patch for usage with PAM/LDAP
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    des
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Fri Feb 29 23:50:00 UTC 2008
>Closed-Date:    
>Last-Modified:  Sun Mar 09 17:02:42 UTC 2008
>Originator:     O. Hartmann
>Release:        FreeBSD 7.0
>Organization:
FU Berlin
>Environment:
>Description:

This patch is around for two years now and solves the problem that passwd() as in the sources of FreeBSD up to 7.0/8.0 is not capable of changing passwords of users on LDAP. 
>How-To-Repeat:

>Fix:


Patch attached with submission follows:

--- passwd.c	2007-12-16 12:39:45.000000000 +0000
+++ passwd.c.new	2007-12-16 12:38:22.000000000 +0000
@@ -106,24 +106,10 @@
 		usage();
 	}
 
-	if (uid != 0 && uid != pwd->pw_uid)
+	if (uid !=0 && uid != pwd->pw_uid)
 		errx(1, "permission denied");
 
-	/* check where the user's from */
-	switch (pwd->pw_fields & _PWF_SOURCE) {
-	case _PWF_FILES:
-		fprintf(stderr, "Changing local password for %s\n",
-		    pwd->pw_name);
-		break;
-	case _PWF_NIS:
-		fprintf(stderr, "Changing NIS password for %s\n",
-		    pwd->pw_name);
-		break;
-	default:
-		/* XXX: Green men ought to be supported via PAM. */
-		errx(1, 
-	  "Sorry, `passwd' can only change passwords for local or NIS users.");
-	}
+	fprintf(stderr, "Changing password for %s\n", pwd->pw_name);
 
 #define pam_check(func) do { \
 	if (pam_err != PAM_SUCCESS) { \


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->des 
Responsible-Changed-By: rwatson 
Responsible-Changed-When: Sun Mar 9 17:02:11 UTC 2008 
Responsible-Changed-Why:  
Assign to Dag-Erling, who is responsible for our PAM implementation. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=121243 
>Unformatted:
