login: log PAM errors to syslog, not stderr
By Ian Wienand (ianw AT vmware.com) Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
parent
21d87d495a
commit
c297ea97e2
@ -409,7 +409,9 @@ int login_main(int argc UNUSED_PARAM, char **argv)
|
|||||||
break; /* success, continue login process */
|
break; /* success, continue login process */
|
||||||
|
|
||||||
pam_auth_failed:
|
pam_auth_failed:
|
||||||
bb_error_msg("pam_%s call failed: %s (%d)", failed_msg,
|
/* syslog, because we don't want potential attacker
|
||||||
|
* to know _why_ login failed */
|
||||||
|
syslog(LOG_WARNING, "pam_%s call failed: %s (%d)", failed_msg,
|
||||||
pam_strerror(pamh, pamret), pamret);
|
pam_strerror(pamh, pamret), pamret);
|
||||||
safe_strncpy(username, "UNKNOWN", sizeof(username));
|
safe_strncpy(username, "UNKNOWN", sizeof(username));
|
||||||
#else /* not PAM */
|
#else /* not PAM */
|
||||||
|
Loading…
Reference in New Issue
Block a user