forked from systemd/systemd
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
homed: don't insist on authentication against host-copy user record
homed maintains two or three copies of the user's identity record per home directory: one on the host, one inside the LUKS header, and one embedded in the home directory. Previously we'd insist that if a user logs in they have to authenticate against all three, as a safety feature. This broke logging into unfixated records however, since in that case the host version is synthetic and thus does not carry any authentication data. Let's hence losen the strictness here: accept authentication against host records that carry no auth data. This should be safe as we know after all that the second/third record will catch invalid accesses. Fixes: systemd#15178
- Loading branch information
1 parent
1a53adb
commit c8f145a
Showing
3 changed files
with
29 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters