pam-0.79/Linux-PAM/modules/pam_unix/support.c: _unix_blankpasswd contains the following:
if ((retval == 1) && on(UNIX_NULLOK_SECURE, ctrl)) {
int retval2;
const char *uttyname;
retval2 = pam_get_item(pamh, PAM_TTY, (const void **)&uttyname);
if (retval2 != PAM_SUCCESS || uttyname == NULL)
return 0;
if (_pammodutil_tty_secure(uttyname) != PAM_SUCCESS)
return 0;
}
It appears that the tty is always checked if the password is blank.
Can anybody confirm that this is, in fact, the problem? Why is this check performed?
This is untested, but the problem might be this:
pam-0.79/ Linux-PAM/ modules/ pam_unix/ support. c: _unix_blankpasswd contains the following:
if ((retval == 1) && on(UNIX_ NULLOK_ SECURE, ctrl)) {
int retval2;
const char *uttyname;
retval2 = pam_get_item(pamh, PAM_TTY, (const void **)&uttyname);
if (retval2 != PAM_SUCCESS || uttyname == NULL)
return 0;
if (_pammodutil_ tty_secure( uttyname) != PAM_SUCCESS)
return 0;
}
It appears that the tty is always checked if the password is blank.
Can anybody confirm that this is, in fact, the problem? Why is this check performed?