diff options
| author |   schwarze <schwarze@openbsd.org> | 2014-12-04 00:07:21 +0000 |
|---|---|---|
| committer | schwarze <schwarze@openbsd.org> | 2014-12-04 00:07:21 +0000 |
| commit | 90622da5738d844632eb0b975f5b2ae35de580a0 (patch) | |
| tree | b9612c3e7a8e50eb06e0fa791aee94cddb69b347 | |
| parent | replace md5 with sha512. ok deraadt (diff) | |
| download | wireguard-openbsd-90622da5738d844632eb0b975f5b2ae35de580a0.tar.xz wireguard-openbsd-90622da5738d844632eb0b975f5b2ae35de580a0.zip | |
AnonCVS is designed to work with a user account that has no password and a
very special shell, so do not complain about that particular combination.
Idea originally brought up by landry@ five years ago, repeatedly forgotten.
Using feedback from sthen@ millert@ halex@; OK landry@ ajacoutot@.
| -rw-r--r-- | libexec/security/security | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/libexec/security/security b/libexec/security/security index 2039a9cc6c6..5ebeaeecaa6 100644 --- a/libexec/security/security +++ b/libexec/security/security @@ -1,6 +1,6 @@ #!/usr/bin/perl -T -# $OpenBSD: security,v 1.31 2014/07/14 08:49:27 schwarze Exp $ +# $OpenBSD: security,v 1.32 2014/12/04 00:07:21 schwarze Exp $ # # Copyright (c) 2011, 2012, 2014 Ingo Schwarze <schwarze@openbsd.org> # Copyright (c) 2011 Andrew Fresh <andrew@afresh1.com> @@ -95,7 +95,8 @@ sub check_passwd { } nag length $name > 31, "Login $name has more than 31 characters."; - nag $pwd eq '', + nag $pwd eq '' && !($name eq 'anoncvs' && + $shell =~ /\/anoncvssh$/), "Login $name has no password."; if ($pwd ne '' && $pwd ne 'skey' && |