summaryrefslogtreecommitdiff
path: root/src/login/pam_systemd.c
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2021-05-31 21:55:44 +0200
committerLennart Poettering <lennart@poettering.net>2021-06-01 13:32:31 +0200
commitbfc0cc1a2506eb2327dca8e1a474be51634e8ab9 (patch)
tree51c0e7a5b722bd442e842894d95a53ae22824f22 /src/login/pam_systemd.c
parent17e7561a973495992014dd102135f15eb808ae01 (diff)
downloadsystemd-bfc0cc1a2506eb2327dca8e1a474be51634e8ab9.tar.gz
userdb: make most loading of JSON user record data "permissive"
We want user records to be extensible, hence we shouldn't complain about fields we can't parse. In particular we want them to be extensible for our own future extensions. Some code already turned the permissive flag when parsing the JSON data, but most did not. Fix that. A few select cases remain where the bit is not set: where we just gnerated the JSON data ourselves, and thus can be reasonably sure that if we can't parse it it's our immediate programming error and not just us processing a user record from some other tool or a newer version of ourselves.
Diffstat (limited to 'src/login/pam_systemd.c')
-rw-r--r--src/login/pam_systemd.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/login/pam_systemd.c b/src/login/pam_systemd.c
index 2021c31bd5..f8bd17eefe 100644
--- a/src/login/pam_systemd.c
+++ b/src/login/pam_systemd.c
@@ -141,7 +141,7 @@ static int acquire_user_record(
if (!ur)
return pam_log_oom(handle);
- r = user_record_load(ur, v, USER_RECORD_LOAD_REFUSE_SECRET);
+ r = user_record_load(ur, v, USER_RECORD_LOAD_REFUSE_SECRET|USER_RECORD_PERMISSIVE);
if (r < 0) {
pam_syslog(handle, LOG_ERR, "Failed to load user record: %s", strerror_safe(r));
return PAM_SERVICE_ERR;