proxmox-mirrors/pve-access-control
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-access-control synced 2025-10-04 08:21:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

pam: set PAM_RHOST

Browse Source 
This allows pam modules to restrict users by host. For
instance, you could restrict root@pam to only 127.0.0.1.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
This commit is contained in:
Wolfgang Bumiller 2023-06-01 11:36:54 +02:00
parent 9d2996034d
commit 6c512352ae
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/PVE/Auth/PAM.pm
View File

@ -43,6 +43,12 @@ sub authenticate_user {
die "error during PAM init: $err";
}
if (my $rpcenv = PVE::RPCEnvironment::get()) {
if (my $ip = $rpcenv->get_client_ip()) {
$pamh->pam_set_item(PAM_RHOST(), $ip);
}
}
my $res;
if (($res = $pamh->pam_authenticate(0)) != PAM_SUCCESS) {