return authinfo_unavail if ldap_search_ext_s fails

jhrozek / pam_hbac

A simple pam account module to process HBAC rules stored on an IPA server

GNU General Public License v3.0

10 stars 9 forks source link

return authinfo_unavail if ldap_search_ext_s fails #85

Open jhrozek opened 8 years ago

jhrozek commented 8 years ago

we seem to return a different failure, so if we can connect to the server, but the search fails, we error out completely. This could lock out local users.

jhrozek commented 8 years ago

This would probably be nice together with some internal error codes, so not blocking 1.0

jhrozek commented 6 years ago

Actually, let's not do this unless contributed