login: use "remote" as a PAM service name for "login -h"

Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/login-utils/login.1 b/login-utils/login.1
index 9ddf25b3d1aef83dc2cd0445f84b9ae8c6d1e22c..12273815942d1e85723b6f0452fc31521798912e 100644 (file)
--- a/login-utils/login.1
+++ b/login-utils/login.1
@@ -105,6 +105,14 @@ to pass the name of the remote host to
 so that it may be placed in utmp and wtmp.  Only the superuser may use
 this option.
 
+Note that the \fB-h\fP option has impact on the \fBPAM service name\fP. The standard
+service name is "login", with the \fB-h\fP option the name is "remote". It's
+necessary to create a proper PAM config files (e.g.
+.I /etc/pam.d/login
+and 
+.I /etc/pam.d/remote
+).
+
 .SH "SPECIAL ACCESS RESTRICTIONS"
 The file
 .I /etc/securetty
@@ -297,6 +305,8 @@ are allowed to log in from anywhere as is standard behavior.
 .I /etc/passwd
 .I /etc/nologin
 .I /etc/usertty
+.I /etc/pam.d/login
+.I /etc/pam.d/remote
 .I .hushlogin
 .fi
 .SH "SEE ALSO"

diff --git a/login-utils/login.c b/login-utils/login.c
index d362113589ef0b7c83e2f7271b62d68b2fe4be80..c924a1f5d7c34ef427db1976587fe0b78b56d510 100644 (file)
--- a/login-utils/login.c
+++ b/login-utils/login.c
@@ -552,7 +552,7 @@ main(int argc, char **argv)
      * Therefore, we are safe not setting it to anything
      */
 
-    retcode = pam_start("login",username, &conv, &pamh);
+    retcode = pam_start(hflag?"remote":"login",username, &conv, &pamh);
     if(retcode != PAM_SUCCESS) {
        fprintf(stderr, _("%s: PAM failure, aborting: %s\n"),
                "login", pam_strerror(pamh, retcode));