sssd/0001-handle-other-pam-calls-when-offline.patch

>From 883549efb0a55291b2e6bce05b51e0a6c5847dbb Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Tue, 28 Apr 2009 10:17:38 +0200
Subject: [PATCH] handle other pam calls when offline

---
 server/responder/pam/pamsrv_cmd.c |   10 ++++++++++
 1 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/server/responder/pam/pamsrv_cmd.c b/server/responder/pam/pamsrv_cmd.c
index 4c7bf1f..6d3f899 100644
--- a/server/responder/pam/pamsrv_cmd.c
+++ b/server/responder/pam/pamsrv_cmd.c
@@ -172,6 +172,16 @@ static void pam_reply(struct pam_auth_req *preq)
         }
     }
 
+/* TODO: we need the pam session cookie here to make sure that cached
+ * authentication was successful */
+    if ((pd->cmd == SSS_PAM_SETCRED || pd->cmd == SSS_PAM_ACCT_MGMT ||
+         pd->cmd == SSS_PAM_OPEN_SESSION || pd->cmd == SSS_PAM_CLOSE_SESSION) &&
+        pd->pam_status == PAM_AUTHINFO_UNAVAIL) {
+        DEBUG(2, ("Assuming offline authentication "
+                  "setting status for pam call %d to PAM_SUCCESS.\n", pd->cmd));
+        pd->pam_status = PAM_SUCCESS;
+    }
+
     cctx = preq->cctx;
 
     if (pd->response_delay > 0) {
-- 
1.6.0.6