Hi Andreas, On Thu, Aug 11, 2022 at 04:45:06PM +0200, Andreas Rönnquist wrote: > To me it looks like the pam authenticator check miss a check with > pam_acct_mgmt in addition to the pam_authenticate that is already > there, see the attached patch. > > myproxy has similar code, and does a similar thing here: > > https://sources.debian.org/src/myproxy/6.2.14-2/auth_pam.c/?hl=227#L227 > > (It checks first with pam_authenticate(), then with pam_acct_mgmt(), > and would fail if account or password is expired).
Can you get in contact with upstream about it? Regards, Salvatore
