Don't log normal login_getpwclass(3) result.

The logging was introduced in r314527 but doesn't appear to be useful for regular operation, and as the result, for users with no class set (very common) the administrator would see a message like this in their auth.log: sshd[44251]: user root login class [preauth] (note that the class was "" because that's what's typically configured for most users; we would get 'default' if lc->lc_class is chosen) Remove this log as it can be annoying as the lookup happen before authentication and repeats, and our code is not acting upon lc_class or pw_class directly anyways. Reviewed by: cem, imp MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D24997
jakesfreeland · Jun 26, 2020 · 8d8b292 · 8d8b292
1 parent a9813b6
commit 8d8b292
Showing 1 changed file with 0 additions and 2 deletions.
diff --git a/crypto/openssh/auth2.c b/crypto/openssh/auth2.c
@@ -317,8 +317,6 @@ input_userauth_request(int type, u_int32_t seq, struct ssh *ssh)
 #ifdef HAVE_LOGIN_CAP
 	if (authctxt->pw != NULL &&
 	    (lc = PRIVSEP(login_getpwclass(authctxt->pw))) != NULL) {
-		logit("user %s login class %s", authctxt->pw->pw_name,
-		    authctxt->pw->pw_class);
 		from_host = auth_get_canonical_hostname(ssh, options.use_dns);
 		from_ip = ssh_remote_ipaddr(ssh);
 		if (!auth_hostok(lc, from_host, from_ip)) {