From 5031e7cc4b8bfc4037ba6ea029e20637090ccacb Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@riseup.net>
Date: Tue, 31 Dec 2019 08:18:38 -0500
Subject: [PATCH] better output if trying to login with non-existing user

---
 usr/lib/security-misc/pam-abort-on-locked-password | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/usr/lib/security-misc/pam-abort-on-locked-password b/usr/lib/security-misc/pam-abort-on-locked-password
index fcd5b23..71b432c 100755
--- a/usr/lib/security-misc/pam-abort-on-locked-password
+++ b/usr/lib/security-misc/pam-abort-on-locked-password
@@ -1,6 +1,11 @@
 #!/bin/bash
 
-if [ "$(passwd -S "$PAM_USER" | cut -d ' ' -f 2)" = "P" ]; then
+if ! passwd_output="$(passwd -S "$PAM_USER" 2>/dev/null)" ; then
+   echo "$0: ERROR: user \"$PAM_USER\" does not exist." >&2
+   exit 1
+fi
+
+if [ "$(echo "$passwd_output" | cut -d ' ' -f 2)" = "P" ]; then
    true "INFO: Password not locked."
 else
    echo "$0: ERROR: Password for user \"$PAM_USER\" is locked." >&2