File passverify-always-run-the-helper-to-obtain-shadow-pwd.patch of Package pam.36767

--- Linux-PAM-1.1.8/modules/pam_unix/passverify.c	2024-12-06 21:47:47.896545770 +0100
+++ Linux-PAM-1.1.8-new/modules/pam_unix/passverify.c	2024-12-06 22:17:55.669338287 +0100
@@ -201,17 +201,21 @@ PAMH_ARG_DECL(int get_account_info,
 			return PAM_UNIX_RUN_HELPER;
 #endif
 		} else if (is_pwd_shadowed(*pwd)) {
+#ifdef HELPER_COMPILE
 			/*
-			 * ...and shadow password file entry for this user,
+			 * shadow password file entry for this user,
 			 * if shadowing is enabled
 			 */
-#ifndef HELPER_COMPILE
-			if (geteuid() || SELINUX_ENABLED)
-				return PAM_UNIX_RUN_HELPER;
-#endif
-			*spwdent = pam_modutil_getspnam(pamh, name);
+            *spwdent = getspnam(name);
 			if (*spwdent == NULL || (*spwdent)->sp_pwdp == NULL)
 				return PAM_AUTHINFO_UNAVAIL;
+#else
+			/*
+			 * The helper has to be invoked to deal with
+			 * the shadow password file entry.
+			 */
+			return PAM_UNIX_RUN_HELPER;
+#endif
 		}
 	} else {
 		return PAM_USER_UNKNOWN;