pam_succeed_if can overflow to negative number when comparing high uid and gid values. As uid_t and gid_t is 32 bit unsigned integer when it is read back with strtol() on 32 bit machines it will not support values over 2^31 and on 64 bit machines the comparison functions convert the long value to int which makes the values over 2^31 to become negative. The attached patch corrects it by using long long and stroll(). We could also use unsigned long instead of long long but if we would like to add in future some signed integer to the values supported by pam_succeed_if it would be limiting. OK, to commit? -- Tomas Mraz No matter how far down the wrong road you've gone, turn back. Turkish proverb (You'll never know whether the road is wrong though.)