aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSeraphim Mellos <mellos@ceid.upatras.gr>2008-07-06 16:35:33 +0300
committerSeraphim Mellos <mellos@ceid.upatras.gr>2008-07-06 16:35:33 +0300
commit62c3c572628e1092419e5acc4671b96fcace8221 (patch)
treeae29a8846673688e53fde28725239e70d2bc0b82
parentCompleted pam_permit/pam_deny (diff)
downloadopenpam-modules-62c3c572628e1092419e5acc4671b96fcace8221.tar.gz
openpam-modules-62c3c572628e1092419e5acc4671b96fcace8221.tar.bz2
openpam-modules-62c3c572628e1092419e5acc4671b96fcace8221.zip
Fixed a bug in pam_securetty
-rw-r--r--modules/Makefile4
-rw-r--r--modules/Makefile~10
-rw-r--r--modules/pam_securetty/pam_securetty.c20
-rw-r--r--modules/pam_unix/pam_unix.c5
4 files changed, 18 insertions, 21 deletions
diff --git a/modules/Makefile b/modules/Makefile
index e09247c..3b5ace0 100644
--- a/modules/Makefile
+++ b/modules/Makefile
@@ -2,8 +2,8 @@ all install clean:
$(MAKE) -C pam_unix $@
$(MAKE) -C pam_securetty $@
$(MAKE) -C pam_nologin $@
- $(MAKE) -C pam_shells $@
- $(MAKE) -C pam_wheel $@
+# $(MAKE) -C pam_shells $@
+# $(MAKE) -C pam_wheel $@
$(MAKE) -C pam_rootok $@
$(MAKE) -C pam_permit $@
$(MAKE) -C pam_deny $@
diff --git a/modules/Makefile~ b/modules/Makefile~
deleted file mode 100644
index e09247c..0000000
--- a/modules/Makefile~
+++ /dev/null
@@ -1,10 +0,0 @@
-all install clean:
- $(MAKE) -C pam_unix $@
- $(MAKE) -C pam_securetty $@
- $(MAKE) -C pam_nologin $@
- $(MAKE) -C pam_shells $@
- $(MAKE) -C pam_wheel $@
- $(MAKE) -C pam_rootok $@
- $(MAKE) -C pam_permit $@
- $(MAKE) -C pam_deny $@
-
diff --git a/modules/pam_securetty/pam_securetty.c b/modules/pam_securetty/pam_securetty.c
index 78c4bd5..f6d7bc2 100644
--- a/modules/pam_securetty/pam_securetty.c
+++ b/modules/pam_securetty/pam_securetty.c
@@ -1,11 +1,11 @@
#include <sys/types.h>
#include <sys/stat.h>
+#include <stdio.h>
#include <string.h>
#include <ttyent.h>
#include <pwd.h>
-
-#define PAM_SM_ACCOUNT
+#define PAM_SM_AUTH
#include <security/pam_appl.h>
#include <security/pam_modules.h>
@@ -14,7 +14,7 @@
#define TTY_PREFIX "/dev/"
PAM_EXTERN int
-pam_sm_acct_mgmt(pam_handle_t * pamh, int flags,
+pam_sm_authenticate(pam_handle_t * pamh, int flags,
int argc, const char * argv[])
{
struct passwd *pwd;
@@ -45,10 +45,9 @@ pam_sm_acct_mgmt(pam_handle_t * pamh, int flags,
if (tty != NULL && strncmp(TTY_PREFIX, tty, sizeof(TTY_PREFIX)) == 0) {
PAM_LOG("tty starts with " TTY_PREFIX);
- /* skip prefix */
+ /* get rid of prefix */
tty = (const char *)tty + sizeof(TTY_PREFIX) - 1;
}
-
/*
* Linux-PAM, before checking the actual tty,
* opens /etc/securettys to check if it's world
@@ -60,9 +59,18 @@ pam_sm_acct_mgmt(pam_handle_t * pamh, int flags,
if ( tty != NULL && (ttyinfo = getttynam(tty)) != NULL &&
(ttyinfo->ty_status & TTY_SECURE) != 0)
return (PAM_SUCCESS);
-
+
PAM_ERROR("Access denied: tty %s is not secure", tty);
return (PAM_AUTH_ERR);
}
+
+PAM_EXTERN int
+pam_sm_setcred(pam_handle_t *pamh , int flags ,
+ int argc , const char *argv[])
+{
+
+ return (PAM_SUCCESS);
+}
+
PAM_MODULE_ENTRY("pam_securetty");
diff --git a/modules/pam_unix/pam_unix.c b/modules/pam_unix/pam_unix.c
index 4072938..ad066e0 100644
--- a/modules/pam_unix/pam_unix.c
+++ b/modules/pam_unix/pam_unix.c
@@ -94,7 +94,6 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags,
pam_err = pam_get_authtok(pamh, PAM_AUTHTOK, (const char **) &pass, NULL);
PAM_LOG("Got password for user [%s]", user);
-
if (pam_err == PAM_CONV_ERR)
return (pam_err);
if (pam_err != PAM_SUCCESS)
@@ -144,7 +143,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
int pam_err;
const char *user;
time_t curtime;
-
+
/* Sanity checks for uname,pwd,tty,host etc */
pam_err = pam_get_user(pamh, &user, NULL);
@@ -205,6 +204,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
}
}
+
pam_err = (PAM_SUCCESS);
return (pam_err);
@@ -396,7 +396,6 @@ pam_sm_close_session( pam_handle_t * pamh, int flags,
{
char *user, *service;
int pam_err;
-
pam_err = pam_get_item(pamh, PAM_USER, (void *) &user);
if ( pam_err != PAM_SUCCESS || user == NULL || *user == '\0') {
PAM_ERROR("Close session - Error recovering username");