diff options
| author | Thorsten Kukuk <kukuk@thkukuk.de> | 2006-12-13 10:35:49 +0000 |
|---|---|---|
| committer | Thorsten Kukuk <kukuk@thkukuk.de> | 2006-12-13 10:35:49 +0000 |
| commit | e21c7e7fea8541afde5665fbc5643ad218f1d247 (patch) | |
| tree | 8bfb53f276c8001bf5e509cafa736839e6c09673 | |
| parent | 03209d3db52185b8c57ee0f5cccb18aa2c908122 (diff) | |
| download | pam-e21c7e7fea8541afde5665fbc5643ad218f1d247.tar.gz pam-e21c7e7fea8541afde5665fbc5643ad218f1d247.tar.bz2 pam-e21c7e7fea8541afde5665fbc5643ad218f1d247.zip | |
Relevant BUGIDs: 1606180
Purpose of commit: new feature
Commit summary:
---------------
2006-12-13 Thorsten Kukuk <kukuk@suse.de>
* modules/pam_localuser/pam_localuser.c: Add support for session
and chauthtok [SF#1606180].
* modules/pam_localuser/pam_localuser.8.xml: Document last change.
* libpam/pam_audit.c (_pam_audit_writelog): Print error message
only once.
| -rw-r--r-- | ChangeLog | 9 | ||||
| -rw-r--r-- | libpam/pam_audit.c | 8 | ||||
| -rw-r--r-- | modules/pam_localuser/pam_localuser.8 | 38 | ||||
| -rw-r--r-- | modules/pam_localuser/pam_localuser.8.xml | 4 | ||||
| -rw-r--r-- | modules/pam_localuser/pam_localuser.c | 27 |
5 files changed, 66 insertions, 20 deletions
@@ -1,3 +1,12 @@ +2006-12-13 Thorsten Kukuk <kukuk@suse.de> + + * modules/pam_localuser/pam_localuser.c: Add support for session + and chauthtok [SF#1606180]. + * modules/pam_localuser/pam_localuser.8.xml: Document last change. + + * libpam/pam_audit.c (_pam_audit_writelog): Print error message + only once. + 2006-12-12 Thorsten Kukuk <kukuk@thkukuk.de> * libpam/pam_audit.c (_pam_audit_writelog): Print error diff --git a/libpam/pam_audit.c b/libpam/pam_audit.c index 05be989c..ff1486aa 100644 --- a/libpam/pam_audit.c +++ b/libpam/pam_audit.c @@ -25,6 +25,7 @@ static int _pam_audit_writelog(pam_handle_t *pamh, int audit_fd, int type, const char *message, int retval) { + static int old_errno = -1; int rc; char buf[256]; @@ -34,8 +35,11 @@ _pam_audit_writelog(pam_handle_t *pamh, int audit_fd, int type, rc = audit_log_user_message( audit_fd, type, buf, pamh->rhost, NULL, pamh->tty, retval == PAM_SUCCESS ); - if (rc == -1) - pam_syslog(pamh, LOG_CRIT, "audit_log_user_message() failed: %m"); + if (rc == -1 && errno != old_errno) + { + old_errno = errno; + pam_syslog(pamh, LOG_CRIT, "audit_log_user_message() failed: %m"); + } pamh->audit_state |= PAMAUDIT_LOGGED; return rc; diff --git a/modules/pam_localuser/pam_localuser.8 b/modules/pam_localuser/pam_localuser.8 index c10cd073..e88f0b57 100644 --- a/modules/pam_localuser/pam_localuser.8 +++ b/modules/pam_localuser/pam_localuser.8 @@ -1,11 +1,11 @@ .\" Title: pam_localuser .\" Author: -.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> -.\" Date: 06/09/2006 +.\" Generator: DocBook XSL Stylesheets v1.71.0 <http://docbook.sf.net/> +.\" Date: 12/13/2006 .\" Manual: Linux\-PAM Manual .\" Source: Linux\-PAM Manual .\" -.TH "PAM_LOCALUSER" "8" "06/09/2006" "Linux\-PAM Manual" "Linux\-PAM Manual" +.TH "PAM_LOCALUSER" "8" "12/13/2006" "Linux\-PAM Manual" "Linux\-PAM Manual" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) @@ -22,31 +22,41 @@ pam_localuser is a PAM module to help implementing site\-wide login policies, wh This could also be implemented using pam_listfile.so and a very short awk script invoked by cron, but it's common enough to have been separated out. .SH "OPTIONS" .PP -.TP 3n +.PP \fBdebug\fR +.RS 3n Print debug information. -.TP 3n +.RE +.PP \fBfile=\fR\fB\fI/path/passwd\fR\fR +.RS 3n Use a file other than \fI/etc/passwd\fR. +.RE .SH "MODULE SERVICES PROVIDED" .PP -The -\fBauth\fR +All services (\fBaccount\fR, +\fBauth\fR, +\fBpassword\fR and -\fBaccount\fR -services are supported. +\fBsession\fR) are supported. .SH "RETURN VALUES" .PP -.TP 3n +.PP PAM_SUCCESS +.RS 3n The new localuser was set successfull. -.TP 3n +.RE +.PP PAM_SERVICE_ERR +.RS 3n No username was given. -.TP 3n +.RE +.PP PAM_USER_UNKNOWN +.RS 3n User not known. +.RE .SH "EXAMPLES" .PP Add the following line to @@ -62,9 +72,11 @@ account required pam_wheel.so .RE .sp .SH "FILES" -.TP 3n +.PP \fI/etc/passwd\fR +.RS 3n Local user account information. +.RE .SH "SEE ALSO" .PP diff --git a/modules/pam_localuser/pam_localuser.8.xml b/modules/pam_localuser/pam_localuser.8.xml index 22ed4434..ac00ce99 100644 --- a/modules/pam_localuser/pam_localuser.8.xml +++ b/modules/pam_localuser/pam_localuser.8.xml @@ -83,8 +83,8 @@ <refsect1 id="pam_localuser-services"> <title>MODULE SERVICES PROVIDED</title> <para> - The <emphasis remap='B'>auth</emphasis> and - <emphasis remap='B'>account</emphasis> services are supported. + All services (<option>account</option>, <option>auth</option>, + <option>password</option> and <option>session</option>) are supported. </para> </refsect1> diff --git a/modules/pam_localuser/pam_localuser.c b/modules/pam_localuser/pam_localuser.c index f99f4421..aa43bc4c 100644 --- a/modules/pam_localuser/pam_localuser.c +++ b/modules/pam_localuser/pam_localuser.c @@ -136,6 +136,27 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) return pam_sm_authenticate(pamh, flags, argc, argv); } +PAM_EXTERN int +pam_sm_open_session (pam_handle_t *pamh, int flags, + int argc, const char **argv) +{ + return pam_sm_authenticate(pamh, flags, argc, argv); +} + +PAM_EXTERN int +pam_sm_close_session (pam_handle_t *pamh, int flags, + int argc, const char **argv) +{ + return pam_sm_authenticate(pamh, flags, argc, argv); +} + +PAM_EXTERN int +pam_sm_chauthtok (pam_handle_t *pamh, int flags, + int argc, const char **argv) +{ + return pam_sm_authenticate(pamh, flags, argc, argv); +} + #ifdef PAM_STATIC /* static module data */ @@ -145,9 +166,9 @@ struct pam_module _pam_localuser_modstruct = { pam_sm_authenticate, pam_sm_setcred, pam_sm_acct_mgmt, - NULL, - NULL, - NULL, + pam_sm_open_session, + pam_sm_close_session, + pam_sm_chauthtok }; #endif |