Relevant BUGIDs: 127561

Purpose of commit: bugfix

Commit summary:
---------------
non-default config file option fixes (module and in documentation).

3 files changed, 16 insertions, 12 deletions

diff --git a/CHANGELOG b/CHANGELOG
index 4507d587..1a234b51 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -35,6 +35,8 @@ Where you should replace XXXXX with a bug-id.
 0.74: please submit patches for this section with actual code/doc
       patches!
 
+* pam_access - fixed the non-default config file option (Bug 127561 -
+  agmorgan)
 * pam.8 manual page clarified with respect to the default location for
   finding modules, also added some text describing the [...] control
   syntax. (Bug 127625 - agmorgan)
diff --git a/doc/modules/pam_access.sgml b/doc/modules/pam_access.sgml
index d6f317bd..00c7ea16 100644
--- a/doc/modules/pam_access.sgml
+++ b/doc/modules/pam_access.sgml
@@ -59,7 +59,7 @@ Provides logdaemon style login access control.
 
 <tag><bf>Recognized arguments:</bf></tag>
 
-<tt>accessconf=<it>/path/to/file.conf</it></tt>
+<tt>accessfile=<it>/path/to/file.conf</it></tt>
 
 <tag><bf>Description:</bf></tag>
 
@@ -75,7 +75,7 @@ The behavior of this module can be modified with the following
 arguments: 
 <itemize> 
  
-<item><tt>accessconf=/path/to/file.conf</tt> - 
+<item><tt>accessfile=/path/to/file.conf</tt> - 
 indicate an alternative <em/access/ configuration file to override 
 the default. This can be useful when different services need different 
 access lists. 
diff --git a/modules/pam_access/pam_access.c b/modules/pam_access/pam_access.c
index 384f1e0a..87ad708d 100644
--- a/modules/pam_access/pam_access.c
+++ b/modules/pam_access/pam_access.c
@@ -160,12 +160,12 @@ static int login_access(struct login_info *item)
 {
     FILE   *fp;
     char    line[BUFSIZ];
-    char   *perm;			/* becomes permission field */
-    char   *users;			/* becomes list of login names */
-    char   *froms;			/* becomes list of terminals or hosts */
+    char   *perm;		/* becomes permission field */
+    char   *users;		/* becomes list of login names */
+    char   *froms;		/* becomes list of terminals or hosts */
     int     match = NO;
     int     end;
-    int     lineno = 0;			/* for diagnostics */
+    int     lineno = 0;		/* for diagnostics */
 
     /*
      * Process the table one line at a time and stop at the first match.
@@ -175,12 +175,12 @@ static int login_access(struct login_info *item)
      * non-existing table means no access control.
      */
 
-    if ((fp = fopen(PAM_ACCESS_CONFIG, "r"))!=NULL) {
+    if ((fp = fopen(item->config_file, "r"))!=NULL) {
 	while (!match && fgets(line, sizeof(line), fp)) {
 	    lineno++;
 	    if (line[end = strlen(line) - 1] != '\n') {
 		_log_err("%s: line %d: missing newline or line too long",
-		       PAM_ACCESS_CONFIG, lineno);
+		       item->config_file, lineno);
 		continue;
 	    }
 	    if (line[0] == '#')
@@ -194,11 +194,13 @@ static int login_access(struct login_info *item)
 		|| !(users = strtok((char *) 0, fs))
 		|| !(froms = strtok((char *) 0, fs))
 		|| strtok((char *) 0, fs)) {
-		_log_err("%s: line %d: bad field count", PAM_ACCESS_CONFIG, lineno);
+		_log_err("%s: line %d: bad field count",
+			 item->config_file, lineno);
 		continue;
 	    }
 	    if (perm[0] != '+' && perm[0] != '-') {
-		_log_err("%s: line %d: bad first field", PAM_ACCESS_CONFIG, lineno);
+		_log_err("%s: line %d: bad first field",
+			 item->config_file, lineno);
 		continue;
 	    }
 	    match = (list_match(froms, item, from_match)
@@ -206,7 +208,7 @@ static int login_access(struct login_info *item)
 	}
 	(void) fclose(fp);
     } else if (errno != ENOENT) {
-	_log_err("cannot open %s: %m", PAM_ACCESS_CONFIG);
+	_log_err("cannot open %s: %m", item->config_file);
     }
     return (match == 0 || (line[0] == '+'));
 }
@@ -450,7 +452,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc
     if ((user_pw=getpwnam(user))==NULL) return (PAM_USER_UNKNOWN);
 
     /*
-     * Bundle up the arguments to avoid unnecessary clumsiness lateron.
+     * Bundle up the arguments to avoid unnecessary clumsiness later on.
      */
     loginfo.user = user_pw;
     loginfo.from = from;