diff options
| author | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 12:48:14 -0800 |
|---|---|---|
| committer | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 12:48:14 -0800 |
| commit | d5b06b67bbeeed7c05c0eb2e05d6a972ad050d1c (patch) | |
| tree | ba5654cffacfd2002eefc5bc3764a7971afff1dc /Linux-PAM/modules/pam_rootok/pam_rootok.c | |
| parent | 4c51da22e068907adb7857d50f5109a467c94d7c (diff) | |
| parent | 7cbfa335c57d068d59508c844f3957165cccfb9b (diff) | |
| download | pam-d5b06b67bbeeed7c05c0eb2e05d6a972ad050d1c.tar.gz pam-d5b06b67bbeeed7c05c0eb2e05d6a972ad050d1c.tar.bz2 pam-d5b06b67bbeeed7c05c0eb2e05d6a972ad050d1c.zip | |
New upstream version 0.99.7.1
Diffstat (limited to 'Linux-PAM/modules/pam_rootok/pam_rootok.c')
| -rw-r--r-- | Linux-PAM/modules/pam_rootok/pam_rootok.c | 48 |
1 files changed, 22 insertions, 26 deletions
diff --git a/Linux-PAM/modules/pam_rootok/pam_rootok.c b/Linux-PAM/modules/pam_rootok/pam_rootok.c index e1e09b6e..4eb34412 100644 --- a/Linux-PAM/modules/pam_rootok/pam_rootok.c +++ b/Linux-PAM/modules/pam_rootok/pam_rootok.c @@ -1,12 +1,12 @@ /* pam_rootok module */ /* - * $Id: pam_rootok.c,v 1.3 2002/05/26 23:00:28 agmorgan Exp $ + * $Id: pam_rootok.c,v 1.7 2005/12/12 14:45:02 ldv Exp $ * * Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11 */ -#define _GNU_SOURCE +#include "config.h" #include <stdio.h> #include <unistd.h> @@ -24,26 +24,19 @@ #define PAM_SM_AUTH #include <security/pam_modules.h> +#include <security/pam_ext.h> -/* some syslogging */ - -static void _pam_log(int err, const char *format, ...) -{ - va_list args; - - va_start(args, format); - openlog("PAM-rootok", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(err, format, args); - va_end(args); - closelog(); -} - +#ifdef WITH_SELINUX +#include <selinux/selinux.h> +#include <selinux/av_permissions.h> +#endif /* argument parsing */ #define PAM_DEBUG_ARG 01 -static int _pam_parse(int argc, const char **argv) +static int +_pam_parse (const pam_handle_t *pamh, int argc, const char **argv) { int ctrl=0; @@ -55,7 +48,7 @@ static int _pam_parse(int argc, const char **argv) if (!strcmp(*argv,"debug")) ctrl |= PAM_DEBUG_ARG; else { - _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv); + pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv); } } @@ -64,28 +57,31 @@ static int _pam_parse(int argc, const char **argv) /* --- authentication management functions (only) --- */ -PAM_EXTERN -int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc - ,const char **argv) +PAM_EXTERN int +pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, + int argc, const char **argv) { int ctrl; int retval = PAM_AUTH_ERR; - ctrl = _pam_parse(argc, argv); + ctrl = _pam_parse(pamh, argc, argv); if (getuid() == 0) +#ifdef WITH_SELINUX + if (is_selinux_enabled()<1 || checkPasswdAccess(PASSWD__ROOTOK)==0) +#endif retval = PAM_SUCCESS; if (ctrl & PAM_DEBUG_ARG) { - _pam_log(LOG_DEBUG, "authentication %s" - , retval==PAM_SUCCESS ? "succeeded":"failed" ); + pam_syslog(pamh, LOG_DEBUG, "authentication %s", + (retval==PAM_SUCCESS) ? "succeeded" : "failed"); } return retval; } -PAM_EXTERN -int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc - ,const char **argv) +PAM_EXTERN int +pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED, + int argc UNUSED, const char **argv UNUSED) { return PAM_SUCCESS; } |