aboutsummaryrefslogtreecommitdiff
path: root/debian/patches-applied/031_pam_include
diff options
context:
space:
mode:
authorSteve Langasek <vorlon@debian.org>2019-01-02 12:24:44 -0800
committerSteve Langasek <vorlon@debian.org>2019-01-02 12:27:24 -0800
commita6f4ab0bebc76acf85cc0244bd21c1036009c28c (patch)
treedf0d6a57d2b91ab9038e8d7b0d62f28c2daa66db /debian/patches-applied/031_pam_include
parent10b6243f4664747e815372070142d6c5853176da (diff)
downloadpam-a6f4ab0bebc76acf85cc0244bd21c1036009c28c.tar.gz
pam-a6f4ab0bebc76acf85cc0244bd21c1036009c28c.tar.bz2
pam-a6f4ab0bebc76acf85cc0244bd21c1036009c28c.zip
fix-up commit for grafting svn history onto git history
Diffstat (limited to 'debian/patches-applied/031_pam_include')
-rw-r--r--debian/patches-applied/031_pam_include58
1 files changed, 58 insertions, 0 deletions
diff --git a/debian/patches-applied/031_pam_include b/debian/patches-applied/031_pam_include
new file mode 100644
index 00000000..e28415c4
--- /dev/null
+++ b/debian/patches-applied/031_pam_include
@@ -0,0 +1,58 @@
+Patch to implement an @include directive for use in pam.d config files.
+
+Authors: Jan Christoph Nordholz <hesso@pool.math.tu-berlin.de>
+
+Upstream status: not yet submitted
+
+Index: pam/Linux-PAM/libpam/pam_handlers.c
+===================================================================
+--- pam.orig/Linux-PAM/libpam/pam_handlers.c
++++ pam/Linux-PAM/libpam/pam_handlers.c
+@@ -114,6 +114,10 @@
+ module_type = PAM_T_ACCT;
+ } else if (!strcasecmp("password", tok)) {
+ module_type = PAM_T_PASS;
++ } else if (!strcasecmp("@include", tok)) {
++ pam_include = 1;
++ module_type = requested_module_type;
++ goto parsing_done;
+ } else {
+ /* Illegal module type */
+ D(("_pam_init_handlers: bad module type: %s", tok));
+@@ -178,14 +182,33 @@
+ _pam_set_default_control(actions, _PAM_ACTION_BAD);
+ }
+
++parsing_done:
+ tok = _pam_StrTok(NULL, " \n\t", &nexttok);
+ if (pam_include) {
+- if (_pam_load_conf_file(pamh, tok, this_service, module_type
++ struct stat include_dir;
++ if (tok[0] == '/') {
++ if (_pam_load_conf_file(pamh, tok, this_service, module_type
+ #ifdef PAM_READ_BOTH_CONFS
+- , !other
++ , !other
+ #endif /* PAM_READ_BOTH_CONFS */
+ ) == PAM_SUCCESS)
+- continue;
++ continue;
++ } else if (!stat(PAM_CONFIG_D, &include_dir) && S_ISDIR(include_dir.st_mode)) {
++ char *include_file;
++ if (asprintf (&include_file, PAM_CONFIG_DF, tok) < 0) {
++ pam_syslog(pamh, LOG_CRIT, "asprintf failed");
++ return PAM_ABORT;
++ }
++ if (_pam_load_conf_file(pamh, include_file, this_service, module_type
++#ifdef PAM_READ_BOTH_CONFS
++ , !other
++#endif /* PAM_READ_BOTH_CONFS */
++ ) == PAM_SUCCESS) {
++ free(include_file);
++ continue;
++ }
++ free(include_file);
++ }
+ _pam_set_default_control(actions, _PAM_ACTION_BAD);
+ mod_path = NULL;
+ must_fail = 1;
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-16 16:29:29 +0000