diff options
| author | Thorsten Kukuk <5908016+thkukuk@users.noreply.github.com> | 2019-09-16 17:17:49 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-09-16 17:17:49 +0200 |
| commit | 65d6735c5949ec233df9813f734e918a93fa36cf (patch) | |
| tree | c147e1f9ab27479abb3e2be94a2969aad6d87b68 /libpam/pam_handlers.c | |
| parent | 3a3e70739834cd5cbd17469907ef718c81ae40c0 (diff) | |
| download | pam-65d6735c5949ec233df9813f734e918a93fa36cf.tar.gz pam-65d6735c5949ec233df9813f734e918a93fa36cf.tar.bz2 pam-65d6735c5949ec233df9813f734e918a93fa36cf.zip | |
Add support for a vendor directory and libeconf (#136)
With this, it is possible for Linux distributors to store their
supplied default configuration files somewhere below /usr, while
/etc only contains the changes made by the user. The new option
--enable-vendordir defines where Linux-PAM should additional look
for pam.d/*, login.defs and securetty if this files are not in /etc.
libeconf is a key/value configuration file reading library, which
handles the split of configuration files in different locations
and merges them transparently for the application.
Diffstat (limited to 'libpam/pam_handlers.c')
| -rw-r--r-- | libpam/pam_handlers.c | 47 |
1 files changed, 22 insertions, 25 deletions
diff --git a/libpam/pam_handlers.c b/libpam/pam_handlers.c index 106ef7c2..8e513da3 100644 --- a/libpam/pam_handlers.c +++ b/libpam/pam_handlers.c @@ -280,9 +280,14 @@ _pam_open_config_file(pam_handle_t *pamh , char **path , FILE **file) { + const char *pamd_dirs[] = { PAM_CONFIG_DF, PAM_CONFIG_DIST_DF +#ifdef VENDORDIR + , PAM_CONFIG_DIST2_DF +#endif + }; char *p; FILE *f; - int err = 0; + size_t i; /* Absolute path */ if (service[0] == '/') { @@ -303,33 +308,20 @@ _pam_open_config_file(pam_handle_t *pamh return PAM_ABORT; } - /* Local Machine Configuration /etc/pam.d/ */ - if (asprintf (&p, PAM_CONFIG_DF, service) < 0) { - pam_syslog(pamh, LOG_CRIT, "asprintf failed"); - return PAM_BUF_ERR; - } - D(("opening %s", p)); - f = fopen(p, "r"); - if (f != NULL) { - *path = p; - *file = f; - return PAM_SUCCESS; - } - - /* System Configuration /usr/lib/pam.d/ */ - _pam_drop(p); - if (asprintf (&p, PAM_CONFIG_DIST_DF, service) < 0) { - pam_syslog(pamh, LOG_CRIT, "asprintf failed"); - return PAM_BUF_ERR; - } - D(("opening %s", p)); - f = fopen(p, "r"); - if (f != NULL) { + for (i = 0; i < sizeof (pamd_dirs)/sizeof (char *); i++) { + if (asprintf (&p, pamd_dirs[i], service) < 0) { + pam_syslog(pamh, LOG_CRIT, "asprintf failed"); + return PAM_BUF_ERR; + } + D(("opening %s", p)); + f = fopen(p, "r"); + if (f != NULL) { *path = p; *file = f; return PAM_SUCCESS; + } + _pam_drop(p); } - _pam_drop(p); return PAM_ABORT; } @@ -447,7 +439,12 @@ int _pam_init_handlers(pam_handle_t *pamh) /* Is there a PAM_CONFIG_D directory? */ if ((stat(PAM_CONFIG_D, &test_d) == 0 && S_ISDIR(test_d.st_mode)) || - (stat(PAM_CONFIG_DIST_D, &test_d) == 0 && S_ISDIR(test_d.st_mode))) { + (stat(PAM_CONFIG_DIST_D, &test_d) == 0 && S_ISDIR(test_d.st_mode)) +#ifdef PAM_CONFIG_DIST2_D + || (stat(PAM_CONFIG_DIST2_D, &test_d) == 0 + && S_ISDIR(test_d.st_mode)) +#endif + ) { char *path = NULL; int read_something=0; |