diff options
| author | Steve Langasek <steve.langasek@canonical.com> | 2020-08-11 14:54:29 -0700 |
|---|---|---|
| committer | Steve Langasek <steve.langasek@canonical.com> | 2020-08-11 14:54:29 -0700 |
| commit | f6d08ed47a3da3c08345bce2ca366e961c52ad7c (patch) | |
| tree | dcbd0efb229b17f696f7195671f05b354b4f70fc /modules/pam_env | |
| parent | 668b13da8f830c38388cecac45539972e80cb246 (diff) | |
| parent | 9e5bea9e146dee574796259ca464ad2435be3590 (diff) | |
| download | pam-f6d08ed47a3da3c08345bce2ca366e961c52ad7c.tar.gz pam-f6d08ed47a3da3c08345bce2ca366e961c52ad7c.tar.bz2 pam-f6d08ed47a3da3c08345bce2ca366e961c52ad7c.zip | |
New upstream version 1.4.0
Diffstat (limited to 'modules/pam_env')
| -rw-r--r-- | modules/pam_env/Makefile.am | 20 | ||||
| -rw-r--r-- | modules/pam_env/Makefile.in | 151 | ||||
| -rw-r--r-- | modules/pam_env/README | 14 | ||||
| -rw-r--r-- | modules/pam_env/environment.5 | 2 | ||||
| -rw-r--r-- | modules/pam_env/pam_env.8 | 14 | ||||
| -rw-r--r-- | modules/pam_env/pam_env.8.xml | 8 | ||||
| -rw-r--r-- | modules/pam_env/pam_env.c | 123 | ||||
| -rw-r--r-- | modules/pam_env/pam_env.conf | 2 | ||||
| -rw-r--r-- | modules/pam_env/pam_env.conf.5 | 6 |
9 files changed, 191 insertions, 149 deletions
diff --git a/modules/pam_env/Makefile.am b/modules/pam_env/Makefile.am index d6f081ff..c66112d6 100644 --- a/modules/pam_env/Makefile.am +++ b/modules/pam_env/Makefile.am @@ -5,17 +5,20 @@ CLEANFILES = *~ MAINTAINERCLEANFILES = $(MANS) README -EXTRA_DIST = README pam_env.conf $(MANS) $(XMLS) tst-pam_env environment - -man_MANS = pam_env.conf.5 pam_env.8 environment.5 +EXTRA_DIST = $(XMLS) +if HAVE_DOC +dist_man_MANS = pam_env.conf.5 pam_env.8 environment.5 +endif XMLS = README.xml pam_env.conf.5.xml pam_env.8.xml +dist_check_SCRIPTS = tst-pam_env +TESTS = $(dist_check_SCRIPTS) securelibdir = $(SECUREDIR) secureconfdir = $(SCONFIGDIR) AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \ - -DDEFAULT_CONF_FILE=\"$(SCONFIGDIR)/pam_env.conf\" + -DDEFAULT_CONF_FILE=\"$(SCONFIGDIR)/pam_env.conf\" $(WARN_CFLAGS) AM_LDFLAGS = -no-undefined -avoid-version -module if HAVE_VERSIONING AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map @@ -24,14 +27,11 @@ endif securelib_LTLIBRARIES = pam_env.la pam_env_la_LIBADD = $(top_builddir)/libpam/libpam.la -secureconf_DATA = pam_env.conf -sysconf_DATA = environment +dist_secureconf_DATA = pam_env.conf +dist_sysconf_DATA = environment if ENABLE_REGENERATE_MAN -noinst_DATA = README -README: pam_env.8.xml pam_env.conf.5.xml +dist_noinst_DATA = README environment.5: pam_env.conf.5.xml -include $(top_srcdir)/Make.xml.rules endif - -TESTS = tst-pam_env diff --git a/modules/pam_env/Makefile.in b/modules/pam_env/Makefile.in index 87ae8c04..b422c591 100644 --- a/modules/pam_env/Makefile.in +++ b/modules/pam_env/Makefile.in @@ -1,7 +1,7 @@ -# Makefile.in generated by automake 1.13.4 from Makefile.am. +# Makefile.in generated by automake 1.16.1 from Makefile.am. # @configure_input@ -# Copyright (C) 1994-2013 Free Software Foundation, Inc. +# Copyright (C) 1994-2018 Free Software Foundation, Inc. # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -20,7 +20,17 @@ VPATH = @srcdir@ -am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__is_gnu_make = { \ + if test -z '$(MAKELEVEL)'; then \ + false; \ + elif test -n '$(MAKE_HOST)'; then \ + true; \ + elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \ + true; \ + else \ + false; \ + fi; \ +} am__make_running_with_option = \ case $${target_option-} in \ ?) ;; \ @@ -85,9 +95,6 @@ build_triplet = @build@ host_triplet = @host@ @HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map subdir = modules/pam_env -DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ - $(top_srcdir)/build-aux/depcomp \ - $(top_srcdir)/build-aux/test-driver README ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \ $(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/intlmacosx.m4 \ @@ -103,6 +110,9 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \ $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) +DIST_COMMON = $(srcdir)/Makefile.am $(dist_check_SCRIPTS) \ + $(am__dist_noinst_DATA_DIST) $(dist_secureconf_DATA) \ + $(dist_sysconf_DATA) $(am__DIST_COMMON) mkinstalldirs = $(install_sh) -d CONFIG_HEADER = $(top_builddir)/config.h CONFIG_CLEAN_FILES = @@ -159,7 +169,8 @@ am__v_at_0 = @ am__v_at_1 = DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir) depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp -am__depfiles_maybe = depfiles +am__maybe_remake_depfiles = depfiles +am__depfiles_remade = ./$(DEPDIR)/pam_env.Plo am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) @@ -189,8 +200,10 @@ am__can_run_installinfo = \ man5dir = $(mandir)/man5 man8dir = $(mandir)/man8 NROFF = nroff -MANS = $(man_MANS) -DATA = $(noinst_DATA) $(secureconf_DATA) $(sysconf_DATA) +MANS = $(dist_man_MANS) +am__dist_noinst_DATA_DIST = README +DATA = $(dist_noinst_DATA) $(dist_secureconf_DATA) \ + $(dist_sysconf_DATA) am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP) # Read a list of newline-separated strings from the standard input, # and print each of them once, without duplicates. Input order is @@ -387,6 +400,9 @@ TEST_LOGS = $(am__test_logs2:.test.log=.log) TEST_LOG_DRIVER = $(SHELL) $(top_srcdir)/build-aux/test-driver TEST_LOG_COMPILE = $(TEST_LOG_COMPILER) $(AM_TEST_LOG_FLAGS) \ $(TEST_LOG_FLAGS) +am__DIST_COMMON = $(dist_man_MANS) $(srcdir)/Makefile.in \ + $(top_srcdir)/build-aux/depcomp \ + $(top_srcdir)/build-aux/test-driver DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ @@ -415,6 +431,8 @@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ ECHO_N = @ECHO_N@ ECHO_T = @ECHO_T@ +ECONF_CFLAGS = @ECONF_CFLAGS@ +ECONF_LIBS = @ECONF_LIBS@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ @@ -423,7 +441,6 @@ GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ GMSGFMT = @GMSGFMT@ GMSGFMT_015 = @GMSGFMT_015@ GREP = @GREP@ -HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ @@ -459,6 +476,7 @@ LN_S = @LN_S@ LTLIBICONV = @LTLIBICONV@ LTLIBINTL = @LTLIBINTL@ LTLIBOBJS = @LTLIBOBJS@ +LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAKEINFO = @MAKEINFO@ MANIFEST_TOOL = @MANIFEST_TOOL@ MKDIR_P = @MKDIR_P@ @@ -495,11 +513,13 @@ SECUREDIR = @SECUREDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ +STRINGPARAM_VENDORDIR = @STRINGPARAM_VENDORDIR@ STRIP = @STRIP@ TIRPC_CFLAGS = @TIRPC_CFLAGS@ TIRPC_LIBS = @TIRPC_LIBS@ USE_NLS = @USE_NLS@ VERSION = @VERSION@ +WARN_CFLAGS = @WARN_CFLAGS@ XGETTEXT = @XGETTEXT@ XGETTEXT_015 = @XGETTEXT_015@ XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@ @@ -568,21 +588,22 @@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ CLEANFILES = *~ MAINTAINERCLEANFILES = $(MANS) README -EXTRA_DIST = README pam_env.conf $(MANS) $(XMLS) tst-pam_env environment -man_MANS = pam_env.conf.5 pam_env.8 environment.5 +EXTRA_DIST = $(XMLS) +@HAVE_DOC_TRUE@dist_man_MANS = pam_env.conf.5 pam_env.8 environment.5 XMLS = README.xml pam_env.conf.5.xml pam_env.8.xml +dist_check_SCRIPTS = tst-pam_env +TESTS = $(dist_check_SCRIPTS) securelibdir = $(SECUREDIR) secureconfdir = $(SCONFIGDIR) AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \ - -DDEFAULT_CONF_FILE=\"$(SCONFIGDIR)/pam_env.conf\" + -DDEFAULT_CONF_FILE=\"$(SCONFIGDIR)/pam_env.conf\" $(WARN_CFLAGS) AM_LDFLAGS = -no-undefined -avoid-version -module $(am__append_1) securelib_LTLIBRARIES = pam_env.la pam_env_la_LIBADD = $(top_builddir)/libpam/libpam.la -secureconf_DATA = pam_env.conf -sysconf_DATA = environment -@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README -TESTS = tst-pam_env +dist_secureconf_DATA = pam_env.conf +dist_sysconf_DATA = environment +@ENABLE_REGENERATE_MAN_TRUE@dist_noinst_DATA = README all: all-am .SUFFIXES: @@ -599,14 +620,13 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_env/Makefile'; \ $(am__cd) $(top_srcdir) && \ $(AUTOMAKE) --gnu modules/pam_env/Makefile -.PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ *config.status*) \ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ esac; $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) @@ -662,21 +682,27 @@ mostlyclean-compile: distclean-compile: -rm -f *.tab.c -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_env.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_env.Plo@am__quote@ # am--include-marker + +$(am__depfiles_remade): + @$(MKDIR_P) $(@D) + @echo '# dummy' >$@-t && $(am__mv) $@-t $@ + +am--depfiles: $(am__depfiles_remade) .c.o: @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: @am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po @AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .c.lo: @am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< @@ -690,10 +716,10 @@ mostlyclean-libtool: clean-libtool: -rm -rf .libs _libs -install-man5: $(man_MANS) +install-man5: $(dist_man_MANS) @$(NORMAL_INSTALL) @list1=''; \ - list2='$(man_MANS)'; \ + list2='$(dist_man_MANS)'; \ test -n "$(man5dir)" \ && test -n "`echo $$list1$$list2`" \ || exit 0; \ @@ -728,15 +754,15 @@ uninstall-man5: @$(NORMAL_UNINSTALL) @list=''; test -n "$(man5dir)" || exit 0; \ files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + l2='$(dist_man_MANS)'; for i in $$l2; do echo "$$i"; done | \ sed -n '/\.5[a-z]*$$/p'; \ } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir) -install-man8: $(man_MANS) +install-man8: $(dist_man_MANS) @$(NORMAL_INSTALL) @list1=''; \ - list2='$(man_MANS)'; \ + list2='$(dist_man_MANS)'; \ test -n "$(man8dir)" \ && test -n "`echo $$list1$$list2`" \ || exit 0; \ @@ -771,14 +797,14 @@ uninstall-man8: @$(NORMAL_UNINSTALL) @list=''; test -n "$(man8dir)" || exit 0; \ files=`{ for i in $$list; do echo "$$i"; done; \ - l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \ + l2='$(dist_man_MANS)'; for i in $$l2; do echo "$$i"; done | \ sed -n '/\.8[a-z]*$$/p'; \ } | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \ -e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \ dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir) -install-secureconfDATA: $(secureconf_DATA) +install-dist_secureconfDATA: $(dist_secureconf_DATA) @$(NORMAL_INSTALL) - @list='$(secureconf_DATA)'; test -n "$(secureconfdir)" || list=; \ + @list='$(dist_secureconf_DATA)'; test -n "$(secureconfdir)" || list=; \ if test -n "$$list"; then \ echo " $(MKDIR_P) '$(DESTDIR)$(secureconfdir)'"; \ $(MKDIR_P) "$(DESTDIR)$(secureconfdir)" || exit 1; \ @@ -792,14 +818,14 @@ install-secureconfDATA: $(secureconf_DATA) $(INSTALL_DATA) $$files "$(DESTDIR)$(secureconfdir)" || exit $$?; \ done -uninstall-secureconfDATA: +uninstall-dist_secureconfDATA: @$(NORMAL_UNINSTALL) - @list='$(secureconf_DATA)'; test -n "$(secureconfdir)" || list=; \ + @list='$(dist_secureconf_DATA)'; test -n "$(secureconfdir)" || list=; \ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ dir='$(DESTDIR)$(secureconfdir)'; $(am__uninstall_files_from_dir) -install-sysconfDATA: $(sysconf_DATA) +install-dist_sysconfDATA: $(dist_sysconf_DATA) @$(NORMAL_INSTALL) - @list='$(sysconf_DATA)'; test -n "$(sysconfdir)" || list=; \ + @list='$(dist_sysconf_DATA)'; test -n "$(sysconfdir)" || list=; \ if test -n "$$list"; then \ echo " $(MKDIR_P) '$(DESTDIR)$(sysconfdir)'"; \ $(MKDIR_P) "$(DESTDIR)$(sysconfdir)" || exit 1; \ @@ -813,9 +839,9 @@ install-sysconfDATA: $(sysconf_DATA) $(INSTALL_DATA) $$files "$(DESTDIR)$(sysconfdir)" || exit $$?; \ done -uninstall-sysconfDATA: +uninstall-dist_sysconfDATA: @$(NORMAL_UNINSTALL) - @list='$(sysconf_DATA)'; test -n "$(sysconfdir)" || list=; \ + @list='$(dist_sysconf_DATA)'; test -n "$(sysconfdir)" || list=; \ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ dir='$(DESTDIR)$(sysconfdir)'; $(am__uninstall_files_from_dir) @@ -901,7 +927,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS) if test -n "$$am__remaking_logs"; then \ echo "fatal: making $(TEST_SUITE_LOG): possible infinite" \ "recursion detected" >&2; \ - else \ + elif test -n "$$redo_logs"; then \ am__remaking_logs=yes $(MAKE) $(AM_MAKEFLAGS) $$redo_logs; \ fi; \ if $(am__make_dryrun); then :; else \ @@ -991,7 +1017,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS) fi; \ $$success || exit 1 -check-TESTS: +check-TESTS: $(dist_check_SCRIPTS) @list='$(RECHECK_LOGS)'; test -z "$$list" || rm -f $$list @list='$(RECHECK_LOGS:.log=.trs)'; test -z "$$list" || rm -f $$list @test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG) @@ -1001,7 +1027,7 @@ check-TESTS: log_list=`echo $$log_list`; trs_list=`echo $$trs_list`; \ $(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) TEST_LOGS="$$log_list"; \ exit $$?; -recheck: all +recheck: all $(dist_check_SCRIPTS) @test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG) @set +e; $(am__set_TESTS_bases); \ bases=`for i in $$bases; do echo $$i; done \ @@ -1034,7 +1060,10 @@ tst-pam_env.log: tst-pam_env @am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \ @am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT) -distdir: $(DISTFILES) +distdir: $(BUILT_SOURCES) + $(MAKE) $(AM_MAKEFLAGS) distdir-am + +distdir-am: $(DISTFILES) @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -1065,6 +1094,7 @@ distdir: $(DISTFILES) fi; \ done check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) $(dist_check_SCRIPTS) $(MAKE) $(AM_MAKEFLAGS) check-TESTS check: check-am all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA) @@ -1113,7 +1143,7 @@ clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \ mostlyclean-am distclean: distclean-am - -rm -rf ./$(DEPDIR) + -rm -f ./$(DEPDIR)/pam_env.Plo -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-tags @@ -1130,14 +1160,14 @@ info: info-am info-am: -install-data-am: install-man install-secureconfDATA \ +install-data-am: install-dist_secureconfDATA install-man \ install-securelibLTLIBRARIES install-dvi: install-dvi-am install-dvi-am: -install-exec-am: install-sysconfDATA +install-exec-am: install-dist_sysconfDATA install-html: install-html-am @@ -1160,7 +1190,7 @@ install-ps-am: installcheck-am: maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) + -rm -f ./$(DEPDIR)/pam_env.Plo -rm -f Makefile maintainer-clean-am: distclean-am maintainer-clean-generic @@ -1177,32 +1207,35 @@ ps: ps-am ps-am: -uninstall-am: uninstall-man uninstall-secureconfDATA \ - uninstall-securelibLTLIBRARIES uninstall-sysconfDATA +uninstall-am: uninstall-dist_secureconfDATA uninstall-dist_sysconfDATA \ + uninstall-man uninstall-securelibLTLIBRARIES uninstall-man: uninstall-man5 uninstall-man8 .MAKE: check-am install-am install-strip -.PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am clean \ - clean-generic clean-libtool clean-securelibLTLIBRARIES \ - cscopelist-am ctags ctags-am distclean distclean-compile \ - distclean-generic distclean-libtool distclean-tags distdir dvi \ - dvi-am html html-am info info-am install install-am \ - install-data install-data-am install-dvi install-dvi-am \ +.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-TESTS \ + check-am clean clean-generic clean-libtool \ + clean-securelibLTLIBRARIES cscopelist-am ctags ctags-am \ + distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dist_secureconfDATA \ + install-dist_sysconfDATA install-dvi install-dvi-am \ install-exec install-exec-am install-html install-html-am \ install-info install-info-am install-man install-man5 \ install-man8 install-pdf install-pdf-am install-ps \ - install-ps-am install-secureconfDATA \ - install-securelibLTLIBRARIES install-strip install-sysconfDATA \ + install-ps-am install-securelibLTLIBRARIES install-strip \ installcheck installcheck-am installdirs maintainer-clean \ maintainer-clean-generic mostlyclean mostlyclean-compile \ mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - recheck tags tags-am uninstall uninstall-am uninstall-man \ - uninstall-man5 uninstall-man8 uninstall-secureconfDATA \ - uninstall-securelibLTLIBRARIES uninstall-sysconfDATA + recheck tags tags-am uninstall uninstall-am \ + uninstall-dist_secureconfDATA uninstall-dist_sysconfDATA \ + uninstall-man uninstall-man5 uninstall-man8 \ + uninstall-securelibLTLIBRARIES + +.PRECIOUS: Makefile -@ENABLE_REGENERATE_MAN_TRUE@README: pam_env.8.xml pam_env.conf.5.xml @ENABLE_REGENERATE_MAN_TRUE@environment.5: pam_env.conf.5.xml @ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules diff --git a/modules/pam_env/README b/modules/pam_env/README index 65a35ce6..1542f6d7 100644 --- a/modules/pam_env/README +++ b/modules/pam_env/README @@ -14,11 +14,11 @@ option. Second a file (/etc/environment by default) with simple KEY=VAL pairs on separate lines will be read. With the envfile option an alternate file can be -specified. And with the readenv option this can be completly disabled. +specified. And with the readenv option this can be completely disabled. Third it will read a user configuration file ($HOME/.pam_environment by -default). The default file file can be changed with the user_envfile option and -it can be turned on and off with the user_readenv option. +default). The default file can be changed with the user_envfile option and it +can be turned on and off with the user_readenv option. Since setting of PAM environment variables can have side effects to other modules, this module should be the last one on the stack. @@ -50,14 +50,14 @@ readenv=0|1 user_envfile=filename Indicate an alternative .pam_environment file to override the default.The - syntax is the same as for /etc/environment. The filename is relative to the - user home directory. This can be useful when different services need - different environments. + syntax is the same as for /etc/security/pam_env.conf. The filename is + relative to the user home directory. This can be useful when different + services need different environments. user_readenv=0|1 Turns on or off the reading of the user specific environment file. 0 is - off, 1 is on. By default this option is on. + off, 1 is on. By default this option is off. EXAMPLES diff --git a/modules/pam_env/environment.5 b/modules/pam_env/environment.5 index 415dfc1c..aa670e2e 100644 --- a/modules/pam_env/environment.5 +++ b/modules/pam_env/environment.5 @@ -1 +1 @@ -.so pam_env.conf.5 +.so man5/pam_env.conf.5 diff --git a/modules/pam_env/pam_env.8 b/modules/pam_env/pam_env.8 index 2a3ea165..f674024c 100644 --- a/modules/pam_env/pam_env.8 +++ b/modules/pam_env/pam_env.8 @@ -1,13 +1,13 @@ '\" t .\" Title: pam_env .\" Author: [see the "AUTHOR" section] -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/18/2017 +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 06/08/2020 .\" Manual: Linux-PAM Manual .\" Source: Linux-PAM Manual .\" Language: English .\" -.TH "PAM_ENV" "8" "05/18/2017" "Linux-PAM Manual" "Linux-PAM Manual" +.TH "PAM_ENV" "8" "06/08/2020" "Linux-PAM Manual" "Linux-PAM Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -50,10 +50,10 @@ pairs on separate lines will be read\&. With the \fIenvfile\fR option an alternate file can be specified\&. And with the \fIreadenv\fR -option this can be completly disabled\&. +option this can be completely disabled\&. .PP Third it will read a user configuration file ($HOME/\&.pam_environment -by default)\&. The default file file can be changed with the +by default)\&. The default file can be changed with the \fIuser_envfile\fR option and it can be turned on and off with the \fIuser_readenv\fR @@ -96,12 +96,12 @@ Turns on or off the reading of the file specified by envfile (0 is off, 1 is on) Indicate an alternative \&.pam_environment file to override the default\&.The syntax is the same as for -\fI/etc/environment\fR\&. The filename is relative to the user home directory\&. This can be useful when different services need different environments\&. +\fI/etc/security/pam_env\&.conf\fR\&. The filename is relative to the user home directory\&. This can be useful when different services need different environments\&. .RE .PP \fBuser_readenv=\fR\fB\fI0|1\fR\fR .RS 4 -Turns on or off the reading of the user specific environment file\&. 0 is off, 1 is on\&. By default this option is on\&. +Turns on or off the reading of the user specific environment file\&. 0 is off, 1 is on\&. By default this option is off\&. .RE .SH "MODULE TYPES PROVIDED" .PP diff --git a/modules/pam_env/pam_env.8.xml b/modules/pam_env/pam_env.8.xml index d6e20a2e..b765e527 100644 --- a/modules/pam_env/pam_env.8.xml +++ b/modules/pam_env/pam_env.8.xml @@ -62,12 +62,12 @@ Second a file (<filename>/etc/environment</filename> by default) with simple <emphasis>KEY=VAL</emphasis> pairs on separate lines will be read. With the <emphasis>envfile</emphasis> option an alternate file can be specified. - And with the <emphasis>readenv</emphasis> option this can be completly disabled. + And with the <emphasis>readenv</emphasis> option this can be completely disabled. </para> <para> Third it will read a user configuration file (<filename>$HOME/.pam_environment</filename> by default). - The default file file can be changed with the + The default file can be changed with the <emphasis>user_envfile</emphasis> option and it can be turned on and off with the <emphasis>user_readenv</emphasis> option. </para> @@ -143,7 +143,7 @@ <para> Indicate an alternative <filename>.pam_environment</filename> file to override the default.The syntax is the same as - for <emphasis>/etc/environment</emphasis>. + for <emphasis>/etc/security/pam_env.conf</emphasis>. The filename is relative to the user home directory. This can be useful when different services need different environments. @@ -158,7 +158,7 @@ <listitem> <para> Turns on or off the reading of the user specific environment - file. 0 is off, 1 is on. By default this option is on. + file. 0 is off, 1 is on. By default this option is off. </para> </listitem> </varlistentry> diff --git a/modules/pam_env/pam_env.c b/modules/pam_env/pam_env.c index 3846e359..79d43722 100644 --- a/modules/pam_env/pam_env.c +++ b/modules/pam_env/pam_env.c @@ -1,6 +1,6 @@ -/* pam_env module */ - /* + * pam_env module + * * Written by Dave Kinchlea <kinch@kinch.ark.com> 1997/01/31 * Inspired by Andrew Morgan <morgan@kernel.org>, who also supplied the * template for this file (via pam_mail) @@ -10,7 +10,7 @@ #define DEFAULT_READ_ENVFILE 1 #define DEFAULT_USER_ENVFILE ".pam_environment" -#define DEFAULT_USER_READ_ENVFILE 1 +#define DEFAULT_USER_READ_ENVFILE 0 #include "config.h" @@ -26,22 +26,11 @@ #include <sys/types.h> #include <unistd.h> -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH /* This is primarily a AUTH_SETCRED module */ -#define PAM_SM_SESSION /* But I like to be friendly */ -#define PAM_SM_PASSWORD /* "" */ -#define PAM_SM_ACCOUNT /* "" */ - #include <security/pam_modules.h> #include <security/pam_modutil.h> #include <security/_pam_macros.h> #include <security/pam_ext.h> +#include "pam_inline.h" /* This little structure makes it easier to keep variables together */ @@ -52,7 +41,7 @@ typedef struct var { char *override; } VAR; -#define BUF_SIZE 1024 +#define BUF_SIZE 8192 #define MAX_ENV 8192 #define GOOD_LINE 0 @@ -63,7 +52,7 @@ typedef struct var { #define ILLEGAL_VAR 103 static int _assemble_line(FILE *, char *, int); -static int _parse_line(const pam_handle_t *, char *, VAR *); +static int _parse_line(const pam_handle_t *, const char *, VAR *); static int _check_var(pam_handle_t *, VAR *); /* This is the real meat */ static void _clean_var(VAR *); static int _expand_arg(pam_handle_t *, char **); @@ -71,8 +60,8 @@ static const char * _pam_get_item_byname(pam_handle_t *, const char *); static int _define_var(pam_handle_t *, int, VAR *); static int _undefine_var(pam_handle_t *, int, VAR *); -/* This is a flag used to designate an empty string */ -static char quote='Z'; +/* This is a special value used to designate an empty string */ +static char quote='\0'; /* argument parsing */ @@ -93,40 +82,41 @@ _pam_parse (const pam_handle_t *pamh, int argc, const char **argv, /* step through arguments */ for (; argc-- > 0; ++argv) { + const char *str; /* generic options */ if (!strcmp(*argv,"debug")) ctrl |= PAM_DEBUG_ARG; - else if (!strncmp(*argv,"conffile=",9)) { - if ((*argv)[9] == '\0') { + else if ((str = pam_str_skip_prefix(*argv, "conffile=")) != NULL) { + if (str[0] == '\0') { pam_syslog(pamh, LOG_ERR, "conffile= specification missing argument - ignored"); } else { - *conffile = 9+*argv; + *conffile = str; D(("new Configuration File: %s", *conffile)); } - } else if (!strncmp(*argv,"envfile=",8)) { - if ((*argv)[8] == '\0') { + } else if ((str = pam_str_skip_prefix(*argv, "envfile=")) != NULL) { + if (str[0] == '\0') { pam_syslog (pamh, LOG_ERR, "envfile= specification missing argument - ignored"); } else { - *envfile = 8+*argv; + *envfile = str; D(("new Env File: %s", *envfile)); } - } else if (!strncmp(*argv,"user_envfile=",13)) { - if ((*argv)[13] == '\0') { + } else if ((str = pam_str_skip_prefix(*argv, "user_envfile=")) != NULL) { + if (str[0] == '\0') { pam_syslog (pamh, LOG_ERR, "user_envfile= specification missing argument - ignored"); } else { - *user_envfile = 13+*argv; + *user_envfile = str; D(("new User Env File: %s", *user_envfile)); } - } else if (!strncmp(*argv,"readenv=",8)) - *readenv = atoi(8+*argv); - else if (!strncmp(*argv,"user_readenv=",13)) - *user_readenv = atoi(13+*argv); - else + } else if ((str = pam_str_skip_prefix(*argv, "readenv=")) != NULL) { + *readenv = atoi(str); + } else if ((str = pam_str_skip_prefix(*argv, "user_readenv=")) != NULL) { + *user_readenv = atoi(str); + } else pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv); } @@ -228,9 +218,16 @@ _parse_env_file(pam_handle_t *pamh, int ctrl, const char *file) mark[0] = '\0'; /* - * sanity check, the key must be alpha-numeric + * sanity check, the key must be alphanumeric */ + if (key[0] == '=') { + pam_syslog(pamh, LOG_ERR, + "missing key name '%s' in %s', ignoring", + key, file); + continue; + } + for ( i = 0 ; key[i] != '=' && key[i] != '\0' ; i++ ) if (!isalnum(key[i]) && key[i] != '_') { pam_syslog(pamh, LOG_ERR, @@ -282,7 +279,7 @@ _parse_env_file(pam_handle_t *pamh, int ctrl, const char *file) /* * This is where we read a line of the PAM config file. The line may be - * preceeded by lines of comments and also extended with "\\\n" + * preceded by lines of comments and also extended with "\\\n" */ static int _assemble_line(FILE *f, char *buffer, int buf_len) @@ -310,6 +307,14 @@ static int _assemble_line(FILE *f, char *buffer, int buf_len) return 0; } } + if (p[0] == '\0') { + D(("_assemble_line: corrupted or binary file")); + return -1; + } + if (p[strlen(p)-1] != '\n') { + D(("_assemble_line: line too long")); + return -1; + } /* skip leading spaces --- line may be blank */ @@ -366,7 +371,7 @@ static int _assemble_line(FILE *f, char *buffer, int buf_len) } static int -_parse_line (const pam_handle_t *pamh, char *buffer, VAR *var) +_parse_line (const pam_handle_t *pamh, const char *buffer, VAR *var) { /* * parse buffer into var, legal syntax is @@ -377,7 +382,8 @@ _parse_line (const pam_handle_t *pamh, char *buffer, VAR *var) */ int length, quoteflg=0; - char *ptr, **valptr, *tmpptr; + const char *ptr, *tmpptr; + char **valptr; D(("Called buffer = <%s>", buffer)); @@ -405,12 +411,12 @@ _parse_line (const pam_handle_t *pamh, char *buffer, VAR *var) while ((length = strspn(ptr, " \t")) > 0) { ptr += length; /* remove leading whitespace */ D((ptr)); - if (strncmp(ptr,"DEFAULT=",8) == 0) { - ptr+=8; + if ((tmpptr = pam_str_skip_prefix(ptr, "DEFAULT=")) != NULL) { + ptr = tmpptr; D(("Default arg found: <%s>", ptr)); valptr=&(var->defval); - } else if (strncmp(ptr, "OVERRIDE=", 9) == 0) { - ptr+=9; + } else if ((tmpptr = pam_str_skip_prefix(ptr, "OVERRIDE=")) != NULL) { + ptr = tmpptr; D(("Override arg found: <%s>", ptr)); valptr=&(var->override); } else { @@ -500,7 +506,7 @@ static int _check_var(pam_handle_t *pamh, VAR *var) /* Now its easy */ - if (var->override && *(var->override) && "e != var->override) { + if (var->override && *(var->override)) { /* if there is a non-empty string in var->override, we use it */ D(("OVERRIDE variable <%s> being used: <%s>", var->name, var->override)); var->value = var->override; @@ -513,7 +519,6 @@ static int _check_var(pam_handle_t *pamh, VAR *var) * This means that the empty string was given for defval value * which indicates that a variable should be defined with no value */ - *var->defval = '\0'; D(("An empty variable: <%s>", var->name)); retval = DEFINE_VAR; } else if (var->defval) { @@ -543,9 +548,11 @@ static int _expand_arg(pam_handle_t *pamh, char **value) /* I know this shouldn't be hard-coded but it's so much easier this way */ char tmp[MAX_ENV]; + size_t idx; D(("Remember to initialize tmp!")); memset(tmp, 0, MAX_ENV); + idx = 0; /* * (possibly non-existent) environment variables can be used as values @@ -563,8 +570,8 @@ static int _expand_arg(pam_handle_t *pamh, char **value) pam_syslog(pamh, LOG_ERR, "Unrecognized escaped character: <%c> - ignoring", *orig); - } else if ((strlen(tmp) + 1) < MAX_ENV) { - tmp[strlen(tmp)] = *orig++; /* Note the increment */ + } else if (idx + 1 < MAX_ENV) { + tmp[idx++] = *orig++; /* Note the increment */ } else { /* is it really a good idea to try to log this? */ D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); @@ -580,8 +587,8 @@ static int _expand_arg(pam_handle_t *pamh, char **value) " <%s> - ignoring", orig)); pam_syslog(pamh, LOG_ERR, "Expandable variables must be wrapped in {}" " <%s> - ignoring", orig); - if ((strlen(tmp) + 1) < MAX_ENV) { - tmp[strlen(tmp)] = *orig++; /* Note the increment */ + if (idx + 1 < MAX_ENV) { + tmp[idx++] = *orig++; /* Note the increment */ } continue; } else { @@ -625,8 +632,10 @@ static int _expand_arg(pam_handle_t *pamh, char **value) } /* switch */ if (tmpptr) { - if ((strlen(tmp) + strlen(tmpptr)) < MAX_ENV) { - strcat(tmp, tmpptr); + size_t len = strlen(tmpptr); + if (idx + len < MAX_ENV) { + strcpy(tmp + idx, tmpptr); + idx += len; } else { /* is it really a good idea to try to log this? */ D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); @@ -637,8 +646,8 @@ static int _expand_arg(pam_handle_t *pamh, char **value) } } /* if ('{' != *orig++) */ } else { /* if ( '$' == *orig || '@' == *orig) */ - if ((strlen(tmp) + 1) < MAX_ENV) { - tmp[strlen(tmp)] = *orig++; /* Note the increment */ + if (idx + 1 < MAX_ENV) { + tmp[idx++] = *orig++; /* Note the increment */ } else { /* is it really a good idea to try to log this? */ D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); @@ -649,17 +658,17 @@ static int _expand_arg(pam_handle_t *pamh, char **value) } } /* for (;*orig;) */ - if (strlen(tmp) > strlen(*value)) { + if (idx > strlen(*value)) { free(*value); - if ((*value = malloc(strlen(tmp) +1)) == NULL) { - D(("Couldn't malloc %d bytes for expanded var", strlen(tmp)+1)); + if ((*value = malloc(idx + 1)) == NULL) { + D(("Couldn't malloc %d bytes for expanded var", idx + 1)); pam_syslog (pamh, LOG_CRIT, "Couldn't malloc %lu bytes for expanded var", - (unsigned long)strlen(tmp)+1); + (unsigned long)idx+1); return PAM_BUF_ERR; } } strcpy(*value, tmp); - memset(tmp,'\0',sizeof(tmp)); + memset(tmp, '\0', sizeof(tmp)); D(("Exit.")); return PAM_SUCCESS; @@ -699,7 +708,7 @@ static const char * _pam_get_item_byname(pam_handle_t *pamh, const char *name) if (itemval && (strcmp(name, "HOME") == 0 || strcmp(name, "SHELL") == 0)) { struct passwd *user_entry; - user_entry = pam_modutil_getpwnam (pamh, (char *) itemval); + user_entry = pam_modutil_getpwnam (pamh, itemval); if (!user_entry) { pam_syslog(pamh, LOG_ERR, "No such user!?"); return NULL; diff --git a/modules/pam_env/pam_env.conf b/modules/pam_env/pam_env.conf index 30e9d008..2549e430 100644 --- a/modules/pam_env/pam_env.conf +++ b/modules/pam_env/pam_env.conf @@ -26,7 +26,7 @@ # # Each line starts with the variable name, there are then two possible # options for each variable DEFAULT and OVERRIDE. -# DEFAULT allows and administrator to set the value of the +# DEFAULT allows an administrator to set the value of the # variable to some default value, if none is supplied then the empty # string is assumed. The OVERRIDE option tells pam_env that it should # enter in its value (overriding the default value) if there is one diff --git a/modules/pam_env/pam_env.conf.5 b/modules/pam_env/pam_env.conf.5 index ffa35a13..3a7155b0 100644 --- a/modules/pam_env/pam_env.conf.5 +++ b/modules/pam_env/pam_env.conf.5 @@ -1,13 +1,13 @@ '\" t .\" Title: pam_env.conf .\" Author: [see the "AUTHOR" section] -.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/> -.\" Date: 05/18/2017 +.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> +.\" Date: 06/08/2020 .\" Manual: Linux-PAM Manual .\" Source: Linux-PAM Manual .\" Language: English .\" -.TH "PAM_ENV\&.CONF" "5" "05/18/2017" "Linux-PAM Manual" "Linux\-PAM Manual" +.TH "PAM_ENV\&.CONF" "5" "06/08/2020" "Linux-PAM Manual" "Linux\-PAM Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- |