diff options
| author | Iker Pedrosa <ipedrosa@redhat.com> | 2022-04-20 10:08:40 +0200 |
|---|---|---|
| committer | Iker Pedrosa <ipedrosa@redhat.com> | 2022-05-24 13:26:49 +0200 |
| commit | fc867a9e22eac2c9a0ed0577776bba4df21c9aad (patch) | |
| tree | c6530a416bd83be00ac260dd86cbd533981f0664 /modules/pam_faillock/main.c | |
| parent | 9bcbe96d9e82a23d983c0618178a8dc25596ac2d (diff) | |
| download | pam-fc867a9e22eac2c9a0ed0577776bba4df21c9aad.tar.gz pam-fc867a9e22eac2c9a0ed0577776bba4df21c9aad.tar.bz2 pam-fc867a9e22eac2c9a0ed0577776bba4df21c9aad.zip | |
faillock: load configuration from file
* modules/pam_faillock/main.c: Load configuration from file
* modules/pam_faillock/pam_faillock: Improve tally directory management
* modules/pam_faillock/faillock_config.c: Print errors
* modules/pam_faillock/faillock_config.h: Extend options structure and
define get_tally_dir().
* modules/pam_faillock/Makefile.am: Compile faillock_config.c for
faillock binary.
* modules/pam_faillock/faillock.8.xml: Update with the new configuration
option.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1978029
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Diffstat (limited to 'modules/pam_faillock/main.c')
| -rw-r--r-- | modules/pam_faillock/main.c | 51 |
1 files changed, 38 insertions, 13 deletions
diff --git a/modules/pam_faillock/main.c b/modules/pam_faillock/main.c index ea6329ca..35208870 100644 --- a/modules/pam_faillock/main.c +++ b/modules/pam_faillock/main.c @@ -51,32 +51,40 @@ #define AUDIT_NO_ID ((unsigned int) -1) #endif +#include "pam_inline.h" #include "faillock.h" - -struct options { - unsigned int reset; - const char *dir; - const char *user; - const char *progname; -}; +#include "faillock_config.h" static int args_parse(int argc, char **argv, struct options *opts) { int i; + int rv; + const char *dir = NULL; + const char *conf = NULL; + memset(opts, 0, sizeof(*opts)); - opts->dir = FAILLOCK_DEFAULT_TALLYDIR; opts->progname = argv[0]; for (i = 1; i < argc; ++i) { - if (strcmp(argv[i], "--dir") == 0) { + if (strcmp(argv[i], "--conf") == 0) { + ++i; + if (i >= argc || strlen(argv[i]) == 0) { + fprintf(stderr, "%s: No configuration file supplied.\n", + argv[0]); + return -1; + } + conf = argv[i]; + } + else if (strcmp(argv[i], "--dir") == 0) { ++i; if (i >= argc || strlen(argv[i]) == 0) { - fprintf(stderr, "%s: No directory supplied.\n", argv[0]); + fprintf(stderr, "%s: No records directory supplied.\n", + argv[0]); return -1; } - opts->dir = argv[i]; + dir = argv[i]; } else if (strcmp(argv[i], "--user") == 0) { ++i; @@ -94,6 +102,21 @@ args_parse(int argc, char **argv, struct options *opts) return -1; } } + + if ((rv = read_config_file(NULL, opts, conf)) != PAM_SUCCESS) { + fprintf(stderr, "Configuration file missing or broken"); + return rv; + } + + if (dir != NULL) { + free(opts->dir); + opts->dir = strdup(dir); + if (opts->dir == NULL) { + fprintf(stderr, "Error allocating memory: %m"); + return -1; + } + } + return 0; } @@ -111,10 +134,11 @@ do_user(struct options *opts, const char *user) int rv; struct tally_data tallies; struct passwd *pwd; + const char *dir = get_tally_dir(opts); pwd = getpwnam(user); - fd = open_tally(opts->dir, user, pwd != NULL ? pwd->pw_uid : 0, 0); + fd = open_tally(dir, user, pwd != NULL ? pwd->pw_uid : 0, 0); if (fd == -1) { if (errno == ENOENT) { @@ -195,8 +219,9 @@ do_allusers(struct options *opts) { struct dirent **userlist; int rv, i; + const char *dir = get_tally_dir(opts); - rv = scandir(opts->dir, &userlist, NULL, alphasort); + rv = scandir(dir, &userlist, NULL, alphasort); if (rv < 0) { fprintf(stderr, "%s: Error reading tally directory: %m\n", opts->progname); return 2; |