diff options
| author | Iker Pedrosa <ipedrosa@redhat.com> | 2022-04-20 10:08:40 +0200 |
|---|---|---|
| committer | Iker Pedrosa <ipedrosa@redhat.com> | 2022-05-24 13:26:49 +0200 |
| commit | fc867a9e22eac2c9a0ed0577776bba4df21c9aad (patch) | |
| tree | c6530a416bd83be00ac260dd86cbd533981f0664 /modules/pam_faillock/pam_faillock.c | |
| parent | 9bcbe96d9e82a23d983c0618178a8dc25596ac2d (diff) | |
| download | pam-fc867a9e22eac2c9a0ed0577776bba4df21c9aad.tar.gz pam-fc867a9e22eac2c9a0ed0577776bba4df21c9aad.tar.bz2 pam-fc867a9e22eac2c9a0ed0577776bba4df21c9aad.zip | |
faillock: load configuration from file
* modules/pam_faillock/main.c: Load configuration from file
* modules/pam_faillock/pam_faillock: Improve tally directory management
* modules/pam_faillock/faillock_config.c: Print errors
* modules/pam_faillock/faillock_config.h: Extend options structure and
define get_tally_dir().
* modules/pam_faillock/Makefile.am: Compile faillock_config.c for
faillock binary.
* modules/pam_faillock/faillock.8.xml: Update with the new configuration
option.
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1978029
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
Diffstat (limited to 'modules/pam_faillock/pam_faillock.c')
| -rw-r--r-- | modules/pam_faillock/pam_faillock.c | 15 |
1 files changed, 6 insertions, 9 deletions
diff --git a/modules/pam_faillock/pam_faillock.c b/modules/pam_faillock/pam_faillock.c index 0a5b6b62..ddbb90e7 100644 --- a/modules/pam_faillock/pam_faillock.c +++ b/modules/pam_faillock/pam_faillock.c @@ -72,7 +72,6 @@ args_parse(pam_handle_t *pamh, int argc, const char **argv, memset(opts, 0, sizeof(*opts)); - opts->dir = strdup(FAILLOCK_DEFAULT_TALLYDIR); opts->deny = 3; opts->fail_interval = 900; opts->unlock_time = 600; @@ -130,11 +129,6 @@ args_parse(pam_handle_t *pamh, int argc, const char **argv, if (flags & PAM_SILENT) opts->flags |= FAILLOCK_FLAG_SILENT; - if (opts->dir == NULL) { - pam_syslog(pamh, LOG_CRIT, "Error allocating memory: %m"); - opts->fatal_error = 1; - } - if (opts->fatal_error) return PAM_BUF_ERR; return PAM_SUCCESS; @@ -193,10 +187,11 @@ check_tally(pam_handle_t *pamh, struct options *opts, struct tally_data *tallies unsigned int i; uint64_t latest_time; int failures; + const char *dir = get_tally_dir(opts); opts->now = time(NULL); - tfd = open_tally(opts->dir, opts->user, opts->uid, 0); + tfd = open_tally(dir, opts->user, opts->uid, 0); *fd = tfd; @@ -270,9 +265,10 @@ static void reset_tally(pam_handle_t *pamh, struct options *opts, int *fd) { int rv; + const char *dir = get_tally_dir(opts); if (*fd == -1) { - *fd = open_tally(opts->dir, opts->user, opts->uid, 1); + *fd = open_tally(dir, opts->user, opts->uid, 1); } else { while ((rv=ftruncate(*fd, 0)) == -1 && errno == EINTR); @@ -291,9 +287,10 @@ write_tally(pam_handle_t *pamh, struct options *opts, struct tally_data *tallies unsigned int oldest; uint64_t oldtime; const void *source = NULL; + const char *dir = get_tally_dir(opts); if (*fd == -1) { - *fd = open_tally(opts->dir, opts->user, opts->uid, 1); + *fd = open_tally(dir, opts->user, opts->uid, 1); } if (*fd == -1) { if (errno == EACCES) { |