diff options
| author | Steve Langasek <vorlon@debian.org> | 2010-08-31 17:23:27 -0700 |
|---|---|---|
| committer | Steve Langasek <vorlon@debian.org> | 2019-01-08 21:47:21 -0800 |
| commit | 6c6f451aff56e368041dd4076ad61d8f51635b7f (patch) | |
| tree | ed1162733e6688167c56704ffbf4e63c602abf35 /modules/pam_rootok/pam_rootok.c | |
| parent | 0b7e86d2422eb0ddabce5ffcd59ee31525a4e8af (diff) | |
| parent | b70316c593cbc8e5c9155e5c6597497090c6eb88 (diff) | |
| download | pam-6c6f451aff56e368041dd4076ad61d8f51635b7f.tar.gz pam-6c6f451aff56e368041dd4076ad61d8f51635b7f.tar.bz2 pam-6c6f451aff56e368041dd4076ad61d8f51635b7f.zip | |
merge upstream version 1.1.2
Diffstat (limited to 'modules/pam_rootok/pam_rootok.c')
| -rw-r--r-- | modules/pam_rootok/pam_rootok.c | 53 |
1 files changed, 41 insertions, 12 deletions
diff --git a/modules/pam_rootok/pam_rootok.c b/modules/pam_rootok/pam_rootok.c index 4eb34412..b2a249df 100644 --- a/modules/pam_rootok/pam_rootok.c +++ b/modules/pam_rootok/pam_rootok.c @@ -1,7 +1,7 @@ /* pam_rootok module */ /* - * $Id: pam_rootok.c,v 1.7 2005/12/12 14:45:02 ldv Exp $ + * $Id: pam_rootok.c,v 1.8 2010/04/06 08:07:11 kukuk Exp $ * * Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11 */ @@ -55,16 +55,11 @@ _pam_parse (const pam_handle_t *pamh, int argc, const char **argv) return ctrl; } -/* --- authentication management functions (only) --- */ - -PAM_EXTERN int -pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, - int argc, const char **argv) +static int +check_for_root (pam_handle_t *pamh, int ctrl) { - int ctrl; int retval = PAM_AUTH_ERR; - ctrl = _pam_parse(pamh, argc, argv); if (getuid() == 0) #ifdef WITH_SELINUX if (is_selinux_enabled()<1 || checkPasswdAccess(PASSWD__ROOTOK)==0) @@ -72,13 +67,26 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, retval = PAM_SUCCESS; if (ctrl & PAM_DEBUG_ARG) { - pam_syslog(pamh, LOG_DEBUG, "authentication %s", - (retval==PAM_SUCCESS) ? "succeeded" : "failed"); + pam_syslog(pamh, LOG_DEBUG, "root check %s", + (retval==PAM_SUCCESS) ? "succeeded" : "failed"); } return retval; } +/* --- management functions --- */ + +PAM_EXTERN int +pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, + int argc, const char **argv) +{ + int ctrl; + + ctrl = _pam_parse(pamh, argc, argv); + + return check_for_root (pamh, ctrl); +} + PAM_EXTERN int pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED, int argc UNUSED, const char **argv UNUSED) @@ -86,6 +94,27 @@ pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED, return PAM_SUCCESS; } +PAM_EXTERN int +pam_sm_acct_mgmt (pam_handle_t *pamh, int flags UNUSED, + int argc, const char **argv) +{ + int ctrl; + + ctrl = _pam_parse(pamh, argc, argv); + + return check_for_root (pamh, ctrl); +} + +PAM_EXTERN int +pam_sm_chauthtok (pam_handle_t *pamh, int flags UNUSED, + int argc, const char **argv) +{ + int ctrl; + + ctrl = _pam_parse(pamh, argc, argv); + + return check_for_root (pamh, ctrl); +} #ifdef PAM_STATIC @@ -95,10 +124,10 @@ struct pam_module _pam_rootok_modstruct = { "pam_rootok", pam_sm_authenticate, pam_sm_setcred, + pam_sm_acct_mgmt, NULL, NULL, - NULL, - NULL, + pam_sm_chauthtok, }; #endif |