aboutsummaryrefslogtreecommitdiff
path: root/modules/pam_tty_audit
diff options
context:
space:
mode:
authorTomas Mraz <tmraz@fedoraproject.org>2017-10-09 17:37:56 +0200
committerTomas Mraz <tmraz@fedoraproject.org>2017-10-09 17:37:56 +0200
commit94f529d4f239362dea6e43a0bd3f6323b429a712 (patch)
tree1540186e7e2b2c60f6d4fe71c12b57c486a8d1fd /modules/pam_tty_audit
parent2ef1096db6cbbb875fc79bbb6ac5e9415fdcdad5 (diff)
downloadpam-94f529d4f239362dea6e43a0bd3f6323b429a712.tar.gz
pam-94f529d4f239362dea6e43a0bd3f6323b429a712.tar.bz2
pam-94f529d4f239362dea6e43a0bd3f6323b429a712.zip
pam_tty_audit: Fix regression introduced by adding the uid range support.
* modules/pam_tty_audit/pam_tty_audit.c (parse_uid_range): Fix constification and remove unneeded code carried from pam_limits. (pam_sm_open_session): When multiple enable/disable options are present do not stop after first match.
Diffstat (limited to 'modules/pam_tty_audit')
-rw-r--r--modules/pam_tty_audit/pam_tty_audit.c8
1 files changed, 3 insertions, 5 deletions
diff --git a/modules/pam_tty_audit/pam_tty_audit.c b/modules/pam_tty_audit/pam_tty_audit.c
index c76026a0..79e5d511 100644
--- a/modules/pam_tty_audit/pam_tty_audit.c
+++ b/modules/pam_tty_audit/pam_tty_audit.c
@@ -207,7 +207,7 @@ parse_uid_range(pam_handle_t *pamh, const char *s,
uid_t *min_uid, uid_t *max_uid)
{
const char *range = s;
- char *pmax;
+ const char *pmax;
char *endptr;
enum uid_range rv = UID_RANGE_MM;
@@ -215,9 +215,6 @@ parse_uid_range(pam_handle_t *pamh, const char *s,
return UID_RANGE_NONE;
++pmax;
- if (range[0] == '@' || range[0] == '%')
- ++range;
-
if (range[0] == ':')
rv = UID_RANGE_ONE;
else {
@@ -298,7 +295,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char **argv)
if (copy == NULL)
return PAM_SESSION_ERR;
for (tok = strtok_r (copy, ",", &tok_data);
- tok != NULL && command == CMD_NONE;
+ tok != NULL && command != this_command;
tok = strtok_r (NULL, ",", &tok_data))
{
uid_t min_uid = 0, max_uid = 0;
@@ -319,6 +316,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char **argv)
case UID_RANGE_ONE:
if (pwd->pw_uid == max_uid)
command = this_command;
+ break;
case UID_RANGE_ERR:
break;
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-08 02:09:10 +0000