diff options
Diffstat (limited to 'Linux-PAM/modules/pam_env')
| -rw-r--r-- | Linux-PAM/modules/pam_env/Makefile | 22 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_env/Makefile.am | 35 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_env/Makefile.in | 757 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_env/README | 146 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_env/README.xml | 39 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_env/environment | 5 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_env/pam_env.8 | 89 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_env/pam_env.8.xml | 206 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_env/pam_env.c | 347 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_env/pam_env.conf (renamed from Linux-PAM/modules/pam_env/pam_env.conf-example) | 3 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_env/pam_env.conf.5 | 87 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_env/pam_env.conf.5.xml | 123 | ||||
| -rwxr-xr-x | Linux-PAM/modules/pam_env/tst-pam_env | 2 |
13 files changed, 1585 insertions, 276 deletions
diff --git a/Linux-PAM/modules/pam_env/Makefile b/Linux-PAM/modules/pam_env/Makefile deleted file mode 100644 index 189f1ee3..00000000 --- a/Linux-PAM/modules/pam_env/Makefile +++ /dev/null @@ -1,22 +0,0 @@ -# -# $Id: Makefile,v 1.2 2000/11/19 23:54:03 agmorgan Exp $ -# -# This Makefile controls a build process of $(TITLE) module for -# Linux-PAM. You should not modify this Makefile (unless you know -# what you are doing!). -# - -include ../../Make.Rules - -TITLE=pam_env -LOCAL_CONFILE=./pam_env.conf-example -INSTALLED_CONFILE=$(SCONFIGD)/pam_env.conf - -DEFS=-DDEFAULT_CONF_FILE=\"$(INSTALLED_CONFILE)\" -CFLAGS += $(DEFS) - -MODULE_SIMPLE_INSTALL=bash -f ../install_conf "$(FAKEROOT)" "$(SCONFIGD)" "$(INSTALLED_CONFILE)" "$(TITLE)" "$(LOCAL_CONFILE)" -MODULE_SIMPLE_REMOVE=rm -f $(FAKEROOT)$(INSTALLED_CONFILE) -MODULE_SIMPLE_CLEAN=rm -f ./.ignore_age - -include ../Simple.Rules diff --git a/Linux-PAM/modules/pam_env/Makefile.am b/Linux-PAM/modules/pam_env/Makefile.am new file mode 100644 index 00000000..83236e9b --- /dev/null +++ b/Linux-PAM/modules/pam_env/Makefile.am @@ -0,0 +1,35 @@ +# +# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de> +# + +CLEANFILES = *~ + +EXTRA_DIST = README pam_env.conf $(MANS) $(XMLS) tst-pam_env environment + +man_MANS = pam_env.conf.5 pam_env.8 + +XMLS = README.xml pam_env.conf.5.xml pam_env.8.xml + +securelibdir = $(SECUREDIR) +secureconfdir = $(SCONFIGDIR) + +AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \ + -DDEFAULT_CONF_FILE=\"$(SCONFIGDIR)/pam_env.conf\" +AM_LDFLAGS = -no-undefined -avoid-version -module \ + -L$(top_builddir)/libpam -lpam +if HAVE_VERSIONING + AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map +endif + +securelib_LTLIBRARIES = pam_env.la + +secureconf_DATA = pam_env.conf +sysconf_DATA = environment + +if ENABLE_REGENERATE_MAN +noinst_DATA = README +README: pam_env.8.xml pam_env.conf.5.xml +-include $(top_srcdir)/Make.xml.rules +endif + +TESTS = tst-pam_env diff --git a/Linux-PAM/modules/pam_env/Makefile.in b/Linux-PAM/modules/pam_env/Makefile.in new file mode 100644 index 00000000..7bd1e9a3 --- /dev/null +++ b/Linux-PAM/modules/pam_env/Makefile.in @@ -0,0 +1,757 @@ +# Makefile.in generated by automake 1.10 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +# +# Copyright (c) 2005 Thorsten Kukuk <kukuk@suse.de> +# + + +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +build_triplet = @build@ +host_triplet = @host@ +@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map +subdir = modules/pam_env +DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \ + $(top_srcdir)/m4/iconv.m4 \ + $(top_srcdir)/m4/jh_path_xml_catalog.m4 \ + $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \ + $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \ + $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \ + $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \ + $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \ + $(top_srcdir)/configure.in +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = $(top_builddir)/config.h +CONFIG_CLEAN_FILES = +am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; +am__vpath_adj = case $$p in \ + $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ + *) f=$$p;; \ + esac; +am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man5dir)" \ + "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)" \ + "$(DESTDIR)$(sysconfdir)" +securelibLTLIBRARIES_INSTALL = $(INSTALL) +LTLIBRARIES = $(securelib_LTLIBRARIES) +pam_env_la_LIBADD = +pam_env_la_SOURCES = pam_env.c +pam_env_la_OBJECTS = pam_env.lo +DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ +depcomp = $(SHELL) $(top_srcdir)/depcomp +am__depfiles_maybe = depfiles +COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ + $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ + $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ + --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ + $(LDFLAGS) -o $@ +SOURCES = pam_env.c +DIST_SOURCES = pam_env.c +man5dir = $(mandir)/man5 +man8dir = $(mandir)/man8 +NROFF = nroff +MANS = $(man_MANS) +secureconfDATA_INSTALL = $(INSTALL_DATA) +sysconfDATA_INSTALL = $(INSTALL_DATA) +DATA = $(noinst_DATA) $(secureconf_DATA) $(sysconf_DATA) +ETAGS = etags +CTAGS = ctags +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AR = @AR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +BROWSER = @BROWSER@ +CC = @CC@ +CCDEPMODE = @CCDEPMODE@ +CFLAGS = @CFLAGS@ +CPP = @CPP@ +CPPFLAGS = @CPPFLAGS@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ +CXXDEPMODE = @CXXDEPMODE@ +CXXFLAGS = @CXXFLAGS@ +CYGPATH_W = @CYGPATH_W@ +DEFS = @DEFS@ +DEPDIR = @DEPDIR@ +ECHO = @ECHO@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +EGREP = @EGREP@ +EXEEXT = @EXEEXT@ +F77 = @F77@ +FFLAGS = @FFLAGS@ +FO2PDF = @FO2PDF@ +GMSGFMT = @GMSGFMT@ +GMSGFMT_015 = @GMSGFMT_015@ +GREP = @GREP@ +HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@ +INSTALL = @INSTALL@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +INTLLIBS = @INTLLIBS@ +INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ +LDFLAGS = @LDFLAGS@ +LEX = @LEX@ +LEXLIB = @LEXLIB@ +LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ +LIBAUDIT = @LIBAUDIT@ +LIBCRACK = @LIBCRACK@ +LIBCRYPT = @LIBCRYPT@ +LIBDB = @LIBDB@ +LIBDL = @LIBDL@ +LIBICONV = @LIBICONV@ +LIBINTL = @LIBINTL@ +LIBNSL = @LIBNSL@ +LIBOBJS = @LIBOBJS@ +LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@ +LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@ +LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@ +LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@ +LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@ +LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@ +LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@ +LIBS = @LIBS@ +LIBSELINUX = @LIBSELINUX@ +LIBTOOL = @LIBTOOL@ +LN_S = @LN_S@ +LTLIBICONV = @LTLIBICONV@ +LTLIBINTL = @LTLIBINTL@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MKDIR_P = @MKDIR_P@ +MSGFMT = @MSGFMT@ +MSGFMT_015 = @MSGFMT_015@ +MSGMERGE = @MSGMERGE@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PIE_CFLAGS = @PIE_CFLAGS@ +PIE_LDFLAGS = @PIE_LDFLAGS@ +POSUB = @POSUB@ +RANLIB = @RANLIB@ +SCONFIGDIR = @SCONFIGDIR@ +SECUREDIR = @SECUREDIR@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +USE_NLS = @USE_NLS@ +VERSION = @VERSION@ +WITH_DEBUG = @WITH_DEBUG@ +WITH_PAMLOCKING = @WITH_PAMLOCKING@ +XGETTEXT = @XGETTEXT@ +XGETTEXT_015 = @XGETTEXT_015@ +XMLCATALOG = @XMLCATALOG@ +XMLLINT = @XMLLINT@ +XML_CATALOG_FILE = @XML_CATALOG_FILE@ +XSLTPROC = @XSLTPROC@ +YACC = @YACC@ +YFLAGS = @YFLAGS@ +abs_builddir = @abs_builddir@ +abs_srcdir = @abs_srcdir@ +abs_top_builddir = @abs_top_builddir@ +abs_top_srcdir = @abs_top_srcdir@ +ac_ct_CC = @ac_ct_CC@ +ac_ct_CXX = @ac_ct_CXX@ +ac_ct_F77 = @ac_ct_F77@ +am__include = @am__include@ +am__leading_dot = @am__leading_dot@ +am__quote = @am__quote@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build = @build@ +build_alias = @build_alias@ +build_cpu = @build_cpu@ +build_os = @build_os@ +build_vendor = @build_vendor@ +builddir = @builddir@ +datadir = @datadir@ +datarootdir = @datarootdir@ +docdir = @docdir@ +dvidir = @dvidir@ +exec_prefix = @exec_prefix@ +host = @host@ +host_alias = @host_alias@ +host_cpu = @host_cpu@ +host_os = @host_os@ +host_vendor = @host_vendor@ +htmldir = @htmldir@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libc_cv_fpie = @libc_cv_fpie@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localedir = @localedir@ +localstatedir = @localstatedir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +pam_cv_ld_as_needed = @pam_cv_ld_as_needed@ +pam_xauth_path = @pam_xauth_path@ +pdfdir = @pdfdir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +psdir = @psdir@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +srcdir = @srcdir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +top_builddir = @top_builddir@ +top_srcdir = @top_srcdir@ +CLEANFILES = *~ +EXTRA_DIST = README pam_env.conf $(MANS) $(XMLS) tst-pam_env environment +man_MANS = pam_env.conf.5 pam_env.8 +XMLS = README.xml pam_env.conf.5.xml pam_env.8.xml +securelibdir = $(SECUREDIR) +secureconfdir = $(SCONFIGDIR) +AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \ + -DDEFAULT_CONF_FILE=\"$(SCONFIGDIR)/pam_env.conf\" + +AM_LDFLAGS = -no-undefined -avoid-version -module \ + -L$(top_builddir)/libpam -lpam $(am__append_1) +securelib_LTLIBRARIES = pam_env.la +secureconf_DATA = pam_env.conf +sysconf_DATA = environment +@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README +TESTS = tst-pam_env +all: all-am + +.SUFFIXES: +.SUFFIXES: .c .lo .o .obj +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_env/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --gnu modules/pam_env/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES) + @$(NORMAL_INSTALL) + test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)" + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + if test -f $$p; then \ + f=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ + $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ + else :; fi; \ + done + +uninstall-securelibLTLIBRARIES: + @$(NORMAL_UNINSTALL) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + p=$(am__strip_dir) \ + echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ + $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ + done + +clean-securelibLTLIBRARIES: + -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES) + @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ + dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ + test "$$dir" != "$$p" || dir=.; \ + echo "rm -f \"$${dir}/so_locations\""; \ + rm -f "$${dir}/so_locations"; \ + done +pam_env.la: $(pam_env_la_OBJECTS) $(pam_env_la_DEPENDENCIES) + $(LINK) -rpath $(securelibdir) $(pam_env_la_OBJECTS) $(pam_env_la_LIBADD) $(LIBS) + +mostlyclean-compile: + -rm -f *.$(OBJEXT) + +distclean-compile: + -rm -f *.tab.c + +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_env.Plo@am__quote@ + +.c.o: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c $< + +.c.obj: +@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` + +.c.lo: +@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< +@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs +install-man5: $(man5_MANS) $(man_MANS) + @$(NORMAL_INSTALL) + test -z "$(man5dir)" || $(MKDIR_P) "$(DESTDIR)$(man5dir)" + @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ + l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ + for i in $$l2; do \ + case "$$i" in \ + *.5*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ + else file=$$i; fi; \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + case "$$ext" in \ + 5*) ;; \ + *) ext='5' ;; \ + esac; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man5dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man5dir)/$$inst"; \ + done +uninstall-man5: + @$(NORMAL_UNINSTALL) + @list='$(man5_MANS) $(dist_man5_MANS) $(nodist_man5_MANS)'; \ + l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ + for i in $$l2; do \ + case "$$i" in \ + *.5*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + case "$$ext" in \ + 5*) ;; \ + *) ext='5' ;; \ + esac; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " rm -f '$(DESTDIR)$(man5dir)/$$inst'"; \ + rm -f "$(DESTDIR)$(man5dir)/$$inst"; \ + done +install-man8: $(man8_MANS) $(man_MANS) + @$(NORMAL_INSTALL) + test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" + @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ + l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ + for i in $$l2; do \ + case "$$i" in \ + *.8*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ + else file=$$i; fi; \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + case "$$ext" in \ + 8*) ;; \ + *) ext='8' ;; \ + esac; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ + $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ + done +uninstall-man8: + @$(NORMAL_UNINSTALL) + @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ + l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ + for i in $$l2; do \ + case "$$i" in \ + *.8*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + case "$$ext" in \ + 8*) ;; \ + *) ext='8' ;; \ + esac; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ + rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ + done +install-secureconfDATA: $(secureconf_DATA) + @$(NORMAL_INSTALL) + test -z "$(secureconfdir)" || $(MKDIR_P) "$(DESTDIR)$(secureconfdir)" + @list='$(secureconf_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(secureconfDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(secureconfdir)/$$f'"; \ + $(secureconfDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(secureconfdir)/$$f"; \ + done + +uninstall-secureconfDATA: + @$(NORMAL_UNINSTALL) + @list='$(secureconf_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(secureconfdir)/$$f'"; \ + rm -f "$(DESTDIR)$(secureconfdir)/$$f"; \ + done +install-sysconfDATA: $(sysconf_DATA) + @$(NORMAL_INSTALL) + test -z "$(sysconfdir)" || $(MKDIR_P) "$(DESTDIR)$(sysconfdir)" + @list='$(sysconf_DATA)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + f=$(am__strip_dir) \ + echo " $(sysconfDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(sysconfdir)/$$f'"; \ + $(sysconfDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(sysconfdir)/$$f"; \ + done + +uninstall-sysconfDATA: + @$(NORMAL_UNINSTALL) + @list='$(sysconf_DATA)'; for p in $$list; do \ + f=$(am__strip_dir) \ + echo " rm -f '$(DESTDIR)$(sysconfdir)/$$f'"; \ + rm -f "$(DESTDIR)$(sysconfdir)/$$f"; \ + done + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + mkid -fID $$unique +tags: TAGS + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + test -n "$$unique" || unique=$$empty_fix; \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$tags $$unique; \ + fi +ctags: CTAGS +CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(CTAGS_ARGS)$$tags$$unique" \ + || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ + $$tags $$unique + +GTAGS: + here=`$(am__cd) $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) $$here + +distclean-tags: + -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + +check-TESTS: $(TESTS) + @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ + srcdir=$(srcdir); export srcdir; \ + list=' $(TESTS) '; \ + if test -n "$$list"; then \ + for tst in $$list; do \ + if test -f ./$$tst; then dir=./; \ + elif test -f $$tst; then dir=; \ + else dir="$(srcdir)/"; fi; \ + if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *$$ws$$tst$$ws*) \ + xpass=`expr $$xpass + 1`; \ + failed=`expr $$failed + 1`; \ + echo "XPASS: $$tst"; \ + ;; \ + *) \ + echo "PASS: $$tst"; \ + ;; \ + esac; \ + elif test $$? -ne 77; then \ + all=`expr $$all + 1`; \ + case " $(XFAIL_TESTS) " in \ + *$$ws$$tst$$ws*) \ + xfail=`expr $$xfail + 1`; \ + echo "XFAIL: $$tst"; \ + ;; \ + *) \ + failed=`expr $$failed + 1`; \ + echo "FAIL: $$tst"; \ + ;; \ + esac; \ + else \ + skip=`expr $$skip + 1`; \ + echo "SKIP: $$tst"; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + if test "$$xfail" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ + fi; \ + else \ + if test "$$xpass" -eq 0; then \ + banner="$$failed of $$all tests failed"; \ + else \ + banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ + fi; \ + fi; \ + dashes="$$banner"; \ + skipped=""; \ + if test "$$skip" -ne 0; then \ + skipped="($$skip tests were not run)"; \ + test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ + dashes="$$skipped"; \ + fi; \ + report=""; \ + if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ + report="Please report to $(PACKAGE_BUGREPORT)"; \ + test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ + dashes="$$report"; \ + fi; \ + dashes=`echo "$$dashes" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + test -z "$$skipped" || echo "$$skipped"; \ + test -z "$$report" || echo "$$report"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + else :; fi + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ + list='$(DISTFILES)'; \ + dist_files=`for file in $$list; do echo $$file; done | \ + sed -e "s|^$$srcdirstrip/||;t" \ + -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ + case $$dist_files in \ + */*) $(MKDIR_P) `echo "$$dist_files" | \ + sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ + sort -u` ;; \ + esac; \ + for file in $$dist_files; do \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + if test -d $$d/$$file; then \ + dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-TESTS +check: check-am +all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA) +installdirs: + for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man5dir)" "$(DESTDIR)$(man8dir)" "$(DESTDIR)$(secureconfdir)" "$(DESTDIR)$(sysconfdir)"; do \ + test -z "$$dir" || $(MKDIR_P) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \ + mostlyclean-am + +distclean: distclean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +distclean-am: clean-am distclean-compile distclean-generic \ + distclean-tags + +dvi: dvi-am + +dvi-am: + +html: html-am + +info: info-am + +info-am: + +install-data-am: install-man install-secureconfDATA \ + install-securelibLTLIBRARIES + +install-dvi: install-dvi-am + +install-exec-am: install-sysconfDATA + +install-html: install-html-am + +install-info: install-info-am + +install-man: install-man5 install-man8 + +install-pdf: install-pdf-am + +install-ps: install-ps-am + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -rf ./$(DEPDIR) + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-man uninstall-secureconfDATA \ + uninstall-securelibLTLIBRARIES uninstall-sysconfDATA + +uninstall-man: uninstall-man5 uninstall-man8 + +.MAKE: install-am install-strip + +.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \ + clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \ + distclean distclean-compile distclean-generic \ + distclean-libtool distclean-tags distdir dvi dvi-am html \ + html-am info info-am install install-am install-data \ + install-data-am install-dvi install-dvi-am install-exec \ + install-exec-am install-html install-html-am install-info \ + install-info-am install-man install-man5 install-man8 \ + install-pdf install-pdf-am install-ps install-ps-am \ + install-secureconfDATA install-securelibLTLIBRARIES \ + install-strip install-sysconfDATA installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-compile mostlyclean-generic \ + mostlyclean-libtool pdf pdf-am ps ps-am tags uninstall \ + uninstall-am uninstall-man uninstall-man5 uninstall-man8 \ + uninstall-secureconfDATA uninstall-securelibLTLIBRARIES \ + uninstall-sysconfDATA + +@ENABLE_REGENERATE_MAN_TRUE@README: pam_env.8.xml pam_env.conf.5.xml +@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/Linux-PAM/modules/pam_env/README b/Linux-PAM/modules/pam_env/README index 5053618a..81c63154 100644 --- a/Linux-PAM/modules/pam_env/README +++ b/Linux-PAM/modules/pam_env/README @@ -1,72 +1,74 @@ -# $Date: 2000/06/20 22:11:33 $ -# $Author: agmorgan $ -# $Id: README,v 1.1.1.1 2000/06/20 22:11:33 agmorgan Exp $ -# -# This is the configuration file for pam_env, a PAM module to load in -# a configurable list of environment variables for a -# -# The original idea for this came from Andrew G. Morgan ... -#<quote> -# Mmm. Perhaps you might like to write a pam_env module that reads a -# default environment from a file? I can see that as REALLY -# useful... Note it would be an "auth" module that returns PAM_IGNORE -# for the auth part and sets the environment returning PAM_SUCCESS in -# the setcred function... -#</quote> -# -# What I wanted was the REMOTEHOST variable set, purely for selfish -# reasons, and AGM didn't want it added to the SimpleApps login -# program (which is where I added the patch). So, my first concern is -# that variable, from there there are numerous others that might/would -# be useful to be set: NNTPSERVER, LESS, PATH, PAGER, MANPAGER ..... -# -# Of course, these are a different kind of variable than REMOTEHOST in -# that they are things that are likely to be configured by -# administrators rather than set by logging in, how to treat them both -# in the same config file? -# -# Here is my idea: -# -# Each line starts with the variable name, there are then two possible -# options for each variable DEFAULT and OVERRIDE. -# DEFAULT allows and administrator to set the value of the -# variable to some default value, if none is supplied then the empty -# string is assumed. The OVERRIDE option tells pam_env that it should -# enter in its value (overriding the default value) if there is one -# to use. OVERRIDE is not used, "" is assumed and no override will be -# done. -# -# VARIABLE [DEFAULT=[value]] [OVERRIDE=[value]] -# -# (Possibly non-existent) environment variables may be used in values -# using the ${string} syntax and (possibly non-existent) PAM_ITEMs may -# be used in values using the @{string} syntax. Both the $ and @ -# characters can be backslash escaped to be used as literal values -# values can be delimited with "", escaped " not supported. -# -# -# First, some special variables -# -# Set the REMOTEHOST variable for any hosts that are remote, default -# to "localhost" rather than not being set at all -REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST} -# -# Set the DISPLAY variable if it seems reasonable -DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY} -# -# -# Now some simple variables -# -PAGER DEFAULT=less -MANPAGER DEFAULT=less -LESS DEFAULT="M q e h15 z23 b80" -NNTPSERVER DEFAULT=localhost -PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\ -:/usr/bin:/usr/local/bin/X11:/usr/bin/X11 -# -# silly examples of escaped variables, just to show how they work. -# -DOLLAR DEFAULT=\$ -DOLLARDOLLAR DEFAULT= OVERRIDE=\$${DOLLAR} -DOLLARPLUS DEFAULT=\${REMOTEHOST}${REMOTEHOST} -ATSIGN DEFAULT="" OVERRIDE=\@ +pam_env — PAM module to set/unset environment variables + +━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + +DESCRIPTION + +The pam_env PAM module allows the (un)setting of environment variables. +Supported is the use of previously set environment variables as well as +PAM_ITEMs such as PAM_RHOST. + +By default rules for (un)setting of variables is taken from the config file / +etc/security/pam_env.conf if no other file is specified. + +This module can also parse a file with simple KEY=VAL pairs on seperate lines +(/etc/environment by default). You can change the default file to parse, with +the envfile flag and turn it on or off by setting the readenv flag to 1 or 0 +respectively. + +OPTIONS + +conffile=/path/to/pam_env.conf + + Indicate an alternative pam_env.conf style configuration file to override + the default. This can be useful when different services need different + environments. + +debug + + A lot of debug informations are printed with syslog(3). + +envfile=/path/to/environment + + Indicate an alternative environment file to override the default. This can + be useful when different services need different environments. + +readenv=0|1 + + Turns on or off the reading of the file specified by envfile (0 is off, 1 + is on). By default this option is on. + +EXAMPLES + +These are some example lines which might be specified in /etc/security/ +pam_env.conf. + +Set the REMOTEHOST variable for any hosts that are remote, default to +"localhost" rather than not being set at all + + REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST} + + +Set the DISPLAY variable if it seems reasonable + + DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY} + + +Now some simple variables + + PAGER DEFAULT=less + MANPAGER DEFAULT=less + LESS DEFAULT="M q e h15 z23 b80" + NNTPSERVER DEFAULT=localhost + PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\ + :/usr/bin:/usr/local/bin/X11:/usr/bin/X11 + + +Silly examples of escaped variables, just to show how they work. + + DOLLAR DEFAULT=\$ + DOLLARDOLLAR DEFAULT= OVERRIDE=\$${DOLLAR} + DOLLARPLUS DEFAULT=\${REMOTEHOST}${REMOTEHOST} + ATSIGN DEFAULT="" OVERRIDE=\@ + + diff --git a/Linux-PAM/modules/pam_env/README.xml b/Linux-PAM/modules/pam_env/README.xml new file mode 100644 index 00000000..21a9b855 --- /dev/null +++ b/Linux-PAM/modules/pam_env/README.xml @@ -0,0 +1,39 @@ +<?xml version="1.0" encoding='UTF-8'?> +<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" +"http://www.docbook.org/xml/4.3/docbookx.dtd" +[ +<!-- +<!ENTITY pamaccess SYSTEM "pam_env.8.xml"> +--> +<!-- +<!ENTITY accessconf SYSTEM "pam_env.conf.5.xml"> +--> +]> + +<article> + + <articleinfo> + + <title> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_env.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_env-name"]/*)'/> + </title> + + </articleinfo> + + <section> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_env.8.xml" xpointer='xpointer(//refsect1[@id = "pam_env-description"]/*)'/> + </section> + + <section> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_env.8.xml" xpointer='xpointer(//refsect1[@id = "pam_env-options"]/*)'/> + </section> + + <section> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" + href="pam_env.conf.5.xml" xpointer='xpointer(//refsect1[@id = "pam_env.conf-examples"]/*)'/> + </section> + +</article> diff --git a/Linux-PAM/modules/pam_env/environment b/Linux-PAM/modules/pam_env/environment new file mode 100644 index 00000000..f46b8d94 --- /dev/null +++ b/Linux-PAM/modules/pam_env/environment @@ -0,0 +1,5 @@ +# +# This file is parsed by pam_env module +# +# Syntax: simple "KEY=VAL" pairs on seperate lines +# diff --git a/Linux-PAM/modules/pam_env/pam_env.8 b/Linux-PAM/modules/pam_env/pam_env.8 new file mode 100644 index 00000000..e7746de3 --- /dev/null +++ b/Linux-PAM/modules/pam_env/pam_env.8 @@ -0,0 +1,89 @@ +.\" Title: pam_env +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Date: 06/21/2006 +.\" Manual: Linux\-PAM Manual +.\" Source: Linux\-PAM Manual +.\" +.TH "PAM_ENV" "8" "06/21/2006" "Linux\-PAM Manual" "Linux\-PAM Manual" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +pam_env \- PAM module to set/unset environment variables +.SH "SYNOPSIS" +.HP 11 +\fBpam_env.so\fR [debug] [conffile=\fIconf\-file\fR] [envfile=\fIenv\-file\fR] [readenv=\fI0|1\fR] +.SH "DESCRIPTION" +.PP +The pam_env PAM module allows the (un)setting of environment variables. Supported is the use of previously set environment variables as well as +\fIPAM_ITEM\fRs such as +\fIPAM_RHOST\fR. +.PP +By default rules for (un)setting of variables is taken from the config file +\fI/etc/security/pam_env.conf\fR +if no other file is specified. +.PP +This module can also parse a file with simple +\fIKEY=VAL\fR +pairs on seperate lines (\fI/etc/environment\fR +by default). You can change the default file to parse, with the +\fIenvfile\fR +flag and turn it on or off by setting the +\fIreadenv\fR +flag to 1 or 0 respectively. +.SH "OPTIONS" +.TP 3n +\fBconffile=\fR\fB\fI/path/to/pam_env.conf\fR\fR +Indicate an alternative +\fIpam_env.conf\fR +style configuration file to override the default. This can be useful when different services need different environments. +.TP 3n +\fBdebug\fR +A lot of debug informations are printed with +\fBsyslog\fR(3). +.TP 3n +\fBenvfile=\fR\fB\fI/path/to/environment\fR\fR +Indicate an alternative +\fIenvironment\fR +file to override the default. This can be useful when different services need different environments. +.TP 3n +\fBreadenv=\fR\fB\fI0|1\fR\fR +Turns on or off the reading of the file specified by envfile (0 is off, 1 is on). By default this option is on. +.SH "MODULE SERVICES PROVIDED" +.PP +The +\fBauth\fR +and +\fBsession\fR +services are supported. +.SH "RETURN VALUES" +.TP 3n +PAM_ABORT +Not all relevant data or options could be gotten. +.TP 3n +PAM_BUF_ERR +Memory buffer error. +.TP 3n +PAM_IGNORE +No pam_env.conf and environment file was found. +.TP 3n +PAM_SUCCESS +Environment variables were set. +.SH "FILES" +.TP 3n +\fI/etc/security/pam_env.conf\fR +Default configuration file +.TP 3n +\fI/etc/environment\fR +Default environment file +.SH "SEE ALSO" +.PP + +\fBpam_env.conf\fR(5), +\fBpam.d\fR(8), +\fBpam\fR(8). +.SH "AUTHOR" +.PP +pam_env was written by Dave Kinchlea <kinch@kinch.ark.com>. diff --git a/Linux-PAM/modules/pam_env/pam_env.8.xml b/Linux-PAM/modules/pam_env/pam_env.8.xml new file mode 100644 index 00000000..731c20b2 --- /dev/null +++ b/Linux-PAM/modules/pam_env/pam_env.8.xml @@ -0,0 +1,206 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN" + "http://www.oasis-open.org/docbook/xml/4.1.2/docbookx.dtd"> + +<refentry id='pam_env'> + + <refmeta> + <refentrytitle>pam_env</refentrytitle> + <manvolnum>8</manvolnum> + <refmiscinfo class='setdesc'>Linux-PAM Manual</refmiscinfo> + </refmeta> + + <refnamediv id='pam_env-name'> + <refname>pam_env</refname> + <refpurpose> + PAM module to set/unset environment variables + </refpurpose> + </refnamediv> + +<!-- body begins here --> + + <refsynopsisdiv> + <cmdsynopsis id="pam_env-cmdsynopsis"> + <command>pam_env.so</command> + <arg choice="opt"> + debug + </arg> + <arg choice="opt"> + conffile=<replaceable>conf-file</replaceable> + </arg> + <arg choice="opt"> + envfile=<replaceable>env-file</replaceable> + </arg> + <arg choice="opt"> + readenv=<replaceable>0|1</replaceable> + </arg> + </cmdsynopsis> + </refsynopsisdiv> + + + <refsect1 id="pam_env-description"> + <title>DESCRIPTION</title> + <para> + The pam_env PAM module allows the (un)setting of environment + variables. Supported is the use of previously set environment + variables as well as <emphasis>PAM_ITEM</emphasis>s such as + <emphasis>PAM_RHOST</emphasis>. + </para> + <para> + By default rules for (un)setting of variables is taken from the + config file <filename>/etc/security/pam_env.conf</filename> if + no other file is specified. + </para> + <para> + This module can also parse a file with simple + <emphasis>KEY=VAL</emphasis> pairs on seperate lines + (<filename>/etc/environment</filename> by default). You can + change the default file to parse, with the <emphasis>envfile</emphasis> + flag and turn it on or off by setting the <emphasis>readenv</emphasis> + flag to 1 or 0 respectively. + </para> + </refsect1> + + <refsect1 id="pam_env-options"> + <title>OPTIONS</title> + <variablelist> + + <varlistentry> + <term> + <option>conffile=<replaceable>/path/to/pam_env.conf</replaceable></option> + </term> + <listitem> + <para> + Indicate an alternative <filename>pam_env.conf</filename> + style configuration file to override the default. This can + be useful when different services need different environments. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term> + <option>debug</option> + </term> + <listitem> + <para> + A lot of debug informations are printed with + <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term> + <option>envfile=<replaceable>/path/to/environment</replaceable></option> + </term> + <listitem> + <para> + Indicate an alternative <filename>environment</filename> + file to override the default. This can be useful when different + services need different environments. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term> + <option>readenv=<replaceable>0|1</replaceable></option> + </term> + <listitem> + <para> + Turns on or off the reading of the file specified by envfile + (0 is off, 1 is on). By default this option is on. + </para> + </listitem> + </varlistentry> + + </variablelist> + </refsect1> + + <refsect1 id="pam_env-services"> + <title>MODULE SERVICES PROVIDED</title> + <para> + The <option>auth</option> and <option>session</option> services + are supported. + </para> + </refsect1> + + <refsect1 id="pam_env-return_values"> + <title>RETURN VALUES</title> + <variablelist> + <varlistentry> + <term>PAM_ABORT</term> + <listitem> + <para> + Not all relevant data or options could be gotten. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>PAM_BUF_ERR</term> + <listitem> + <para> + Memory buffer error. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>PAM_IGNORE</term> + <listitem> + <para> + No pam_env.conf and environment file was found. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term>PAM_SUCCESS</term> + <listitem> + <para> + Environment variables were set. + </para> + </listitem> + </varlistentry> + </variablelist> + </refsect1> + + <refsect1 id="pam_env-files"> + <title>FILES</title> + <variablelist> + <varlistentry> + <term><filename>/etc/security/pam_env.conf</filename></term> + <listitem> + <para>Default configuration file</para> + </listitem> + </varlistentry> + <varlistentry> + <term><filename>/etc/environment</filename></term> + <listitem> + <para>Default environment file</para> + </listitem> + </varlistentry> + </variablelist> + </refsect1> + + <refsect1 id="pam_env-see_also"> + <title>SEE ALSO</title> + <para> + <citerefentry> + <refentrytitle>pam_env.conf</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum> + </citerefentry>. + </para> + </refsect1> + + <refsect1 id="pam_env-authors"> + <title>AUTHOR</title> + <para> + pam_env was written by Dave Kinchlea <kinch@kinch.ark.com>. + </para> + </refsect1> +</refentry> diff --git a/Linux-PAM/modules/pam_env/pam_env.c b/Linux-PAM/modules/pam_env/pam_env.c index a3cf7684..1a41833c 100644 --- a/Linux-PAM/modules/pam_env/pam_env.c +++ b/Linux-PAM/modules/pam_env/pam_env.c @@ -1,21 +1,17 @@ -/* pam_mail module */ +/* pam_env module */ /* - * $Id: pam_env.c,v 1.5 2004/09/15 12:06:17 kukuk Exp $ + * $Id: pam_env.c,v 1.13 2005/12/12 14:45:00 ldv Exp $ * * Written by Dave Kinchlea <kinch@kinch.ark.com> 1997/01/31 - * Inspired by Andrew Morgan <morgan@kernel.org>, who also supplied the + * Inspired by Andrew Morgan <morgan@kernel.org>, who also supplied the * template for this file (via pam_mail) */ -#ifndef DEFAULT_CONF_FILE -#define DEFAULT_CONF_FILE "/etc/security/pam_env.conf" -#endif - #define DEFAULT_ETC_ENVFILE "/etc/environment" -#define DEFAULT_READ_ENVFILE 0 +#define DEFAULT_READ_ENVFILE 1 -#include <security/_pam_aconf.h> +#include "config.h" #include <ctype.h> #include <errno.h> @@ -43,6 +39,7 @@ #include <security/pam_modules.h> #include <security/_pam_macros.h> +#include <security/pam_ext.h> /* This little structure makes it easier to keep variables together */ @@ -59,34 +56,21 @@ typedef struct var { #define GOOD_LINE 0 #define BAD_LINE 100 /* This must be > the largest PAM_* error code */ -#define DEFINE_VAR 101 +#define DEFINE_VAR 101 #define UNDEFINE_VAR 102 #define ILLEGAL_VAR 103 static int _assemble_line(FILE *, char *, int); -static int _parse_line(char *, VAR *); +static int _parse_line(const pam_handle_t *, char *, VAR *); static int _check_var(pam_handle_t *, VAR *); /* This is the real meat */ -static void _clean_var(VAR *); +static void _clean_var(VAR *); static int _expand_arg(pam_handle_t *, char **); static const char * _pam_get_item_byname(pam_handle_t *, const char *); static int _define_var(pam_handle_t *, VAR *); static int _undefine_var(pam_handle_t *, VAR *); /* This is a flag used to designate an empty string */ -static char quote='Z'; - -/* some syslogging */ - -static void _log_err(int err, const char *format, ...) -{ - va_list args; - - va_start(args, format); - openlog("PAM-env", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(err, format, args); - va_end(args); - closelog(); -} +static char quote='Z'; /* argument parsing */ @@ -95,8 +79,9 @@ static void _log_err(int err, const char *format, ...) #define PAM_ENV_SILENT 0x04 #define PAM_NEW_ENV_FILE 0x10 -static int _pam_parse(int flags, int argc, const char **argv, char **conffile, - char **envfile, int *readenv) +static int +_pam_parse (const pam_handle_t *pamh, int argc, const char **argv, + const char **conffile, const char **envfile, int *readenv) { int ctrl=0; @@ -109,59 +94,59 @@ static int _pam_parse(int flags, int argc, const char **argv, char **conffile, if (!strcmp(*argv,"debug")) ctrl |= PAM_DEBUG_ARG; else if (!strncmp(*argv,"conffile=",9)) { - *conffile = x_strdup(9+*argv); - if (*conffile != NULL) { + *conffile = 9 + *argv; + if (**conffile != '\0') { D(("new Configuration File: %s", *conffile)); ctrl |= PAM_NEW_CONF_FILE; } else { - _log_err(LOG_CRIT, - "Configuration file specification missing argument - ignored"); + pam_syslog(pamh, LOG_ERR, + "conffile= specification missing argument - ignored"); } } else if (!strncmp(*argv,"envfile=",8)) { - *envfile = x_strdup(8+*argv); - if (*envfile != NULL) { + *envfile = 8 + *argv; + if (**envfile != '\0') { D(("new Env File: %s", *envfile)); ctrl |= PAM_NEW_ENV_FILE; } else { - _log_err(LOG_CRIT, - "Env file specification missing argument - ignored"); + pam_syslog (pamh, LOG_ERR, + "envfile= specification missing argument - ignored"); } } else if (!strncmp(*argv,"readenv=",8)) *readenv = atoi(8+*argv); else - _log_err(LOG_ERR,"pam_parse: unknown option; %s",*argv); + pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv); } return ctrl; } -static int _parse_config_file(pam_handle_t *pamh, int ctrl, char **conffile) +static int +_parse_config_file(pam_handle_t *pamh, int ctrl, const char *conffile) { int retval; const char *file; char buffer[BUF_SIZE]; FILE *conf; - VAR Var, *var=&Var; + VAR Var, *var=&Var; var->name=NULL; var->defval=NULL; var->override=NULL; D(("Called.")); if (ctrl & PAM_NEW_CONF_FILE) { - file = *conffile; + file = conffile; } else { file = DEFAULT_CONF_FILE; } D(("Config file name is: %s", file)); - /* - * Lets try to open the config file, parse it and process + /* + * Lets try to open the config file, parse it and process * any variables found. */ if ((conf = fopen(file,"r")) == NULL) { - _log_err(LOG_ERR, "Unable to open config file: %s", - strerror(errno)); + pam_syslog(pamh, LOG_ERR, "Unable to open config file: %s: %m", file); return PAM_IGNORE; } @@ -172,36 +157,34 @@ static int _parse_config_file(pam_handle_t *pamh, int ctrl, char **conffile) while (( retval = _assemble_line(conf, buffer, BUF_SIZE)) > 0) { D(("Read line: %s", buffer)); - if ((retval = _parse_line(buffer, var)) == GOOD_LINE) { + if ((retval = _parse_line(pamh, buffer, var)) == GOOD_LINE) { retval = _check_var(pamh, var); if (DEFINE_VAR == retval) { - retval = _define_var(pamh, var); + retval = _define_var(pamh, var); } else if (UNDEFINE_VAR == retval) { - retval = _undefine_var(pamh, var); - } - } - if (PAM_SUCCESS != retval && ILLEGAL_VAR != retval + retval = _undefine_var(pamh, var); + } + } + if (PAM_SUCCESS != retval && ILLEGAL_VAR != retval && BAD_LINE != retval && PAM_BAD_ITEM != retval) break; - - _clean_var(var); + + _clean_var(var); } /* while */ - + (void) fclose(conf); /* tidy up */ _clean_var(var); /* We could have got here prematurely, * this is safe though */ - _pam_overwrite(*conffile); - _pam_drop(*conffile); - file = NULL; D(("Exit.")); return (retval != 0 ? PAM_ABORT : PAM_SUCCESS); } -static int _parse_env_file(pam_handle_t *pamh, int ctrl, char **env_file) +static int +_parse_env_file(pam_handle_t *pamh, int ctrl, const char *env_file) { int retval=PAM_SUCCESS, i, t; const char *file; @@ -209,15 +192,15 @@ static int _parse_env_file(pam_handle_t *pamh, int ctrl, char **env_file) FILE *conf; if (ctrl & PAM_NEW_ENV_FILE) - file = *env_file; + file = env_file; else file = DEFAULT_ETC_ENVFILE; D(("Env file name is: %s", file)); if ((conf = fopen(file,"r")) == NULL) { - D(("Unable to open env file: %s", strerror(errno))); - return PAM_ABORT; + pam_syslog(pamh, LOG_ERR, "Unable to open env file: %s: %m", file); + return PAM_IGNORE; } while (_assemble_line(conf, buffer, BUF_SIZE) > 0) { @@ -272,15 +255,12 @@ static int _parse_env_file(pam_handle_t *pamh, int ctrl, char **env_file) break; } } - + (void) fclose(conf); /* tidy up */ - _pam_overwrite(*env_file); - _pam_drop(*env_file); - file = NULL; D(("Exit.")); - return (retval != 0 ? PAM_IGNORE : PAM_SUCCESS); + return retval; } /* @@ -365,43 +345,44 @@ static int _assemble_line(FILE *f, char *buffer, int buf_len) return used; } -static int _parse_line(char *buffer, VAR *var) +static int +_parse_line (const pam_handle_t *pamh, char *buffer, VAR *var) { - /* - * parse buffer into var, legal syntax is + /* + * parse buffer into var, legal syntax is * VARIABLE [DEFAULT=[[string]] [OVERRIDE=[value]] * - * Any other options defined make this a bad line, + * Any other options defined make this a bad line, * error logged and no var set */ - + int length, quoteflg=0; - char *ptr, **valptr, *tmpptr; - + char *ptr, **valptr, *tmpptr; + D(("Called buffer = <%s>", buffer)); length = strcspn(buffer," \t\n"); - + if ((var->name = malloc(length + 1)) == NULL) { - _log_err(LOG_ERR, "Couldn't malloc %d bytes", length+1); + pam_syslog(pamh, LOG_ERR, "Couldn't malloc %d bytes", length+1); return PAM_BUF_ERR; } - - /* - * The first thing on the line HAS to be the variable name, + + /* + * The first thing on the line HAS to be the variable name, * it may be the only thing though. */ strncpy(var->name, buffer, length); var->name[length] = '\0'; D(("var->name = <%s>, length = %d", var->name, length)); - /* + /* * Now we check for arguments, we only support two kinds and ('cause I am lazy) * each one can actually be listed any number of times */ - + ptr = buffer+length; - while ((length = strspn(ptr, " \t")) > 0) { + while ((length = strspn(ptr, " \t")) > 0) { ptr += length; /* remove leading whitespace */ D((ptr)); if (strncmp(ptr,"DEFAULT=",8) == 0) { @@ -414,24 +395,24 @@ static int _parse_line(char *buffer, VAR *var) valptr=&(var->override); } else { D(("Unrecognized options: <%s> - ignoring line", ptr)); - _log_err(LOG_ERR, "Unrecognized Option: %s - ignoring line", ptr); + pam_syslog(pamh, LOG_ERR, "Unrecognized Option: %s - ignoring line", ptr); return BAD_LINE; } - + if ('"' != *ptr) { /* Escaped quotes not supported */ length = strcspn(ptr, " \t\n"); tmpptr = ptr+length; } else { - tmpptr = strchr(++ptr, '"'); + tmpptr = strchr(++ptr, '"'); if (!tmpptr) { D(("Unterminated quoted string: %s", ptr-1)); - _log_err(LOG_ERR, "Unterminated quoted string: %s", ptr-1); + pam_syslog(pamh, LOG_ERR, "Unterminated quoted string: %s", ptr-1); return BAD_LINE; } - length = tmpptr - ptr; + length = tmpptr - ptr; if (*++tmpptr && ' ' != *tmpptr && '\t' != *tmpptr && '\n' != *tmpptr) { D(("Quotes must cover the entire string: <%s>", ptr)); - _log_err(LOG_ERR, "Quotes must cover the entire string: <%s>", ptr); + pam_syslog(pamh, LOG_ERR, "Quotes must cover the entire string: <%s>", ptr); return BAD_LINE; } quoteflg++; @@ -439,7 +420,7 @@ static int _parse_line(char *buffer, VAR *var) if (length) { if ((*valptr = malloc(length + 1)) == NULL) { D(("Couldn't malloc %d bytes", length+1)); - _log_err(LOG_ERR, "Couldn't malloc %d bytes", length+1); + pam_syslog(pamh, LOG_ERR, "Couldn't malloc %d bytes", length+1); return PAM_BUF_ERR; } (void)strncpy(*valptr,ptr,length); @@ -449,11 +430,11 @@ static int _parse_line(char *buffer, VAR *var) } ptr = tmpptr; /* Start the search where we stopped */ } /* while */ - - /* + + /* * The line is parsed, all is well. */ - + D(("Exit.")); ptr = NULL; tmpptr = NULL; valptr = NULL; return GOOD_LINE; @@ -461,16 +442,16 @@ static int _parse_line(char *buffer, VAR *var) static int _check_var(pam_handle_t *pamh, VAR *var) { - /* - * Examine the variable and determine what action to take. + /* + * Examine the variable and determine what action to take. * Returns DEFINE_VAR, UNDEFINE_VAR depending on action to take * or a PAM_* error code if passed back from other routines * * if no DEFAULT provided, the empty string is assumed * if no OVERRIDE provided, the empty string is assumed - * if DEFAULT= and OVERRIDE evaluates to the empty string, + * if DEFAULT= and OVERRIDE evaluates to the empty string, * this variable should be undefined - * if DEFAULT="" and OVERRIDE evaluates to the empty string, + * if DEFAULT="" and OVERRIDE evaluates to the empty string, * this variable should be defined with no value * if OVERRIDE=value and value turns into the empty string, DEFAULT is used * @@ -498,18 +479,18 @@ static int _check_var(pam_handle_t *pamh, VAR *var) } /* Now its easy */ - - if (var->override && *(var->override) && "e != var->override) { + + if (var->override && *(var->override) && "e != var->override) { /* if there is a non-empty string in var->override, we use it */ D(("OVERRIDE variable <%s> being used: <%s>", var->name, var->override)); var->value = var->override; retval = DEFINE_VAR; } else { - + var->value = var->defval; if ("e == var->defval) { - /* - * This means that the empty string was given for defval value + /* + * This means that the empty string was given for defval value * which indicates that a variable should be defined with no value */ *var->defval = '\0'; @@ -531,12 +512,12 @@ static int _check_var(pam_handle_t *pamh, VAR *var) static int _expand_arg(pam_handle_t *pamh, char **value) { const char *orig=*value, *tmpptr=NULL; - char *ptr; /* - * Sure would be nice to use tmpptr but it needs to be + char *ptr; /* + * Sure would be nice to use tmpptr but it needs to be * a constant so that the compiler will shut up when I * call pam_getenv and _pam_get_item_byname -- sigh */ - + /* No unexpanded variable can be bigger than BUF_SIZE */ char type, tmpval[BUF_SIZE]; @@ -546,11 +527,11 @@ static int _expand_arg(pam_handle_t *pamh, char **value) D(("Remember to initialize tmp!")); memset(tmp, 0, MAX_ENV); - /* + /* * (possibly non-existent) environment variables can be used as values * by prepending a "$" and wrapping in {} (ie: ${HOST}), can escape with "\" - * (possibly non-existent) PAM items can be used as values - * by prepending a "@" and wrapping in {} (ie: @{PAM_RHOST}, can escape + * (possibly non-existent) PAM items can be used as values + * by prepending a "@" and wrapping in {} (ie: @{PAM_RHOST}, can escape * */ D(("Expanding <%s>",orig)); @@ -559,23 +540,24 @@ static int _expand_arg(pam_handle_t *pamh, char **value) ++orig; if ('$' != *orig && '@' != *orig) { D(("Unrecognized escaped character: <%c> - ignoring", *orig)); - _log_err(LOG_ERR, "Unrecognized escaped character: <%c> - ignoring", - *orig); + pam_syslog(pamh, LOG_ERR, + "Unrecognized escaped character: <%c> - ignoring", + *orig); } else if ((strlen(tmp) + 1) < MAX_ENV) { tmp[strlen(tmp)] = *orig++; /* Note the increment */ } else { /* is it really a good idea to try to log this? */ D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); - _log_err(LOG_ERR, "Variable buffer overflow: <%s> + <%s>", + pam_syslog (pamh, LOG_ERR, "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr); } continue; - } + } if ('$' == *orig || '@' == *orig) { if ('{' != *(orig+1)) { D(("Expandable variables must be wrapped in {}" " <%s> - ignoring", orig)); - _log_err(LOG_ERR, "Expandable variables must be wrapped in {}" + pam_syslog(pamh, LOG_ERR, "Expandable variables must be wrapped in {}" " <%s> - ignoring", orig); if ((strlen(tmp) + 1) < MAX_ENV) { tmp[strlen(tmp)] = *orig++; /* Note the increment */ @@ -586,28 +568,29 @@ static int _expand_arg(pam_handle_t *pamh, char **value) type = *orig; orig+=2; /* skip the ${ or @{ characters */ ptr = strchr(orig, '}'); - if (ptr) { + if (ptr) { *ptr++ = '\0'; } else { D(("Unterminated expandable variable: <%s>", orig-2)); - _log_err(LOG_ERR, "Unterminated expandable variable: <%s>", orig-2); + pam_syslog(pamh, LOG_ERR, + "Unterminated expandable variable: <%s>", orig-2); return PAM_ABORT; } strncpy(tmpval, orig, sizeof(tmpval)); tmpval[sizeof(tmpval)-1] = '\0'; orig=ptr; - /* - * so, we know we need to expand tmpval, it is either + /* + * so, we know we need to expand tmpval, it is either * an environment variable or a PAM_ITEM. type will tell us which */ switch (type) { - + case '$': D(("Expanding env var: <%s>",tmpval)); tmpptr = pam_getenv(pamh, tmpval); D(("Expanded to <%s>", tmpptr)); break; - + case '@': D(("Expanding pam item: <%s>",tmpval)); tmpptr = _pam_get_item_byname(pamh, tmpval); @@ -616,17 +599,18 @@ static int _expand_arg(pam_handle_t *pamh, char **value) default: D(("Impossible error, type == <%c>", type)); - _log_err(LOG_CRIT, "Impossible error, type == <%c>", type); + pam_syslog(pamh, LOG_CRIT, "Impossible error, type == <%c>", type); return PAM_ABORT; } /* switch */ - + if (tmpptr) { if ((strlen(tmp) + strlen(tmpptr)) < MAX_ENV) { strcat(tmp, tmpptr); } else { /* is it really a good idea to try to log this? */ D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); - _log_err(LOG_ERR, "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr); + pam_syslog (pamh, LOG_ERR, + "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr); } } } /* if ('{' != *orig++) */ @@ -636,7 +620,8 @@ static int _expand_arg(pam_handle_t *pamh, char **value) } else { /* is it really a good idea to try to log this? */ D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); - _log_err(LOG_ERR, "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr); + pam_syslog(pamh, LOG_ERR, + "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr); } } } /* for (;*orig;) */ @@ -645,8 +630,8 @@ static int _expand_arg(pam_handle_t *pamh, char **value) free(*value); if ((*value = malloc(strlen(tmp) +1)) == NULL) { D(("Couldn't malloc %d bytes for expanded var", strlen(tmp)+1)); - _log_err(LOG_ERR,"Couldn't malloc %d bytes for expanded var", - strlen(tmp)+1); + pam_syslog (pamh, LOG_ERR, "Couldn't malloc %lu bytes for expanded var", + (unsigned long)strlen(tmp)+1); return PAM_BUF_ERR; } } @@ -659,13 +644,13 @@ static int _expand_arg(pam_handle_t *pamh, char **value) static const char * _pam_get_item_byname(pam_handle_t *pamh, const char *name) { - /* + /* * This function just allows me to use names as given in the config * file and translate them into the appropriate PAM_ITEM macro */ int item; - const char *itemval; + const void *itemval; D(("Called.")); if (strcmp(name, "PAM_USER") == 0) { @@ -680,11 +665,11 @@ static const char * _pam_get_item_byname(pam_handle_t *pamh, const char *name) item = PAM_RHOST; } else { D(("Unknown PAM_ITEM: <%s>", name)); - _log_err(LOG_ERR, "Unknown PAM_ITEM: <%s>", name); + pam_syslog (pamh, LOG_ERR, "Unknown PAM_ITEM: <%s>", name); return NULL; } - - if (pam_get_item(pamh, item, (const void **)&itemval) != PAM_SUCCESS) { + + if (pam_get_item(pamh, item, &itemval) != PAM_SUCCESS) { D(("pam_get_item failed")); return NULL; /* let pam_get_item() log the error */ } @@ -695,20 +680,18 @@ static const char * _pam_get_item_byname(pam_handle_t *pamh, const char *name) static int _define_var(pam_handle_t *pamh, VAR *var) { /* We have a variable to define, this is a simple function */ - + char *envvar; - int size, retval=PAM_SUCCESS; - + int retval = PAM_SUCCESS; + D(("Called.")); - size = strlen(var->name)+strlen(var->value)+2; - if ((envvar = malloc(size)) == NULL) { - D(("Malloc fail, size = %d", size)); - _log_err(LOG_ERR, "Malloc fail, size = %d", size); + if (asprintf(&envvar, "%s=%s", var->name, var->value) < 0) { + pam_syslog(pamh, LOG_ERR, "out of memory"); return PAM_BUF_ERR; } - (void) sprintf(envvar,"%s=%s",var->name,var->value); + retval = pam_putenv(pamh, envvar); - free(envvar); envvar=NULL; + _pam_drop(envvar); D(("Exit.")); return retval; } @@ -716,7 +699,7 @@ static int _define_var(pam_handle_t *pamh, VAR *var) static int _undefine_var(pam_handle_t *pamh, VAR *var) { /* We have a variable to undefine, this is a simple function */ - + D(("Called and exit.")); return pam_putenv(pamh, var->name); } @@ -724,13 +707,13 @@ static int _undefine_var(pam_handle_t *pamh, VAR *var) static void _clean_var(VAR *var) { if (var->name) { - free(var->name); + free(var->name); } if (var->defval && ("e != var->defval)) { - free(var->defval); + free(var->defval); } if (var->override && ("e != var->override)) { - free(var->override); + free(var->override); } var->name = NULL; var->value = NULL; /* never has memory specific to it */ @@ -743,84 +726,90 @@ static void _clean_var(VAR *var) /* --- authentication management functions (only) --- */ -PAM_EXTERN -int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, - const char **argv) -{ +PAM_EXTERN int +pam_sm_authenticate (pam_handle_t *pamh UNUSED, int flags UNUSED, + int argc UNUSED, const char **argv UNUSED) +{ return PAM_IGNORE; } -PAM_EXTERN -int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, - const char **argv) +PAM_EXTERN int +pam_sm_setcred (pam_handle_t *pamh, int flags UNUSED, + int argc, const char **argv) { int retval, ctrl, readenv=DEFAULT_READ_ENVFILE; - char *conf_file=NULL, *env_file=NULL; + const char *conf_file = NULL, *env_file = NULL; /* * this module sets environment variables read in from a file */ - + D(("Called.")); - ctrl = _pam_parse(flags, argc, argv, &conf_file, &env_file, &readenv); + ctrl = _pam_parse(pamh, argc, argv, &conf_file, &env_file, &readenv); - retval = _parse_config_file(pamh, ctrl, &conf_file); + retval = _parse_config_file(pamh, ctrl, conf_file); - if(readenv && retval == PAM_SUCCESS) - retval = _parse_env_file(pamh, ctrl, &env_file); + if(readenv && retval == PAM_SUCCESS) { + retval = _parse_env_file(pamh, ctrl, env_file); + if (retval == PAM_IGNORE) + retval = PAM_SUCCESS; + } /* indicate success or failure */ - + D(("Exit.")); return retval; } -PAM_EXTERN -int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, - const char **argv) +PAM_EXTERN int +pam_sm_acct_mgmt (pam_handle_t *pamh UNUSED, int flags UNUSED, + int argc UNUSED, const char **argv UNUSED) { - _log_err(LOG_NOTICE, "pam_sm_acct_mgmt called inappropriatly"); + pam_syslog (pamh, LOG_NOTICE, "pam_sm_acct_mgmt called inappropriately"); return PAM_SERVICE_ERR; } - -PAM_EXTERN -int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc - ,const char **argv) + +PAM_EXTERN int +pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED, + int argc, const char **argv) { int retval, ctrl, readenv=DEFAULT_READ_ENVFILE; - char *conf_file=NULL, *env_file=NULL; - + const char *conf_file = NULL, *env_file = NULL; + /* * this module sets environment variables read in from a file */ - + D(("Called.")); - ctrl = _pam_parse(flags, argc, argv, &conf_file, &env_file, &readenv); - - retval = _parse_config_file(pamh, ctrl, &conf_file); - - if(readenv && retval == PAM_SUCCESS) - retval = _parse_env_file(pamh, ctrl, &env_file); + ctrl = _pam_parse(pamh, argc, argv, &conf_file, &env_file, &readenv); + + retval = _parse_config_file(pamh, ctrl, conf_file); + + if(readenv && retval == PAM_SUCCESS) { + retval = _parse_env_file(pamh, ctrl, env_file); + if (retval == PAM_IGNORE) + retval = PAM_SUCCESS; + } /* indicate success or failure */ - + D(("Exit.")); return retval; } -PAM_EXTERN -int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc, - const char **argv) +PAM_EXTERN int +pam_sm_close_session (pam_handle_t *pamh UNUSED, int flags UNUSED, + int argc UNUSED, const char **argv UNUSED) { D(("Called and Exit")); return PAM_SUCCESS; } -PAM_EXTERN -int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, - const char **argv) +PAM_EXTERN int +pam_sm_chauthtok (pam_handle_t *pamh UNUSED, int flags UNUSED, + int argc UNUSED, const char **argv UNUSED) { - _log_err(LOG_NOTICE, "pam_sm_chauthtok called inappropriatly"); + pam_syslog (pamh, LOG_NOTICE, "pam_sm_chauthtok called inappropriately"); return PAM_SERVICE_ERR; } diff --git a/Linux-PAM/modules/pam_env/pam_env.conf-example b/Linux-PAM/modules/pam_env/pam_env.conf index 612a31c2..d0ba35c2 100644 --- a/Linux-PAM/modules/pam_env/pam_env.conf-example +++ b/Linux-PAM/modules/pam_env/pam_env.conf @@ -1,6 +1,3 @@ -# $Date: 2004/11/16 14:27:41 $ -# $Author: toady $ -# $Id: pam_env.conf-example,v 1.2 2004/11/16 14:27:41 toady Exp $ # # This is the configuration file for pam_env, a PAM module to load in # a configurable list of environment variables for a diff --git a/Linux-PAM/modules/pam_env/pam_env.conf.5 b/Linux-PAM/modules/pam_env/pam_env.conf.5 new file mode 100644 index 00000000..17c1a19d --- /dev/null +++ b/Linux-PAM/modules/pam_env/pam_env.conf.5 @@ -0,0 +1,87 @@ +.\" Title: pam_env.conf +.\" Author: +.\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> +.\" Date: 06/21/2006 +.\" Manual: Linux\-PAM Manual +.\" Source: Linux\-PAM Manual +.\" +.TH "PAM_ENV.CONF" "5" "06/21/2006" "Linux\-PAM Manual" "Linux\-PAM Manual" +.\" disable hyphenation +.nh +.\" disable justification (adjust text to left margin only) +.ad l +.SH "NAME" +pam_env.conf \- the environment variables config file +.SH "DESCRIPTION" +.PP +The +\fI/etc/security/pam_env.conf\fR +file specifies the environment variables to be set, unset or modified by +\fBpam_env\fR(8). When someone logs in, this file is read and the environment variables are set according. +.PP +Each line starts with the variable name, there are then two possible options for each variable DEFAULT and OVERRIDE. DEFAULT allows and administrator to set the value of the variable to some default value, if none is supplied then the empty string is assumed. The OVERRIDE option tells pam_env that it should enter in its value (overriding the default value) if there is one to use. OVERRIDE is not used, "" is assumed and no override will be done. +.PP + +\fIVARIABLE\fR +[\fIDEFAULT=[value]\fR] [\fIOVERRIDE=[value]\fR] +.PP +(Possibly non\-existent) environment variables may be used in values using the ${string} syntax and (possibly non\-existent) PAM_ITEMs may be used in values using the @{string} syntax. Both the $ and @ characters can be backslash escaped to be used as literal values values can be delimited with "", escaped " not supported. Note that many environment variables that you would like to use may not be set by the time the module is called. For example, HOME is used below several times, but many PAM applications don't make it available by the time you need it. +.PP +The "\fI#\fR" character at start of line (no space at front) can be used to mark this line as a comment line. +.SH "EXAMPLES" +.PP +These are some example lines which might be specified in +\fI/etc/security/pam_env.conf\fR. +.PP +Set the REMOTEHOST variable for any hosts that are remote, default to "localhost" rather than not being set at all +.sp +.RS 3n +.nf + REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST} + +.fi +.RE +.PP +Set the DISPLAY variable if it seems reasonable +.sp +.RS 3n +.nf + DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY} + +.fi +.RE +.PP +Now some simple variables +.sp +.RS 3n +.nf + PAGER DEFAULT=less + MANPAGER DEFAULT=less + LESS DEFAULT="M q e h15 z23 b80" + NNTPSERVER DEFAULT=localhost + PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\\ + :/usr/bin:/usr/local/bin/X11:/usr/bin/X11 + +.fi +.RE +.PP +Silly examples of escaped variables, just to show how they work. +.sp +.RS 3n +.nf + DOLLAR DEFAULT=\\$ + DOLLARDOLLAR DEFAULT= OVERRIDE=\\$${DOLLAR} + DOLLARPLUS DEFAULT=\\${REMOTEHOST}${REMOTEHOST} + ATSIGN DEFAULT="" OVERRIDE=\\@ + +.fi +.RE +.SH "SEE ALSO" +.PP + +\fBpam_env\fR(8), +\fBpam.d\fR(5), +\fBpam\fR(8) +.SH "AUTHOR" +.PP +pam_env was written by Dave Kinchlea <kinch@kinch.ark.com>. diff --git a/Linux-PAM/modules/pam_env/pam_env.conf.5.xml b/Linux-PAM/modules/pam_env/pam_env.conf.5.xml new file mode 100644 index 00000000..090e0e75 --- /dev/null +++ b/Linux-PAM/modules/pam_env/pam_env.conf.5.xml @@ -0,0 +1,123 @@ +<?xml version="1.0" encoding='UTF-8'?> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" + "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd"> + +<refentry id="pam_env.conf"> + + <refmeta> + <refentrytitle>pam_env.conf</refentrytitle> + <manvolnum>5</manvolnum> + <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo> + </refmeta> + + <refnamediv> + <refname>pam_env.conf</refname> + <refpurpose>the environment variables config file</refpurpose> + </refnamediv> + + + <refsect1 id='pam_env.conf-description'> + <title>DESCRIPTION</title> + + <para> + The <filename>/etc/security/pam_env.conf</filename> file specifies + the environment variables to be set, unset or modified by + <citerefentry><refentrytitle>pam_env</refentrytitle><manvolnum>8</manvolnum></citerefentry>. + When someone logs in, this file is read and the environment + variables are set according. + </para> + <para> + Each line starts with the variable name, there are then two possible + options for each variable DEFAULT and OVERRIDE. DEFAULT allows and + administrator to set the value of the variable to some default + value, if none is supplied then the empty string is assumed. The + OVERRIDE option tells pam_env that it should enter in its value + (overriding the default value) if there is one to use. OVERRIDE is + not used, "" is assumed and no override will be done. + </para> + <para> + <replaceable>VARIABLE</replaceable> + [<replaceable>DEFAULT=[value]</replaceable>] + [<replaceable>OVERRIDE=[value]</replaceable>] + </para> + + <para> + (Possibly non-existent) environment variables may be used in values + using the ${string} syntax and (possibly non-existent) PAM_ITEMs may + be used in values using the @{string} syntax. Both the $ and @ + characters can be backslash escaped to be used as literal values + values can be delimited with "", escaped " not supported. + Note that many environment variables that you would like to use + may not be set by the time the module is called. + For example, HOME is used below several times, but + many PAM applications don't make it available by the time you need it. + </para> + + <para> + The "<emphasis>#</emphasis>" character at start of line (no space + at front) can be used to mark this line as a comment line. + </para> + + </refsect1> + + <refsect1 id="pam_env.conf-examples"> + <title>EXAMPLES</title> + <para> + These are some example lines which might be specified in + <filename>/etc/security/pam_env.conf</filename>. + </para> + + <para> + Set the REMOTEHOST variable for any hosts that are remote, default + to "localhost" rather than not being set at all + </para> + <programlisting> + REMOTEHOST DEFAULT=localhost OVERRIDE=@{PAM_RHOST} + </programlisting> + + <para> + Set the DISPLAY variable if it seems reasonable + </para> + <programlisting> + DISPLAY DEFAULT=${REMOTEHOST}:0.0 OVERRIDE=${DISPLAY} + </programlisting> + + <para> + Now some simple variables + </para> + <programlisting> + PAGER DEFAULT=less + MANPAGER DEFAULT=less + LESS DEFAULT="M q e h15 z23 b80" + NNTPSERVER DEFAULT=localhost + PATH DEFAULT=${HOME}/bin:/usr/local/bin:/bin\ + :/usr/bin:/usr/local/bin/X11:/usr/bin/X11 + </programlisting> + + <para> + Silly examples of escaped variables, just to show how they work. + </para> + <programlisting> + DOLLAR DEFAULT=\$ + DOLLARDOLLAR DEFAULT= OVERRIDE=\$${DOLLAR} + DOLLARPLUS DEFAULT=\${REMOTEHOST}${REMOTEHOST} + ATSIGN DEFAULT="" OVERRIDE=\@ + </programlisting> + </refsect1> + + <refsect1 id="pam_env.conf-see_also"> + <title>SEE ALSO</title> + <para> + <citerefentry><refentrytitle>pam_env</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry><refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>, + <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry> + </para> + </refsect1> + + <refsect1 id="pam_env.conf-author"> + <title>AUTHOR</title> + <para> + pam_env was written by Dave Kinchlea <kinch@kinch.ark.com>. + </para> + </refsect1> +</refentry> diff --git a/Linux-PAM/modules/pam_env/tst-pam_env b/Linux-PAM/modules/pam_env/tst-pam_env new file mode 100755 index 00000000..c40e70a8 --- /dev/null +++ b/Linux-PAM/modules/pam_env/tst-pam_env @@ -0,0 +1,2 @@ +#!/bin/sh +../../tests/tst-dlopen .libs/pam_env.so |