aboutsummaryrefslogtreecommitdiff
path: root/modules/pam_issue
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_issue')
-rw-r--r--modules/pam_issue/Makefile.am8
-rw-r--r--modules/pam_issue/Makefile.in23
-rw-r--r--modules/pam_issue/README.xml32
-rw-r--r--modules/pam_issue/pam_issue.834
-rw-r--r--modules/pam_issue/pam_issue.8.xml63
-rw-r--r--modules/pam_issue/pam_issue.c201
6 files changed, 187 insertions, 174 deletions
diff --git a/modules/pam_issue/Makefile.am b/modules/pam_issue/Makefile.am
index 1b26c31e..1ab2b2ce 100644
--- a/modules/pam_issue/Makefile.am
+++ b/modules/pam_issue/Makefile.am
@@ -15,17 +15,21 @@ dist_check_SCRIPTS = tst-pam_issue
TESTS = $(dist_check_SCRIPTS)
securelibdir = $(SECUREDIR)
+if HAVE_VENDORDIR
+secureconfdir = $(VENDOR_SCONFIGDIR)
+else
secureconfdir = $(SCONFIGDIR)
+endif
AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
- $(WARN_CFLAGS)
+ $(LOGIND_CFLAGS) $(WARN_CFLAGS)
AM_LDFLAGS = -no-undefined -avoid-version -module
if HAVE_VERSIONING
AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
endif
securelib_LTLIBRARIES = pam_issue.la
-pam_issue_la_LIBADD = $(top_builddir)/libpam/libpam.la
+pam_issue_la_LIBADD = $(top_builddir)/libpam/libpam.la $(SYSTEMD_LIBS)
if ENABLE_REGENERATE_MAN
dist_noinst_DATA = README
diff --git a/modules/pam_issue/Makefile.in b/modules/pam_issue/Makefile.in
index 91627c5c..02a3cc16 100644
--- a/modules/pam_issue/Makefile.in
+++ b/modules/pam_issue/Makefile.in
@@ -148,7 +148,9 @@ am__uninstall_files_from_dir = { \
}
am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"
LTLIBRARIES = $(securelib_LTLIBRARIES)
-pam_issue_la_DEPENDENCIES = $(top_builddir)/libpam/libpam.la
+am__DEPENDENCIES_1 =
+pam_issue_la_DEPENDENCIES = $(top_builddir)/libpam/libpam.la \
+ $(am__DEPENDENCIES_1)
pam_issue_la_SOURCES = pam_issue.c
pam_issue_la_OBJECTS = pam_issue.lo
AM_V_lt = $(am__v_lt_@AM_V@)
@@ -428,6 +430,7 @@ CYGPATH_W = @CYGPATH_W@
DEFS = @DEFS@
DEPDIR = @DEPDIR@
DLLTOOL = @DLLTOOL@
+DOCBOOK_RNG = @DOCBOOK_RNG@
DSYMUTIL = @DSYMUTIL@
DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
@@ -440,11 +443,13 @@ EXEEXT = @EXEEXT@
EXE_CFLAGS = @EXE_CFLAGS@
EXE_LDFLAGS = @EXE_LDFLAGS@
FGREP = @FGREP@
+FILECMD = @FILECMD@
FO2PDF = @FO2PDF@
GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
GMSGFMT = @GMSGFMT@
GMSGFMT_015 = @GMSGFMT_015@
GREP = @GREP@
+HTML_STYLESHEET = @HTML_STYLESHEET@
INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
@@ -476,12 +481,14 @@ LIBSELINUX = @LIBSELINUX@
LIBTOOL = @LIBTOOL@
LIPO = @LIPO@
LN_S = @LN_S@
+LOGIND_CFLAGS = @LOGIND_CFLAGS@
LTLIBICONV = @LTLIBICONV@
LTLIBINTL = @LTLIBINTL@
LTLIBOBJS = @LTLIBOBJS@
LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
+MAN_STYLESHEET = @MAN_STYLESHEET@
MKDIR_P = @MKDIR_P@
MSGFMT = @MSGFMT@
MSGFMT_015 = @MSGFMT_015@
@@ -504,6 +511,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
PACKAGE_URL = @PACKAGE_URL@
PACKAGE_VERSION = @PACKAGE_VERSION@
PATH_SEPARATOR = @PATH_SEPARATOR@
+PDF_STYLESHEET = @PDF_STYLESHEET@
PKG_CONFIG = @PKG_CONFIG@
PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
@@ -514,12 +522,16 @@ SECUREDIR = @SECUREDIR@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
-STRINGPARAM_HMAC = @STRINGPARAM_HMAC@
+STRINGPARAM_PROFILECONDITIONS = @STRINGPARAM_PROFILECONDITIONS@
STRINGPARAM_VENDORDIR = @STRINGPARAM_VENDORDIR@
STRIP = @STRIP@
+SYSTEMD_CFLAGS = @SYSTEMD_CFLAGS@
+SYSTEMD_LIBS = @SYSTEMD_LIBS@
TIRPC_CFLAGS = @TIRPC_CFLAGS@
TIRPC_LIBS = @TIRPC_LIBS@
+TXT_STYLESHEET = @TXT_STYLESHEET@
USE_NLS = @USE_NLS@
+VENDOR_SCONFIGDIR = @VENDOR_SCONFIGDIR@
VERSION = @VERSION@
WARN_CFLAGS = @WARN_CFLAGS@
XGETTEXT = @XGETTEXT@
@@ -593,13 +605,14 @@ XMLS = README.xml pam_issue.8.xml
dist_check_SCRIPTS = tst-pam_issue
TESTS = $(dist_check_SCRIPTS)
securelibdir = $(SECUREDIR)
-secureconfdir = $(SCONFIGDIR)
+@HAVE_VENDORDIR_FALSE@secureconfdir = $(SCONFIGDIR)
+@HAVE_VENDORDIR_TRUE@secureconfdir = $(VENDOR_SCONFIGDIR)
AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
- $(WARN_CFLAGS)
+ $(LOGIND_CFLAGS) $(WARN_CFLAGS)
AM_LDFLAGS = -no-undefined -avoid-version -module $(am__append_1)
securelib_LTLIBRARIES = pam_issue.la
-pam_issue_la_LIBADD = $(top_builddir)/libpam/libpam.la
+pam_issue_la_LIBADD = $(top_builddir)/libpam/libpam.la $(SYSTEMD_LIBS)
@ENABLE_REGENERATE_MAN_TRUE@dist_noinst_DATA = README
all: all-am
diff --git a/modules/pam_issue/README.xml b/modules/pam_issue/README.xml
index b5b61c3a..36742c77 100644
--- a/modules/pam_issue/README.xml
+++ b/modules/pam_issue/README.xml
@@ -1,41 +1,27 @@
-<?xml version="1.0" encoding='UTF-8'?>
-<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
-"http://www.docbook.org/xml/4.3/docbookx.dtd"
-[
-<!--
-<!ENTITY pamaccess SYSTEM "pam_issue.8.xml">
--->
-]>
+<article xmlns="http://docbook.org/ns/docbook" version="5.0">
-<article>
-
- <articleinfo>
+ <info>
<title>
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
- href="pam_issue.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_issue-name"]/*)'/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_issue.8.xml" xpointer='xpointer(id("pam_issue-name")/*)'/>
</title>
- </articleinfo>
+ </info>
<section>
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
- href="pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-description"]/*)'/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_issue.8.xml" xpointer='xpointer(id("pam_issue-description")/*)'/>
</section>
<section>
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
- href="pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-options"]/*)'/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_issue.8.xml" xpointer='xpointer(id("pam_issue-options")/*)'/>
</section>
<section>
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
- href="pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-examples"]/*)'/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_issue.8.xml" xpointer='xpointer(id("pam_issue-examples")/*)'/>
</section>
<section>
- <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
- href="pam_issue.8.xml" xpointer='xpointer(//refsect1[@id = "pam_issue-author"]/*)'/>
+ <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_issue.8.xml" xpointer='xpointer(id("pam_issue-author")/*)'/>
</section>
-</article>
+</article> \ No newline at end of file
diff --git a/modules/pam_issue/pam_issue.8 b/modules/pam_issue/pam_issue.8
index 810406ed..fdeed526 100644
--- a/modules/pam_issue/pam_issue.8
+++ b/modules/pam_issue/pam_issue.8
@@ -1,13 +1,13 @@
'\" t
.\" Title: pam_issue
.\" Author: [see the "AUTHOR" section]
-.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
-.\" Date: 09/03/2021
+.\" Generator: DocBook XSL Stylesheets v1.79.2 <http://docbook.sf.net/>
+.\" Date: 05/07/2023
.\" Manual: Linux-PAM Manual
-.\" Source: Linux-PAM Manual
+.\" Source: Linux-PAM
.\" Language: English
.\"
-.TH "PAM_ISSUE" "8" "09/03/2021" "Linux-PAM Manual" "Linux\-PAM Manual"
+.TH "PAM_ISSUE" "8" "05/07/2023" "Linux\-PAM" "Linux\-PAM Manual"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -38,69 +38,69 @@ pam_issue is a PAM module to prepend an issue file to the username prompt\&. It
.PP
Recognized escapes:
.PP
-\fB\ed\fR
+\ed
.RS 4
current day
.RE
.PP
-\fB\el\fR
+\el
.RS 4
name of this tty
.RE
.PP
-\fB\em\fR
+\em
.RS 4
machine architecture (uname \-m)
.RE
.PP
-\fB\en\fR
+\en
.RS 4
machine\*(Aqs network node hostname (uname \-n)
.RE
.PP
-\fB\eo\fR
+\eo
.RS 4
domain name of this system
.RE
.PP
-\fB\er\fR
+\er
.RS 4
release number of operating system (uname \-r)
.RE
.PP
-\fB\et\fR
+\et
.RS 4
current time
.RE
.PP
-\fB\es\fR
+\es
.RS 4
operating system name (uname \-s)
.RE
.PP
-\fB\eu\fR
+\eu
.RS 4
number of users currently logged in
.RE
.PP
-\fB\eU\fR
+\eU
.RS 4
same as \eu except it is suffixed with "user" or "users" (eg\&. "1 user" or "10 users")
.RE
.PP
-\fB\ev\fR
+\ev
.RS 4
operating system version and build date (uname \-v)
.RE
.SH "OPTIONS"
.PP
.PP
-\fBnoesc\fR
+noesc
.RS 4
Turns off escape code parsing\&.
.RE
.PP
-\fBissue=\fR\fB\fIissue\-file\-name\fR\fR
+issue=issue\-file\-name
.RS 4
The file to output if not using the default\&.
.RE
diff --git a/modules/pam_issue/pam_issue.8.xml b/modules/pam_issue/pam_issue.8.xml
index fb9b7377..20d32451 100644
--- a/modules/pam_issue/pam_issue.8.xml
+++ b/modules/pam_issue/pam_issue.8.xml
@@ -1,110 +1,107 @@
-<?xml version="1.0" encoding='UTF-8'?>
-<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN"
- "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd">
-
-<refentry id="pam_issue">
+<refentry xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="pam_issue">
<refmeta>
<refentrytitle>pam_issue</refentrytitle>
<manvolnum>8</manvolnum>
- <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo>
+ <refmiscinfo class="source">Linux-PAM</refmiscinfo>
+ <refmiscinfo class="manual">Linux-PAM Manual</refmiscinfo>
</refmeta>
- <refnamediv id="pam_issue-name">
+ <refnamediv xml:id="pam_issue-name">
<refname>pam_issue</refname>
<refpurpose>PAM module to add issue file to user prompt</refpurpose>
</refnamediv>
<refsynopsisdiv>
- <cmdsynopsis id="pam_issue-cmdsynopsis">
+ <cmdsynopsis xml:id="pam_issue-cmdsynopsis" sepchar=" ">
<command>pam_issue.so</command>
- <arg choice="opt">
+ <arg choice="opt" rep="norepeat">
noesc
</arg>
- <arg choice="opt">
+ <arg choice="opt" rep="norepeat">
issue=<replaceable>issue-file-name</replaceable>
</arg>
</cmdsynopsis>
</refsynopsisdiv>
- <refsect1 id="pam_issue-description">
+ <refsect1 xml:id="pam_issue-description">
<title>DESCRIPTION</title>
<para>
pam_issue is a PAM module to prepend an issue file to the username
prompt. It also by default parses escape codes in the issue file
- similar to some common getty's (using &bsol;x format).
+ similar to some common getty's (using \x format).
</para>
<para>
Recognized escapes:
</para>
<variablelist>
<varlistentry>
- <term><emphasis remap='B'>&bsol;d</emphasis></term>
+ <term>\d</term>
<listitem>
<para>current day</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><emphasis remap='B'>&bsol;l</emphasis></term>
+ <term>\l</term>
<listitem>
<para>name of this tty</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><emphasis remap='B'>&bsol;m</emphasis></term>
+ <term>\m</term>
<listitem>
<para>machine architecture (uname -m)</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><emphasis remap='B'>&bsol;n</emphasis></term>
+ <term>\n</term>
<listitem>
<para>machine's network node hostname (uname -n)</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><emphasis remap='B'>&bsol;o</emphasis></term>
+ <term>\o</term>
<listitem>
<para>domain name of this system</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><emphasis remap='B'>&bsol;r</emphasis></term>
+ <term>\r</term>
<listitem>
<para>release number of operating system (uname -r)</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><emphasis remap='B'>&bsol;t</emphasis></term>
+ <term>\t</term>
<listitem>
<para>current time</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><emphasis remap='B'>&bsol;s</emphasis></term>
+ <term>\s</term>
<listitem>
<para>operating system name (uname -s)</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><emphasis remap='B'>&bsol;u</emphasis></term>
+ <term>\u</term>
<listitem>
<para>number of users currently logged in</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><emphasis remap='B'>&bsol;U</emphasis></term>
+ <term>\U</term>
<listitem>
<para>
- same as &bsol;u except it is suffixed with "user" or
+ same as \u except it is suffixed with "user" or
"users" (eg. "1 user" or "10 users")
</para>
</listitem>
</varlistentry>
<varlistentry>
- <term><emphasis remap='B'>&bsol;v</emphasis></term>
+ <term>\v</term>
<listitem>
<para>operating system version and build date (uname -v)</para>
</listitem>
@@ -113,7 +110,7 @@
</refsect1>
- <refsect1 id="pam_issue-options">
+ <refsect1 xml:id="pam_issue-options">
<title>OPTIONS</title>
<para>
@@ -121,7 +118,7 @@
<varlistentry>
<term>
- <option>noesc</option>
+ noesc
</term>
<listitem>
<para>
@@ -132,7 +129,7 @@
<varlistentry>
<term>
- <option>issue=<replaceable>issue-file-name</replaceable></option>
+ issue=issue-file-name
</term>
<listitem>
<para>
@@ -146,14 +143,14 @@
</para>
</refsect1>
- <refsect1 id="pam_issue-types">
+ <refsect1 xml:id="pam_issue-types">
<title>MODULE TYPES PROVIDED</title>
<para>
Only the <option>auth</option> module type is provided.
</para>
</refsect1>
- <refsect1 id='pam_issue-return_values'>
+ <refsect1 xml:id="pam_issue-return_values">
<title>RETURN VALUES</title>
<para>
<variablelist>
@@ -198,7 +195,7 @@
</para>
</refsect1>
- <refsect1 id='pam_issue-examples'>
+ <refsect1 xml:id="pam_issue-examples">
<title>EXAMPLES</title>
<para>
Add the following line to <filename>/etc/pam.d/login</filename> to
@@ -209,7 +206,7 @@
</para>
</refsect1>
- <refsect1 id='pam_issue-see_also'>
+ <refsect1 xml:id="pam_issue-see_also">
<title>SEE ALSO</title>
<para>
<citerefentry>
@@ -224,11 +221,11 @@
</para>
</refsect1>
- <refsect1 id='pam_issue-author'>
+ <refsect1 xml:id="pam_issue-author">
<title>AUTHOR</title>
<para>
pam_issue was written by Ben Collins &lt;bcollins@debian.org&gt;.
</para>
</refsect1>
-</refentry>
+</refentry> \ No newline at end of file
diff --git a/modules/pam_issue/pam_issue.c b/modules/pam_issue/pam_issue.c
index 5b6a4669..c08f90c3 100644
--- a/modules/pam_issue/pam_issue.c
+++ b/modules/pam_issue/pam_issue.c
@@ -25,10 +25,15 @@
#include <fcntl.h>
#include <unistd.h>
#include <sys/utsname.h>
-#include <utmp.h>
#include <time.h>
#include <syslog.h>
+#ifdef USE_LOGIND
+#include <systemd/sd-login.h>
+#else
+#include <utmp.h>
+#endif
+
#include <security/_pam_macros.h>
#include <security/pam_modules.h>
#include <security/pam_ext.h>
@@ -36,98 +41,6 @@
static int _user_prompt_set = 0;
-static int read_issue_raw(pam_handle_t *pamh, FILE *fp, char **prompt);
-static int read_issue_quoted(pam_handle_t *pamh, FILE *fp, char **prompt);
-
-/* --- authentication management functions (only) --- */
-
-int
-pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
- int argc, const char **argv)
-{
- int retval = PAM_SERVICE_ERR;
- FILE *fp;
- const char *issue_file = NULL;
- int parse_esc = 1;
- const void *item = NULL;
- const char *cur_prompt;
- char *issue_prompt = NULL;
-
- /* If we've already set the prompt, don't set it again */
- if(_user_prompt_set)
- return PAM_IGNORE;
-
- /* We set this here so if we fail below, we won't get further
- than this next time around (only one real failure) */
- _user_prompt_set = 1;
-
- for ( ; argc-- > 0 ; ++argv ) {
- const char *str;
-
- if ((str = pam_str_skip_prefix(*argv, "issue=")) != NULL) {
- issue_file = str;
- D(("set issue_file to: %s", issue_file));
- } else if (!strcmp(*argv,"noesc")) {
- parse_esc = 0;
- D(("turning off escape parsing by request"));
- } else
- D(("unknown option passed: %s", *argv));
- }
-
- if (issue_file == NULL)
- issue_file = "/etc/issue";
-
- if ((fp = fopen(issue_file, "r")) == NULL) {
- pam_syslog(pamh, LOG_ERR, "error opening %s: %m", issue_file);
- return PAM_SERVICE_ERR;
- }
-
- if ((retval = pam_get_item(pamh, PAM_USER_PROMPT, &item)) != PAM_SUCCESS) {
- fclose(fp);
- return retval;
- }
-
- cur_prompt = item;
- if (cur_prompt == NULL)
- cur_prompt = "";
-
- if (parse_esc)
- retval = read_issue_quoted(pamh, fp, &issue_prompt);
- else
- retval = read_issue_raw(pamh, fp, &issue_prompt);
-
- fclose(fp);
-
- if (retval != PAM_SUCCESS)
- goto out;
-
- {
- size_t size = strlen(issue_prompt) + strlen(cur_prompt) + 1;
- char *new_prompt = realloc(issue_prompt, size);
-
- if (new_prompt == NULL) {
- pam_syslog(pamh, LOG_CRIT, "out of memory");
- retval = PAM_BUF_ERR;
- goto out;
- }
- issue_prompt = new_prompt;
- }
-
- strcat(issue_prompt, cur_prompt);
- retval = pam_set_item(pamh, PAM_USER_PROMPT,
- (const void *) issue_prompt);
- out:
- _pam_drop(issue_prompt);
- return (retval == PAM_SUCCESS) ? PAM_IGNORE : retval;
-}
-
-int
-pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
- int argc UNUSED, const char **argv UNUSED)
-{
- return PAM_IGNORE;
-}
-
static int
read_issue_raw(pam_handle_t *pamh, FILE *fp, char **prompt)
{
@@ -251,6 +164,18 @@ read_issue_quoted(pam_handle_t *pamh, FILE *fp, char **prompt)
case 'U':
{
unsigned int users = 0;
+#ifdef USE_LOGIND
+ int sessions = sd_get_sessions(NULL);
+
+ if (sessions < 0) {
+ pam_syslog(pamh, LOG_ERR, "logind error: %s",
+ strerror(-sessions));
+ _pam_drop(issue);
+ return PAM_SERVICE_ERR;
+ } else {
+ users = sessions;
+ }
+#else
struct utmp *ut;
setutent();
while ((ut = getutent())) {
@@ -258,6 +183,7 @@ read_issue_quoted(pam_handle_t *pamh, FILE *fp, char **prompt)
++users;
}
endutent();
+#endif
if (c == 'U')
snprintf (buf, sizeof buf, "%u %s", users,
(users == 1) ? "user" : "users");
@@ -303,4 +229,91 @@ read_issue_quoted(pam_handle_t *pamh, FILE *fp, char **prompt)
return PAM_SUCCESS;
}
-/* end of module definition */
+/* --- authentication management functions (only) --- */
+
+int
+pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
+{
+ int retval = PAM_SERVICE_ERR;
+ FILE *fp;
+ const char *issue_file = NULL;
+ int parse_esc = 1;
+ const void *item = NULL;
+ const char *cur_prompt;
+ char *issue_prompt = NULL;
+
+ /* If we've already set the prompt, don't set it again */
+ if(_user_prompt_set)
+ return PAM_IGNORE;
+
+ /* We set this here so if we fail below, we won't get further
+ than this next time around (only one real failure) */
+ _user_prompt_set = 1;
+
+ for ( ; argc-- > 0 ; ++argv ) {
+ const char *str;
+
+ if ((str = pam_str_skip_prefix(*argv, "issue=")) != NULL) {
+ issue_file = str;
+ D(("set issue_file to: %s", issue_file));
+ } else if (!strcmp(*argv,"noesc")) {
+ parse_esc = 0;
+ D(("turning off escape parsing by request"));
+ } else
+ D(("unknown option passed: %s", *argv));
+ }
+
+ if (issue_file == NULL)
+ issue_file = "/etc/issue";
+
+ if ((fp = fopen(issue_file, "r")) == NULL) {
+ pam_syslog(pamh, LOG_ERR, "error opening %s: %m", issue_file);
+ return PAM_SERVICE_ERR;
+ }
+
+ if ((retval = pam_get_item(pamh, PAM_USER_PROMPT, &item)) != PAM_SUCCESS) {
+ fclose(fp);
+ return retval;
+ }
+
+ cur_prompt = item;
+ if (cur_prompt == NULL)
+ cur_prompt = "";
+
+ if (parse_esc)
+ retval = read_issue_quoted(pamh, fp, &issue_prompt);
+ else
+ retval = read_issue_raw(pamh, fp, &issue_prompt);
+
+ fclose(fp);
+
+ if (retval != PAM_SUCCESS)
+ goto out;
+
+ {
+ size_t size = strlen(issue_prompt) + strlen(cur_prompt) + 1;
+ char *new_prompt = realloc(issue_prompt, size);
+
+ if (new_prompt == NULL) {
+ pam_syslog(pamh, LOG_CRIT, "out of memory");
+ retval = PAM_BUF_ERR;
+ goto out;
+ }
+ issue_prompt = new_prompt;
+ }
+
+ strcat(issue_prompt, cur_prompt);
+ retval = pam_set_item(pamh, PAM_USER_PROMPT,
+ (const void *) issue_prompt);
+ out:
+ _pam_drop(issue_prompt);
+ return (retval == PAM_SUCCESS) ? PAM_IGNORE : retval;
+}
+
+int
+pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED,
+ int argc UNUSED, const char **argv UNUSED)
+{
+ return PAM_IGNORE;
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-31 03:55:26 +0000