| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The first argument of IF_NO_PAMH is supposed to be the name of the
function which was called with pamh being NULL.
With __FUNCTION__ the name can be inserted automatically by the
compiler which is also already done with D macro.
Fixes a bug in which _pam_drop_env erroneously logs with the
function name _pam_make_env.
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The grantor field gives audit trail of PAM modules which granted access
for successful return from libpam calls. In case of failed return
the grantor field is set to '?'.
libpam/pam_account.c (pam_acct_mgmt): Remove _pam_auditlog() call.
libpam/pam_auth.c (pam_authenticate, pam_setcred): Likewise.
libpam/pam_password.c (pam_chauthtok): Likewise.
libpam/pam_session.c (pam_open_session, pam_close_session): Likewise.
libpam/pam_audit.c (_pam_audit_writelog): Add grantors parameter,
add grantor= field to the message if grantors is set.
(_pam_list_grantors): New function creating the string with grantors list.
(_pam_auditlog): Add struct handler pointer parameter, call _pam_list_grantors()
to list the grantors from the handler list.
(_pam_audit_end): Add NULL handler parameter to _pam_auditlog() call.
(pam_modutil_audit_write): Add NULL grantors parameter to _pam_audit_writelog().
libpam/pam_dispatch.c (_pam_dispatch_aux): Set h->grantor where appropriate.
(_pam_clear_grantors): New function to clear grantor field of handler.
(_pam_dispatch): Call _pam_clear_grantors() before executing the stack.
Call _pam_auditlog() when appropriate.
libpam/pam_handlers.c (extract_modulename): Do not allow empty module name
or just "?" to avoid confusing audit trail.
(_pam_add_handler): Test for NULL return from extract_modulename().
Clear grantor field of handler.
libpam/pam_private.h: Add grantor field to struct handler, add handler pointer
parameter to _pam_auditlog().
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: bugfixes
Commit summary:
---------------
2006-07-24 Thorsten Kukuk <kukuk@thkukuk.de>
* doc/adg/Makefile.am: Add uninstall and distclean rules.
* doc/mwg/Makefile.am: Likewise.
* doc/sag/Makefile.am: Likewise.
2006-07-08 Daniel Richard G. <skunk@iskunk.org>
* conf/pam_conv1/Makefile.am: Fix rules for lex and yacc files.
* conf/pam_conv1/pam_conv.lex: Rename to ...
* conf/pam_conv1/pam_conv_l.l: ... this.
* conf/pam_conv1/pam_conv.y: Rename to ...
* conf/pam_conv1/pam_conv_y.y: ... this.
* configure.in: Add AC_HELP_STRING()s to various AC_ARG_ENABLE()
calls.
* doc/Makefile.am: Fix rule to install index.html.
* doc/adg/Makefile.am: Fix test usage.
* doc/mwg/Makefile.am: Likewise.
* doc/sag/Makefile.am: Likewise.
* doc/specs/Makefile.am: Fix rules for lex and yacc files.
* specs/parse.lex: Rename to ...
* doc/specs/parse_l.l: ... this.
* doc/specs/parse.y: Rename to ...
* doc/specs/parse_y.y: ... this.
* libpam/pam_account.c: Fix #if vs. #ifdef.
* libpam/pam_audit.c: Likewise.
* libpam/pam_auth.c: Likewise.
* libpam/pam_password.c: Likewise.
* libpam/pam_private.h: Likewise.
* libpam/pam_session.c: Likewise.
* libpam/pam_start.c: Likewise.
* libpam/pam_static.c: Fix "empty sourcefile" warning.
* modules/pam_limits/pam_limits.c: Check for __linux, too.
* modules/pam_userdb/Makefile.am: Don't run test if no
libdb available.
* tests/tst-dlopen.c: Include config.h.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature
Commit summary:
---------------
2006-01-12 Steve Grubb <sgrubb@redhat.com>
* configure.in: Add check for audit library.
* libpam/Makefile.am (libpam_la_LDFLAGS): Add LIBAUDIT.
(libpam_la_SOURCES): Add pam_audit.c.
* libpam/pam_account.c (pam_acct_mgmt): Add _pam_auditlog() call.
* libpam/pam_auth.c (pam_authenticate), (pam_setcred): Likewise.
* libpam/pam_password.c (pam_chauthtok): Likewise.
* libpam/pam_session.c (pam_open_session),
(pam_close_session): Likewise.
* libpam/pam_private.h: Add audit_state member to pam_handle,
declare _pam_auditlog and _pam_audit_end.
* libpam/pam_start.c (pam_start): Initialize audit_state.
* libpam/pam_audit.c: New file with _pam_auditlog and _pam_audit_end
implementation.
* libpam/pam_end.c (pam_end): Add _pam_audit_end() call.
* NEWS: Note about added auditing.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Purpose of commit: cleanup
Commit summary:
---------------
Fix the many compile-time warnings caused by features.h being included
before our _pam_aconf.h. This should make it much easier to find other
bugs.
Also, call config.status instead of configure, to allow rebuilding
generated files with the same options.
|
| |
|
|
|
|
|
|
|
|
| |
Purpose of commit: new feature + documentation
Commit summary:
---------------
Cleaned up the handling of AUTHTOK items and pam_[gs]et_data() functions.
Added more clear documentation about the pam_[gs]et_item() functions to
the pam_appl and pam_modules programmer guides.
|
| |
|
