aboutsummaryrefslogtreecommitdiff
path: root/modules/pam_motd/pam_motd.c
Commit message (Collapse)AuthorAgeFilesLines
* pam_motd: support very long argumentsTobias Stoeckmann2023-12-311-11/+10
| | | | | | | | The pam_split_string function should not use unsigned int to make sure that the counter will never overflow if arbitrarily long configuration file lines are supported. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* pam_motd: fail if too many motd files encounteredTobias Stoeckmann2023-12-211-1/+6
| | | | | | | Prevent signed integer overflow if too many motd files are encountered. Use the easiest approach for such an unlikely scenario. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
* pam_motd: do not rely on all filesystems providing a filetypePer Jessen2022-06-301-9/+40
| | | | | | | | | | | | | When using scandir() to look for MOTD files to display, we wrongly relied on all filesystems providing a filetype. This is a fix to divert to lstat() when we have no filetype. To maintain MT safety, it isn't possible to use lstat() in the scandir() filter function, so all of the filtering has been moved to an additional loop after scanning all the motd dirs. Also, remove superfluous alphasort from scandir(), we are doing a qsort() later. Resolves: https://github.com/linux-pam/linux-pam/issues/455
* pam_motd: unset prompt value to drop privilegesikerexxe2020-10-211-1/+1
| | | | | modules/pam_motd/pam_motd.c: set NULL value instead of "key user" for the prompt when dropping privileges.
* pam_motd: filter motd by user and groupikerexxe2020-10-141-22/+75
| | | | | | | | | modules/pam_motd/pam_motd.c: filter motd by user and group owning the proper files. This is achieved by changing the ids of the process reading the files from root to the target user. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1861640
* modules: remove PAM_SM_* macrosDmitry V. Levin2020-05-031-18/+5
| | | | | | Starting with commit a684595c0bbd88df71285f43fb27630e3829121e aka Linux-PAM-1.3.0~14 (Remove "--enable-static-modules" option and support from Linux-PAM), PAM_SM_* macros have no effect.
* pam_motd: fix NULL dereference when at least one of motd directories is not ↵Dmitry V. Levin2020-04-261-0/+1
| | | | | | | | | | | available * modules/pam_motd/pam_motd.c (try_to_display_directories_with_overrides): Do not assign -1U to dirscans_sizes[i] when scandir(motd_dir_path_split[i]) returns an error. Resolves: https://bugzilla.altlinux.org/38389 Fixes: d57ab221 ("pam_motd: Cleanup the code and avoid unnecessary logging")
* pam_motd: cleanup calloc invocationsDmitry V. Levin2020-04-261-4/+4
| | | | | | | | | | Apply the following calloc invocation idiom: ptr = calloc(nmemb, sizeof(*ptr)); * modules/pam_motd/pam_motd.c (pam_split_string, try_to_display_directories_with_overrides): Cleanup calloc invocations. Fixes: f9c9c721 ("pam_motd: Support multiple motd paths specified, with filename overrides (#69)")
* pam_motd: fix NULL dereference on error pathDmitry V. Levin2020-04-261-6/+7
| | | | | | | | | * modules/pam_motd/pam_motd.c (try_to_display_directories_with_overrides): Do not access elements of dirscans_sizes array if dirscans_sizes == NULL due to an earlier memory allocation error. Fixes: f9c9c721 ("pam_motd: Support multiple motd paths specified, with filename overrides (#69)")
* pam_motd: remove redundant return statementDmitry V. Levin2020-04-261-2/+0
| | | | | | | | * modules/pam_motd/pam_motd.c (try_to_display_directories_with_overrides): Remove return statement at the end of the function returning void. Fixes: f9c9c721 ("pam_motd: Support multiple motd paths specified, with filename overrides (#69)")
* pam_motd: remove redundant prefix from syslog messagesDmitry V. Levin2020-04-261-5/+5
| | | | | | | | | | pam_syslog already does all the prefixing we need. * modules/pam_motd/pam_motd.c (pam_split_string, try_to_display_directories_with_overrides): Remove "pam_motd: " prefix from strings passed to pam_syslog. Fixes: f9c9c721 ("pam_motd: Support multiple motd paths specified, with filename overrides (#69)")
* pam_motd: fix memory leakDmitry V. Levin2020-04-261-10/+10
| | | | | | | | | | pam_motd used to leak memory allocated for each motd file successfully opened in try_to_display_directories_with_overrides. * modules/pam_motd/pam_motd.c (try_to_display_directories_with_overrides): Free abs_path. Fixes: f9c9c721 ("pam_motd: Support multiple motd paths specified, with filename overrides (#69)")
* pam_motd: fix misleading error diagnosticsDmitry V. Levin2020-04-261-0/+3
| | | | | | | | | | | | Do not invoke calloc with the first argument equal to zero as the return value can be NULL which is undistinguishable from memory allocation error. * modules/pam_motd/pam_motd.c (try_to_display_directories_with_overrides): Skip if there are no directory entries (dirscans_size_total == 0). Fixes: f9c9c721 ("pam_motd: Support multiple motd paths specified, with filename overrides (#69)")
* pam_motd: do not zero the memory allocated by callocDmitry V. Levin2020-04-261-4/+0
| | | | | | | | | | As dirnames_all is allocated with calloc, zeroing it out is pointless. * modules/pam_motd/pam_motd.c (try_to_display_directories_with_overrides): Remove redundant zeroing of dirnames_all. Fixes: f9c9c721 ("pam_motd: Support multiple motd paths specified, with filename overrides (#69)")
* modules/pam_motd: use pam_str_skip_prefixDmitry V. Levin2020-03-191-4/+6
| | | | | | * modules/pam_motd/pam_motd.c: Include "pam_inline.h". (pam_sm_open_session): Use pam_str_skip_prefix instead of ugly strncmp invocations.
* Fix whitespace issuesDmitry V. Levin2020-03-051-1/+1
| | | | | | | | | | | | | | Remove trailing whitespace introduced by commit f9c9c72121eada731e010ab3620762bcf63db08f. Remove blank lines at EOF introduced by commit 65d6735c5949ec233df9813f734e918a93fa36cf. This makes the project free of warnings reported by git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904 HEAD * doc/custom-html.xsl: Remove blank line at EOF. * doc/custom-man.xsl: Likewise. * modules/pam_motd/pam_motd.c: Remove trailing whitespace.
* Return only PAM_IGNORE or error from pam_motdBalint Reczey2019-12-171-1/+1
| | | | | Follow-up for c81280b16e1831ab0bdd0383486c7e2d1eaf1b5e. * modules/pam_motd/pam_motd.c: Return PAM_IGNORE if pam_putenv succeeds. * modules/pam_motd/pam_motd.8.xml: Document additional possible return values of the module.
* pam_motd: Export MOTD_SHOWN=pam after showing MOTDBalint Reczey2019-12-041-0/+2
| | | | | | | | | | | This is a useful indication for update-motd profile.d snippet which can also try to show MOTD when it is not already shown. The use-case for that is showing MOTD in shells in containers without PAM being involved. * modules/pam_motd/pam_motd.c: Export MOTD_SHOWN=pam after showing MOTD * modules/pam_motd/pam_motd.8.xml: Mention setting MOTD_SHOWN=pam in the man page
* pam_motd: Cleanup the code and avoid unnecessary loggingTomas Mraz2018-12-201-51/+37
| | | | | | | | | | | | | | | | | | | The pam_motd module will not log if the default motd.d directories are missing. Also cleanup some code cleanliness issues and fix compilation warnings. * modules/pam_motd/pam_motd.c: Constification of constant strings. (try_to_display_directory): Removed unused function. (pam_split_string): Replace uint with unsigned int. Fix warnings. (compare_strings): Fix warnings by proper constification. (try_to_display_directories_with_overrides): Cleanups. Switch off the logging if the motd.d directories are missing and they are default ones. (pam_sm_open_session): Cleanup warnings. Pass the information to try_to_display_directories_with_overrides() that non-default motd options are used.
* pam_motd: Fix segmentation fault when no motd_dir specified (#76)Robert Fairley2018-11-211-5/+10
| | | | | | | | | | | | This fixes a regression introduced by #69, where motd_path was set to NULL and passed into strdup() if the motd_dir argument was not specified in the configuration file. This caused a segmentation fault. * modules/pam_motd/pam_motd.c: fix checks for NULL in arguments * xtests/Makefile.am: add test scripts and config file * xtests/tst-pam_motd.sh: add running tst-pam_motd4.sh * xtests/tst-pam_motd4.pamd: create * xtests/tst-pam_motd4.sh: create
* pam_motd: Support multiple motd paths specified, with filename overrides (#69)Robert Fairley2018-11-191-9/+262
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds specifying multiple paths to motd files and motd.d directories to be displayed. A colon-separated list of paths is specified as arguments motd and motd_dir to the pam_motd module. This gives packages several options to install motd files to. By default, the paths are, with highest priority first: /etc/motd /run/motd /usr/lib/motd /etc/motd.d/ /run/motd.d/ /usr/lib/motd.d/ Which is equivalent to the following arguments: motd=/etc/motd:/run/motd:/usr/lib/motd motd_dir=/etc/motd.d:/run/motd.d:/usr/lib/motd.d Files with the same filename in a lower-priority directory, as specified by the order in the colon-separated list, are overridden, meaning PAM will not display them. This allows a package to contain motd files under /usr/lib instead of the host configuration in /etc. A service may also write a dynamically generated motd in /run/motd.d/ and have PAM display it without needing a symlink from /etc/motd.d/ installed. Closes #68 * modules/pam_motd/pam_motd.8.xml: update documentation * modules/pam_motd/pam_motd.c: add specifying multiple motd paths * xtests/.gitignore: add generated test script * xtests/Makefile.am: add test source, scripts and config files * xtests/tst-pam_motd.c: create * xtests/tst-pam_motd.sh: create * xtests/tst-pam_motd1.pamd: create * xtests/tst-pam_motd1.sh: create * xtests/tst-pam_motd2.pamd: create * xtests/tst-pam_motd2.sh: create * xtests/tst-pam_motd3.pamd: create * xtests/tst-pam_motd3.sh: create
* pam_motd: add support for a motd.d directory (#48)Allison Karlitskaya2018-05-161-27/+73
| | | | | | | | | | | | | | | Add a new feature to pam_motd to allow packages to install their own message files in a "motd.d" directory, to be displayed after the primary motd. Add an option motd_d= to specify the location of this directory. Modify the defaults, in the case where no options are given, to display both /etc/motd and /etc/motd.d. Fixes #47 * modules/pam_motd/pam_motd.c: add support for motd.d * modules/pam_motd/pam_motd.8.xml: update the manpage
* Remove "--enable-static-modules" option and support fromThorsten Kukuk2016-03-291-19/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Linux-PAM. It was never official supported and was broken since years. * configure.ac: Remove --enable-static-modules option. * doc/man/pam_sm_acct_mgmt.3.xml: Remove PAM_EXTERN. * doc/man/pam_sm_authenticate.3.xml: Likewise. * doc/man/pam_sm_chauthtok.3.xml: Likewise. * doc/man/pam_sm_close_session.3.xml: Likewise. * doc/man/pam_sm_open_session.3.xml: Likewise. * doc/man/pam_sm_setcred.3.xml: Likewise. * libpam/Makefile.am: Remove STATIC_MODULES cases. * libpam/include/security/pam_modules.h: Remove PAM_STATIC parts. * libpam/pam_dynamic.c: Likewise. * libpam/pam_handlers.c: Likewise. * libpam/pam_private.h: Likewise. * libpam/pam_static.c: Remove file. * libpam/pam_static_modules.h: Remove header file. * modules/pam_access/pam_access.c: Remove PAM_EXTERN and PAM_STATIC parts. * modules/pam_cracklib/pam_cracklib.c: Likewise. * modules/pam_debug/pam_debug.c: Likewise. * modules/pam_deny/pam_deny.c: Likewise. * modules/pam_echo/pam_echo.c: Likewise. * modules/pam_env/pam_env.c: Likewise. * modules/pam_exec/pam_exec.c: Likewise. * modules/pam_faildelay/pam_faildelay.c: Likewise. * modules/pam_filter/pam_filter.c: Likewise. * modules/pam_ftp/pam_ftp.c: Likewise. * modules/pam_group/pam_group.c: Likewise. * modules/pam_issue/pam_issue.c: Likewise. * modules/pam_keyinit/pam_keyinit.c: Likewise. * modules/pam_lastlog/pam_lastlog.c: Likewise. * modules/pam_limits/pam_limits.c: Likewise. * modules/pam_listfile/pam_listfile.c: Likewise. * modules/pam_localuser/pam_localuser.c: Likewise. * modules/pam_loginuid/pam_loginuid.c: Likewise. * modules/pam_mail/pam_mail.c: Likewise. * modules/pam_mkhomedir/pam_mkhomedir.c: Likewise. * modules/pam_motd/pam_motd.c: Likewise. * modules/pam_namespace/pam_namespace.c: Likewise. * modules/pam_nologin/pam_nologin.c: Likewise. * modules/pam_permit/pam_permit.c: Likewise. * modules/pam_pwhistory/pam_pwhistory.c: Likewise. * modules/pam_rhosts/pam_rhosts.c: Likewise. * modules/pam_rootok/pam_rootok.c: Likewise. * modules/pam_securetty/pam_securetty.c: Likewise. * modules/pam_selinux/pam_selinux.c: Likewise. * modules/pam_sepermit/pam_sepermit.c: Likewise. * modules/pam_shells/pam_shells.c: Likewise. * modules/pam_stress/pam_stress.c: Likewise. * modules/pam_succeed_if/pam_succeed_if.c: Likewise. * modules/pam_tally/pam_tally.c: Likewise. * modules/pam_tally2/pam_tally2.c: Likewise. * modules/pam_time/pam_time.c: Likewise. * modules/pam_timestamp/pam_timestamp.c: Likewise. * modules/pam_tty_audit/pam_tty_audit.c: Likewise. * modules/pam_umask/pam_umask.c: Likewise. * modules/pam_userdb/pam_userdb.c: Likewise. * modules/pam_warn/pam_warn.c: Likewise. * modules/pam_wheel/pam_wheel.c: Likewise. * modules/pam_xauth/pam_xauth.c: Likewise. * modules/pam_unix/Makefile.am: Remove STATIC_MODULES part. * modules/pam_unix/pam_unix_acct.c: Remove PAM_STATIC part. * modules/pam_unix/pam_unix_auth.c: Likewise. * modules/pam_unix/pam_unix_passwd.c: Likewise. * modules/pam_unix/pam_unix_sess.c: Likewise. * modules/pam_unix/pam_unix_static.c: Removed. * modules/pam_unix/pam_unix_static.h: Removed. * po/POTFILES.in: Remove removed files. * tests/tst-dlopen.c: Remove PAM_STATIC part.
* 2005-10-02 Dmitry V. Levin <ldv@altlinux.org>Dmitry V. Levin2005-10-041-9/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Steve Langasek <vorlon@debian.org> Cleanup gratuitous use of strdup(). Fix "missing argument" checks. * modules/pam_env/pam_env.c (_pam_parse): Add const qualifier to conffile and envfile arguments. Do not use x_strdup() for conffile and envfile initialization. Fix "missing argument" checks. (_parse_config_file): Take conffile argument of type "const char *" instead of "char **". Do not free conffile. (_parse_env_file): Take env_file argument of type "const char *" instead of "char **". Do not free env_file. (pam_sm_setcred): Add const qualifier to conf_file and env_file. Pass conf_file and env_file to _parse_config_file() and _parse_env_file() by value. (pam_sm_open_session): Likewise. * modules/pam_ftp/pam_ftp.c (_pam_parse): Add const qualifier to users argument. Do not use x_strdup() for users initialization. (lookup): Add const qualifier to list argument. (pam_sm_authenticate): Add const qualifier to users argument. * modules/pam_mail/pam_mail.c (_pam_parse): Add const qualifier to maildir argument. Do not use x_strdup() for maildir initialization. Fix "missing argument" check. (get_folder): Take path_mail argument of type "const char *" instead of "char **". Do not free path_mail. (_do_mail): Add const qualifier to path_mail argument. Pass path_mail to get_folder() by value. * modules/pam_motd/pam_motd.c: Include <syslog.h>. (pam_sm_open_session): Add const qualifier to motd_path. Do not use x_strdup() for motd_path initialization. Do not free motd_path. Fix "missing argument" check. Add "unknown option" warning. * modules/pam_userdb/pam_userdb.c (_pam_parse): Add const qualifier to database and cryptmode arguments. Fix "missing argument" checks. (pam_sm_authenticate): Add const qualifier to database and cryptmode. (pam_sm_acct_mgmt): Likewise.
* Relevant BUGIDs:Tomas Mraz2005-09-211-2/+2
| | | | | | | | Purpose of commit: new feature Commit summary: --------------- Moved functions from pammodutil to libpam.
* Relevant BUGIDs:Tomas Mraz2005-09-171-4/+1
| | | | | | | | Purpose of commit: cleanup Commit summary: --------------- More clear deallocation (by Dmitry V. Levin - ldv)
* Relevant BUGIDs: noneThorsten Kukuk2005-09-051-15/+4
| | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Replace conv function call with pam_info()
* Relevant BUGIDs: noneThorsten Kukuk2005-08-231-55/+55
| | | | | | | | | | Purpose of commit: new feature Commit summary: --------------- Change major version number back to "0". Add more patches from ALT-Linux/OWL:
* Relevant BUGIDs: noneThorsten Kukuk2005-08-161-3/+3
| | | | | | | | | Purpose of commit: new feature Commit summary: --------------- Big "automake/autoconf/libtool" commit
* Relevant BUGIDs: noneThorsten Kukuk2005-07-201-1/+1
| | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Rename _pam_aconf.h to config.h.
* Relevant BUGIDs: noneThorsten Kukuk2005-06-091-4/+6
| | | | | | | | | | Purpose of commit: cleanup Commit summary: --------------- Fix all occurrence of dereferencing type-punned pointer will break strict-aliasing rules warnings
* Relevant BUGIDs:Tomas Mraz2005-04-191-3/+10
| | | | | | | | Purpose of commit: bugfix Commit summary: --------------- Various cleanups and minor bugfixes by Steve Grubb.
* Relevant BUGIDs:Thorsten Kukuk2004-09-221-14/+24
| | | | | | | | | Purpose of commit: Commit summary: --------------- bugfix: Add rest of Steve Grubb's resource leak and other fixes
* Relevant BUGIDs: 476938Andrew G. Morgan2001-11-121-2/+6
| | | | | | | | Purpose of commit: cleanup Commit summary: --------------- removed a compiler warning (courtesy Nalin) and added a memory leak comment.
* Initial revisionAndrew G. Morgan2000-06-201-0/+119
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-15 06:21:09 +0000