From 0fb1f5b701432b6d9f40754b69f2fe0dc6f75103 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Tue, 19 Jun 2018 00:00:00 +0000 Subject: Fix grammar of messages printed via pam_prompt Turn into proper sentences those messages that are printed without further modifications using pam_prompt in contexts where proper sentences are expected. * libpam/pam_get_authtok.c (pam_get_authtok_internal): Fix grammar of the message passed to pam_error. * modules/pam_limits/pam_limits.c (pam_sm_open_session): Likewise. * modules/pam_cracklib/pam_cracklib.c (_pam_unix_approve_pass): Fix grammar of error messages passed to pam_error. * modules/pam_mail/pam_mail.c (report_mail): Fix grammar of a message passed to pam_info. * modules/pam_timestamp/pam_timestamp.c (verbose_success): Likewise. * modules/pam_selinux/pam_selinux.c (config_context, send_text): Fix grammar of messages passed to pam_prompt. * modules/pam_tally/pam_tally.c (tally_check): Fix grammar of messages passed to pam_info. * modules/pam_tally2/pam_tally2.c (tally_check): Likewise. * modules/pam_unix/pam_unix_acct.c (pam_sm_acct_mgmt): Fix grammar of messages passed to _make_remark. * modules/pam_unix/pam_unix_passwd.c (_pam_unix_approve_pass, pam_sm_chauthtok): Likewise. * po/Linux-PAM.pot: Regenerate. --- modules/pam_limits/pam_limits.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'modules/pam_limits/pam_limits.c') diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c index 4bc4ae71..cac36999 100644 --- a/modules/pam_limits/pam_limits.c +++ b/modules/pam_limits/pam_limits.c @@ -1088,7 +1088,8 @@ out: retval = setup_limits(pamh, pwd->pw_name, pwd->pw_uid, ctrl, pl); if (retval & LOGIN_ERR) - pam_error(pamh, _("Too many logins for '%s'."), pwd->pw_name); + pam_error(pamh, _("There were too many logins for '%s'."), + pwd->pw_name); if (retval != LIMITED_OK) { return PAM_PERM_DENIED; } -- cgit v1.2.3 From 03f46bbe3f22d800a1516f4c535a1bfb573068de Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Mon, 16 Dec 2019 10:38:52 +0100 Subject: Fix or suppress various warnings when compiling with -Wall -Wextra * conf/pam_conv1/Makefile.am: Add -Wno-unused-function -Wno-sign-compare to CFLAGS. * doc/specs/Makefile.am: Likewise. * libpamc/include/security/pam_client.h: Explicitly compare old_p with NULL. * modules/pam_access/pam_access.c: Avoid double const. * modules/pam_filter/pam_filter.c: Avoid arbitrary constants. Avoid strncpy() without copying the NUL byte. * modules/pam_group/pam_group.c: Mark switch fallthrough with comment. * modules/pam_time/pam_time.c: Likewise. * modules/pam_limits/pam_limits.c: Remove unused units variable. * modules/pam_listfile/pam_listfile.c: Avoid unnecessary strncpy, use pointers. * modules/pam_rootok/pam_rootok.c (log_callback): Mark unused parameter. * modules/pam_selinux/pam_selinux.c: Use string_to_security_class() instead of hardcoded value. * modules/pam_sepermit/pam_sepermit.c: Properly cast when comparing. * modules/pam_succeed_if/pam_succeed_if.c: Mark unused parameters. * modules/pam_unix/pam_unix_passwd.c: Remove unused variables and properly cast for comparison. * modules/pam_unix/support.c: Remove unused function. --- conf/pam_conv1/Makefile.am | 2 ++ doc/specs/Makefile.am | 2 ++ libpamc/include/security/pam_client.h | 2 +- modules/pam_access/pam_access.c | 2 +- modules/pam_filter/pam_filter.c | 16 ++++++++-------- modules/pam_group/pam_group.c | 1 + modules/pam_limits/pam_limits.c | 7 ++----- modules/pam_listfile/pam_listfile.c | 9 ++++----- modules/pam_rootok/pam_rootok.c | 2 +- modules/pam_selinux/pam_selinux.c | 4 +--- modules/pam_sepermit/pam_sepermit.c | 2 +- modules/pam_succeed_if/pam_succeed_if.c | 11 +++++++++-- modules/pam_time/pam_time.c | 1 + modules/pam_unix/pam_unix_passwd.c | 10 +++++----- modules/pam_unix/support.c | 5 ----- 15 files changed, 39 insertions(+), 37 deletions(-) (limited to 'modules/pam_limits/pam_limits.c') diff --git a/conf/pam_conv1/Makefile.am b/conf/pam_conv1/Makefile.am index ce50b686..2e643306 100644 --- a/conf/pam_conv1/Makefile.am +++ b/conf/pam_conv1/Makefile.am @@ -8,6 +8,8 @@ EXTRA_DIST = README AM_YFLAGS = -d +pam_conv1_CFLAGS = -Wno-unused-function -Wno-sign-compare + BUILT_SOURCES = pam_conv_y.h noinst_PROGRAMS = pam_conv1 diff --git a/doc/specs/Makefile.am b/doc/specs/Makefile.am index 99ecc70e..de20decd 100644 --- a/doc/specs/Makefile.am +++ b/doc/specs/Makefile.am @@ -16,6 +16,8 @@ CPPFLAGS = @BUILD_CPPFLAGS@ CFLAGS = @BUILD_CFLAGS@ LDFLAGS = @BUILD_LDFLAGS@ +padout_CFLAGS = -Wno-unused-function -Wno-sign-compare + BUILT_SOURCES = parse_y.h noinst_PROGRAMS = padout diff --git a/libpamc/include/security/pam_client.h b/libpamc/include/security/pam_client.h index 47e41aaf..86672a2e 100644 --- a/libpamc/include/security/pam_client.h +++ b/libpamc/include/security/pam_client.h @@ -109,7 +109,7 @@ char **pamc_list_agents(pamc_handle_t pch); #define PAM_BP_RENEW(old_p, cntrl, data_length) \ do { \ - if (old_p) { \ + if ((old_p) != NULL) { \ if (*(old_p)) { \ u_int32_t __size; \ __size = PAM_BP_SIZE(*(old_p)); \ diff --git a/modules/pam_access/pam_access.c b/modules/pam_access/pam_access.c index 80d885dd..128da01d 100644 --- a/modules/pam_access/pam_access.c +++ b/modules/pam_access/pam_access.c @@ -806,7 +806,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, const char *user=NULL; const void *void_from=NULL; const char *from; - const char const *default_config = PAM_ACCESS_CONFIG; + const char *default_config = PAM_ACCESS_CONFIG; struct passwd *user_pw; char hostname[MAXHOSTNAMELEN + 1]; int rv; diff --git a/modules/pam_filter/pam_filter.c b/modules/pam_filter/pam_filter.c index 8ab7981a..de8c35ad 100644 --- a/modules/pam_filter/pam_filter.c +++ b/modules/pam_filter/pam_filter.c @@ -120,8 +120,8 @@ static int process_args(pam_handle_t *pamh /* the "ARGS" variable */ -#define ARGS_OFFSET 5 /* strlen('ARGS='); */ #define ARGS_NAME "ARGS=" +#define ARGS_OFFSET (sizeof(ARGS_NAME) - 1) size += ARGS_OFFSET; @@ -134,7 +134,7 @@ static int process_args(pam_handle_t *pamh return -1; } - strncpy(levp[0],ARGS_NAME,ARGS_OFFSET); + strcpy(levp[0], ARGS_NAME); for (i=0,size=ARGS_OFFSET; i terminate */ /* the "USER" variable */ -#define USER_OFFSET 5 /* strlen('USER='); */ #define USER_NAME "USER=" +#define USER_OFFSET (sizeof(USER_NAME) - 1) if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || user == NULL) { @@ -194,14 +194,14 @@ static int process_args(pam_handle_t *pamh return -1; } - strncpy(levp[2],USER_NAME,USER_OFFSET); + strcpy(levp[2], USER_NAME); strcpy(levp[2]+USER_OFFSET, user); levp[2][size] = '\0'; /* terminate */ /* the "USER" variable */ -#define TYPE_OFFSET 5 /* strlen('TYPE='); */ #define TYPE_NAME "TYPE=" +#define TYPE_OFFSET (sizeof(TYPE_NAME) - 1) size = TYPE_OFFSET+strlen(type); @@ -217,7 +217,7 @@ static int process_args(pam_handle_t *pamh return -1; } - strncpy(levp[3],TYPE_NAME,TYPE_OFFSET); + strcpy(levp[3], TYPE_NAME); strcpy(levp[3]+TYPE_OFFSET, type); levp[3][size] = '\0'; /* terminate */ diff --git a/modules/pam_group/pam_group.c b/modules/pam_group/pam_group.c index 8cd178c0..66252c78 100644 --- a/modules/pam_group/pam_group.c +++ b/modules/pam_group/pam_group.c @@ -183,6 +183,7 @@ read_field(const pam_handle_t *pamh, int fd, char **buf, int *from, int *state) ++src; /* skip it */ break; } + /* fallthrough */ default: *to++ = c; onspace = 0; diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c index cac36999..02967f36 100644 --- a/modules/pam_limits/pam_limits.c +++ b/modules/pam_limits/pam_limits.c @@ -384,7 +384,7 @@ static void parse_kernel_limits(pam_handle_t *pamh, struct pam_limit_s *pl, int FILE *limitsfile; const char *proclimits = "/proc/1/limits"; char line[256]; - char *units, *hard, *soft, *name; + char *hard, *soft, *name; if (!(limitsfile = fopen(proclimits, "r"))) { pam_syslog(pamh, LOG_WARNING, "Could not read %s (%s), using PAM defaults", proclimits, strerror(errno)); @@ -410,10 +410,7 @@ static void parse_kernel_limits(pam_handle_t *pamh, struct pam_limit_s *pl, int if (pos == maxlen) { /* step backwards over "Units" name */ LIMITS_SKIP_WHITESPACE; - LIMITS_MARK_ITEM(units); - } - else { - units = ""; + LIMITS_MARK_ITEM(hard); /* not a typo, units unused */ } /* step backwards over "Hard Limit" value */ diff --git a/modules/pam_listfile/pam_listfile.c b/modules/pam_listfile/pam_listfile.c index 5723598e..1fe5f495 100644 --- a/modules/pam_listfile/pam_listfile.c +++ b/modules/pam_listfile/pam_listfile.c @@ -65,14 +65,14 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, char mybuf[256],myval[256]; struct stat fileinfo; FILE *inf; - char apply_val[256]; + const char *apply_val; int apply_type; /* Stuff for "extended" items */ struct passwd *userinfo; apply_type=APPLY_TYPE_NULL; - memset(apply_val,0,sizeof(apply_val)); + apply_val=""; for(i=0; i < argc; i++) { { @@ -140,13 +140,12 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, citem = 0; } else if(!strcmp(mybuf,"apply")) { apply_type=APPLY_TYPE_NONE; - memset(apply_val,'\0',sizeof(apply_val)); if (myval[0]=='@') { apply_type=APPLY_TYPE_GROUP; - strncpy(apply_val,myval+1,sizeof(apply_val)-1); + apply_val=myval+1; } else { apply_type=APPLY_TYPE_USER; - strncpy(apply_val,myval,sizeof(apply_val)-1); + apply_val=myval; } } else { free(ifname); diff --git a/modules/pam_rootok/pam_rootok.c b/modules/pam_rootok/pam_rootok.c index 17baabe4..80a67f6d 100644 --- a/modules/pam_rootok/pam_rootok.c +++ b/modules/pam_rootok/pam_rootok.c @@ -61,7 +61,7 @@ _pam_parse (const pam_handle_t *pamh, int argc, const char **argv) #ifdef WITH_SELINUX static int -log_callback (int type, const char *fmt, ...) +log_callback (int type UNUSED, const char *fmt, ...) { int audit_fd; va_list ap; diff --git a/modules/pam_selinux/pam_selinux.c b/modules/pam_selinux/pam_selinux.c index 9b3fe22e..5affec4f 100644 --- a/modules/pam_selinux/pam_selinux.c +++ b/modules/pam_selinux/pam_selinux.c @@ -63,8 +63,6 @@ #include #include -#include -#include #include #include #include @@ -591,7 +589,7 @@ compute_tty_context(const pam_handle_t *pamh, module_data_t *data) } if (security_compute_relabel(data->exec_context, data->prev_tty_context, - SECCLASS_CHR_FILE, &data->tty_context)) { + string_to_security_class("chr_file"), &data->tty_context)) { data->tty_context = NULL; pam_syslog(pamh, LOG_ERR, "Failed to compute new context for %s: %m", data->tty_path); diff --git a/modules/pam_sepermit/pam_sepermit.c b/modules/pam_sepermit/pam_sepermit.c index c6532907..f37af0fb 100644 --- a/modules/pam_sepermit/pam_sepermit.c +++ b/modules/pam_sepermit/pam_sepermit.c @@ -353,7 +353,7 @@ sepermit_match(pam_handle_t *pamh, const char *cfgfile, const char *user, if (*sense == PAM_SUCCESS) { if (ignore) *sense = PAM_IGNORE; - if (geteuid() == 0 && exclusive && get_loginuid(pamh) == -1) + if (geteuid() == 0 && exclusive && get_loginuid(pamh) == (uid_t)-1) if (sepermit_lock(pamh, user, debug) < 0) *sense = PAM_AUTH_ERR; } diff --git a/modules/pam_succeed_if/pam_succeed_if.c b/modules/pam_succeed_if/pam_succeed_if.c index afa61b3e..2a791d26 100644 --- a/modules/pam_succeed_if/pam_succeed_if.c +++ b/modules/pam_succeed_if/pam_succeed_if.c @@ -229,9 +229,16 @@ evaluate_notingroup(pam_handle_t *pamh, const char *user, const char *group) return PAM_SUCCESS; return PAM_AUTH_ERR; } + +#ifdef HAVE_INNETGR +# define SOMETIMES_UNUSED UNUSED +#else +# define SOMETIMES_UNUSED +#endif + /* Return PAM_SUCCESS if the (host,user) is in the netgroup. */ static int -evaluate_innetgr(const pam_handle_t* pamh, const char *host, const char *user, const char *group) +evaluate_innetgr(const pam_handle_t* pamh SOMETIMES_UNUSED, const char *host, const char *user, const char *group) { #ifdef HAVE_INNETGR if (innetgr(group, host, user, NULL) == 1) @@ -244,7 +251,7 @@ evaluate_innetgr(const pam_handle_t* pamh, const char *host, const char *user, c } /* Return PAM_SUCCESS if the (host,user) is NOT in the netgroup. */ static int -evaluate_notinnetgr(const pam_handle_t* pamh, const char *host, const char *user, const char *group) +evaluate_notinnetgr(const pam_handle_t* pamh SOMETIMES_UNUSED, const char *host, const char *user, const char *group) { #ifdef HAVE_INNETGR if (innetgr(group, host, user, NULL) == 0) diff --git a/modules/pam_time/pam_time.c b/modules/pam_time/pam_time.c index 26a374b5..4863ea4e 100644 --- a/modules/pam_time/pam_time.c +++ b/modules/pam_time/pam_time.c @@ -213,6 +213,7 @@ read_field(const pam_handle_t *pamh, int fd, char **buf, int *from, int *state) ++src; /* skip it */ break; } + /* fallthrough */ default: *to++ = c; onspace = 0; diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c index 99a4c40f..93300f46 100644 --- a/modules/pam_unix/pam_unix_passwd.c +++ b/modules/pam_unix/pam_unix_passwd.c @@ -350,7 +350,7 @@ static int _unix_run_update_binary(pam_handle_t *pamh, unsigned long long ctrl, static int check_old_password(const char *forwho, const char *newpass) { static char buf[16384]; - char *s_luser, *s_uid, *s_npas, *s_pas; + char *s_pas; int retval = PAM_SUCCESS; FILE *opwfile; size_t len = strlen(forwho); @@ -364,9 +364,9 @@ static int check_old_password(const char *forwho, const char *newpass) buf[len] == ',')) { char *sptr; buf[strlen(buf) - 1] = '\0'; - s_luser = strtok_r(buf, ":,", &sptr); - s_uid = strtok_r(NULL, ":,", &sptr); - s_npas = strtok_r(NULL, ":,", &sptr); + /* s_luser = */ strtok_r(buf, ":,", &sptr); + /* s_uid = */ strtok_r(NULL, ":,", &sptr); + /* s_npas = */ strtok_r(NULL, ":,", &sptr); s_pas = strtok_r(NULL, ":,", &sptr); while (s_pas != NULL) { char *md5pass = Goodcrypt_md5(newpass, s_pas); @@ -581,7 +581,7 @@ static int _pam_unix_approve_pass(pam_handle_t * pamh remark = _("You must choose a shorter password."); D(("length exceeded [%s]", remark)); } else if (off(UNIX__IAMROOT, ctrl)) { - if (strlen(pass_new) < pass_min_len) + if ((int)strlen(pass_new) < pass_min_len) remark = _("You must choose a longer password."); D(("length check [%s]", remark)); if (on(UNIX_REMEMBER_PASSWD, ctrl)) { diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c index 4f15b61b..814d4c08 100644 --- a/modules/pam_unix/support.c +++ b/modules/pam_unix/support.c @@ -211,11 +211,6 @@ unsigned long long _set_ctrl(pam_handle_t *pamh, int flags, int *remember, return ctrl; } -static void _cleanup(pam_handle_t * pamh UNUSED, void *x, int error_status UNUSED) -{ - _pam_delete(x); -} - /* ************************************************************** * * Useful non-trivial functions * * ************************************************************** */ -- cgit v1.2.3 From b7fbd1ca8eb8f1648a1e36a4c65d10b0f636cc8a Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Mon, 16 Mar 2020 21:02:18 +0000 Subject: modules/pam_limits: use pam_str_skip_prefix * modules/pam_limits/pam_limits.c: Include "pam_inline.h". (_pam_parse, parse_kernel_limits): Use pam_str_skip_prefix instead of ugly strncmp invocations. --- modules/pam_limits/pam_limits.c | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) (limited to 'modules/pam_limits/pam_limits.c') diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c index 02967f36..a88fed28 100644 --- a/modules/pam_limits/pam_limits.c +++ b/modules/pam_limits/pam_limits.c @@ -108,6 +108,7 @@ struct pam_limit_s { #include #include #include +#include "pam_inline.h" /* argument parsing */ @@ -129,13 +130,14 @@ _pam_parse (const pam_handle_t *pamh, int argc, const char **argv, /* step through arguments */ for (ctrl=0; argc-- > 0; ++argv) { + const char *str; /* generic options */ if (!strcmp(*argv,"debug")) { ctrl |= PAM_DEBUG_ARG; - } else if (!strncmp(*argv,"conf=",5)) { - pl->conf_file = *argv+5; + } else if ((str = pam_str_skip_prefix(*argv, "conf=")) != NULL) { + pl->conf_file = str; } else if (!strcmp(*argv,"utmp_early")) { ctrl |= PAM_UTMP_EARLY; } else if (!strcmp(*argv,"noaudit")) { @@ -401,8 +403,8 @@ static void parse_kernel_limits(pam_handle_t *pamh, struct pam_limit_s *pl, int line[pos] = '\0'; } - /* determine formatting boundry of limits report */ - if (!maxlen && strncmp(line, "Limit", 5) == 0) { + /* determine formatting boundary of limits report */ + if (!maxlen && pam_str_skip_prefix(line, "Limit") != NULL) { maxlen = pos; continue; } -- cgit v1.2.3 From 897c7412b26ca618af6822dcaa7e6be68772dc52 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Sat, 28 Mar 2020 18:19:41 +0000 Subject: Fix various typos found using codespell tool --- NEWS | 8 ++++---- conf/pam_conv1/README | 2 +- configure.ac | 4 ++-- doc/man/pam.3.xml | 2 +- doc/sag/pam_time.xml | 2 +- doc/specs/draft-morgan-pam.raw | 4 ++-- libpam/include/security/_pam_types.h | 4 ++-- libpam/pam_delay.c | 4 ++-- libpam/pam_handlers.c | 4 ++-- libpam/pam_private.h | 2 +- libpam_misc/misc_conv.c | 2 +- libpamc/pamc_load.c | 2 +- m4/libprelude.m4 | 6 +++--- modules/pam_access/pam_access.c | 8 ++++---- modules/pam_cracklib/pam_cracklib.c | 4 ++-- modules/pam_env/pam_env.c | 4 ++-- modules/pam_filter/pam_filter.c | 4 ++-- modules/pam_ftp/pam_ftp.c | 4 ++-- modules/pam_issue/pam_issue.c | 2 +- modules/pam_keyinit/pam_keyinit.c | 4 ++-- modules/pam_lastlog/pam_lastlog.c | 6 +++--- modules/pam_limits/pam_limits.c | 2 +- modules/pam_mkhomedir/pam_mkhomedir.c | 2 +- modules/pam_namespace/pam_namespace.c | 4 ++-- modules/pam_namespace/pam_namespace.h | 4 ++-- modules/pam_sepermit/pam_sepermit.c | 2 +- modules/pam_stress/README | 2 +- modules/pam_tally/faillog.h | 4 ++-- modules/pam_tally/pam_tally.c | 2 +- modules/pam_tally2/pam_tally2.c | 2 +- modules/pam_unix/bigcrypt.c | 2 +- modules/pam_unix/unix_chkpwd.c | 2 +- tests/tst-pam_set_data.c | 2 +- xtests/run-xtests.sh | 8 ++++---- 34 files changed, 60 insertions(+), 60 deletions(-) (limited to 'modules/pam_limits/pam_limits.c') diff --git a/NEWS b/NEWS index 23e606b4..d0b18bbc 100644 --- a/NEWS +++ b/NEWS @@ -115,8 +115,8 @@ Release 1.1.4 Release 1.1.3 -* pam_namespace: Clean environment for childs (CVE-2010-3853) -* libpam: New interface to drop/regain privilegs +* pam_namespace: Clean environment for child processes (CVE-2010-3853) +* libpam: New interface to drop/regain privileges * Drop root privilegs in pam_env, pam_mail and pam_xauth before accessing user files (CVE-2010-3430, CVE-2010-3431) * pam_unix: Add minlen option, change default from 6 to 0 @@ -222,7 +222,7 @@ Release 0.99.10.0 SELinux mode. * Improved functionality of pam_namespace.so module (method flags, namespace.d configuration directory, new options). -* Finaly removed deprecated pam_rhosts_auth module. +* Finally removed deprecated pam_rhosts_auth module. Release 0.99.9.0 @@ -316,7 +316,7 @@ Release 0.99.4.0 * Add test suite * Fix building of static variants of libpam, libpamc and libpam_misc * pam_listfile: Add support for password and session management -* pam_exec: New PAM module to execute arbitary commands +* pam_exec: New PAM module to execute arbitrary commands * Fix building of a static libpam including all PAM modules * New/updated translations for: nl, pt, pl, fi, km, tr, uk, fr * pam_access: Add network(address) / netmask and IPv6 support diff --git a/conf/pam_conv1/README b/conf/pam_conv1/README index 8c748ba8..753d71f3 100644 --- a/conf/pam_conv1/README +++ b/conf/pam_conv1/README @@ -1,5 +1,5 @@ -This directory contains a untility to convert pam.conf files to a pam.d/ +This directory contains a utility to convert pam.conf files to a pam.d/ tree. The conversion program takes pam.conf from the standard input and creates the pam.d/ directory in the current directory. diff --git a/configure.ac b/configure.ac index 57886415..d8bedb8c 100644 --- a/configure.ac +++ b/configure.ac @@ -230,7 +230,7 @@ dnl dnl icc handles -fpie as -fp without error, so blacklist icc dnl AC_ARG_ENABLE(pie,AS_HELP_STRING([--disable-pie], - [disable position-independent executeables (PIE)]), + [disable position-independent executables (PIE)]), USE_PIE=$enableval, USE_PIE=yes) AC_CACHE_CHECK(for -fpie, libc_cv_fpie, [dnl @@ -438,7 +438,7 @@ if test -n "$opt_randomdev"; then fi dnl check for libdb or libndbm as fallback. Some libndbm compat -dnl libraries are unuseable, so try libdb first. +dnl libraries are unusable, so try libdb first. AC_ARG_ENABLE([db], AS_HELP_STRING([--enable-db=(db|ndbm|yes|no)],[Default behavior 'yes', which is to check for libdb first, followed by ndbm. Use 'no' to disable db support.]), WITH_DB=$enableval, WITH_DB=yes) diff --git a/doc/man/pam.3.xml b/doc/man/pam.3.xml index 3efffd95..0b1efccf 100644 --- a/doc/man/pam.3.xml +++ b/doc/man/pam.3.xml @@ -153,7 +153,7 @@ pam_get_item3 functions allows applications and PAM service modules to set and - retrieve PAM informations. + retrieve PAM information. The diff --git a/doc/sag/pam_time.xml b/doc/sag/pam_time.xml index dd9bba4c..74e9e02a 100644 --- a/doc/sag/pam_time.xml +++ b/doc/sag/pam_time.xml @@ -2,7 +2,7 @@
- pam_time - time controled access + pam_time - time controlled access diff --git a/doc/specs/draft-morgan-pam.raw b/doc/specs/draft-morgan-pam.raw index ec5bba49..8fdb0502 100644 --- a/doc/specs/draft-morgan-pam.raw +++ b/doc/specs/draft-morgan-pam.raw @@ -130,11 +130,11 @@ Here is a diagram to help orient the reader: ## +---------+ +--------+ +----------+ ## Solid lines connecting the boxes represent two-way interaction. The -dotted-directed lines indicate an optional connection beteween the +dotted-directed lines indicate an optional connection between the plugin module (agent) and the server (applicant). In the case of the module, this represents the module invoking the 'conversation' callback function provided to libpam by the server application when it -inititializes the libpam library. In the case of the agent, this may +initializes the libpam library. In the case of the agent, this may be some out-of-PAM API interaction (for example directly displaying a dialog box under X). diff --git a/libpam/include/security/_pam_types.h b/libpam/include/security/_pam_types.h index 2d684bce..2abb7ee5 100644 --- a/libpam/include/security/_pam_types.h +++ b/libpam/include/security/_pam_types.h @@ -41,7 +41,7 @@ typedef struct pam_handle pam_handle_t; /* can not retrieve authentication */ /* information */ #define PAM_USER_UNKNOWN 10 /* User not known to the underlying */ - /* authenticaiton module */ + /* authentication module */ #define PAM_MAXTRIES 11 /* An authentication service has */ /* maintained a retry count which has */ /* been reached. No further retries */ @@ -50,7 +50,7 @@ typedef struct pam_handle pam_handle_t; /* This is normally returned if the */ /* machine security policies require */ /* that the password should be changed */ - /* beccause the password is NULL or it */ + /* because the password is NULL or it */ /* has aged */ #define PAM_ACCT_EXPIRED 13 /* User account has expired */ #define PAM_SESSION_ERR 14 /* Can not make/remove an entry for */ diff --git a/libpam/pam_delay.c b/libpam/pam_delay.c index 8a2be7aa..549da896 100644 --- a/libpam/pam_delay.c +++ b/libpam/pam_delay.c @@ -44,10 +44,10 @@ void _pam_start_timer(pam_handle_t *pamh) /* ******************************************************************* * Compute a pseudo random time. The value is base*(1 +/- 1/5) where - * the distribution is pseudo gausian (the sum of three evenly + * the distribution is pseudo gaussian (the sum of three evenly * distributed random numbers -- central limit theorem and all ;^) The * linear random numbers are based on a formulae given in Knuth's - * Seminumerical recipies that was reproduced in `Numerical Recipies + * Seminumerical recipes that was reproduced in `Numerical Recipes * in C'. It is *not* a cryptographically strong generator, but it is * probably "good enough" for our purposes here. * diff --git a/libpam/pam_handlers.c b/libpam/pam_handlers.c index 79961ed2..ffa5e4ae 100644 --- a/libpam/pam_handlers.c +++ b/libpam/pam_handlers.c @@ -559,7 +559,7 @@ int _pam_init_handlers(pam_handle_t *pamh) /* * This is where we read a line of the PAM config file. The line may be - * preceeded by lines of comments and also extended with "\\\n" + * preceded by lines of comments and also extended with "\\\n" */ static int _pam_assemble_line(FILE *f, char *buffer, int buf_len) @@ -1034,7 +1034,7 @@ void _pam_free_handlers_aux(struct handler **hp) D(("called.")); while (h) { last = h; - _pam_drop(h->argv); /* This is all alocated in a single chunk */ + _pam_drop(h->argv); /* This is all allocated in a single chunk */ _pam_drop(h->mod_name); h = h->next; memset(last, 0, sizeof(*last)); diff --git a/libpam/pam_private.h b/libpam/pam_private.h index 69d2ef44..508527cf 100644 --- a/libpam/pam_private.h +++ b/libpam/pam_private.h @@ -220,7 +220,7 @@ int _pam_free_handlers(pam_handle_t *pamh); /* Parse config file, allocate handler structures, dlopen() */ int _pam_init_handlers(pam_handle_t *pamh); -/* Set all hander stuff to 0/NULL - called once from pam_start() */ +/* Set all handler stuff to 0/NULL - called once from pam_start() */ void _pam_start_handlers(pam_handle_t *pamh); /* environment helper functions */ diff --git a/libpam_misc/misc_conv.c b/libpam_misc/misc_conv.c index e29ce59e..f6397af1 100644 --- a/libpam_misc/misc_conv.c +++ b/libpam_misc/misc_conv.c @@ -23,7 +23,7 @@ #define CONV_ECHO_OFF 0 /* - * external timeout definitions - these can be overriden by the + * external timeout definitions - these can be overridden by the * application. */ diff --git a/libpamc/pamc_load.c b/libpamc/pamc_load.c index 5155e0ae..24a65dfd 100644 --- a/libpamc/pamc_load.c +++ b/libpamc/pamc_load.c @@ -113,7 +113,7 @@ static int __pamc_exec_agent(pamc_handle_t pch, pamc_agent_t *agent) pamc_converse) to make sure no privilege will leak into an (untrusted) agent. */ - /* we propogate no environment - future versions of this + /* we propagate no environment - future versions of this library may have the ability to audit all agent transactions. */ diff --git a/m4/libprelude.m4 b/m4/libprelude.m4 index f78527f6..a9ea404c 100644 --- a/m4/libprelude.m4 +++ b/m4/libprelude.m4 @@ -69,7 +69,7 @@ main () "$libprelude_config_version", prelude_check_version(NULL) ); printf("*** was found! If libprelude-config was correct, then it is best\n"); printf("*** to remove the old version of LIBPRELUDE. You may also be able to fix the error\n"); - printf("*** by modifying your LD_LIBRARY_PATH enviroment variable, or by editing\n"); + printf("*** by modifying your LD_LIBRARY_PATH environment variable, or by editing\n"); printf("*** /etc/ld.so.conf. Make sure you have run ldconfig if that is\n"); printf("*** required on your system.\n"); printf("*** If libprelude-config was wrong, set the environment variable LIBPRELUDE_CONFIG\n"); @@ -100,7 +100,7 @@ main () printf("*** being found. The easiest way to fix this is to remove the old version\n"); printf("*** of LIBPRELUDE, but you can also set the LIBPRELUDE_CONFIG environment to point to the\n"); printf("*** correct copy of libprelude-config. (In this case, you will have to\n"); - printf("*** modify your LD_LIBRARY_PATH enviroment variable, or edit /etc/ld.so.conf\n"); + printf("*** modify your LD_LIBRARY_PATH environment variable, or edit /etc/ld.so.conf\n"); printf("*** so that the correct libraries are found at run-time))\n"); } } @@ -151,7 +151,7 @@ main () echo "*** you may also be able to get things to work by modifying LD_LIBRARY_PATH" echo "***" ], [ echo "*** The test program failed to compile or link. See the file config.log for the" - echo "*** exact error that occured. This usually means LIBPRELUDE was incorrectly installed" + echo "*** exact error that occurred. This usually means LIBPRELUDE was incorrectly installed" echo "*** or that you have moved LIBPRELUDE since it was installed. In the latter case, you" echo "*** may want to edit the libprelude-config script: $LIBPRELUDE_CONFIG" ]) CFLAGS="$ac_save_CFLAGS" diff --git a/modules/pam_access/pam_access.c b/modules/pam_access/pam_access.c index 680b5860..4d4339a4 100644 --- a/modules/pam_access/pam_access.c +++ b/modules/pam_access/pam_access.c @@ -21,7 +21,7 @@ * * This software is provided "as is" and without any expressed or implied * warranties, including, without limitation, the implied warranties of - * merchantibility and fitness for any particular purpose. + * merchantability and fitness for any particular purpose. ************************************************************************* */ @@ -220,7 +220,7 @@ isipaddr (const char *string, int *addr_type, /* are_addresses_equal - translate IP address strings to real IP * addresses and compare them to find out if they are equal. - * If netmask was provided it will be used to focus comparation to + * If netmask was provided it will be used to focus comparison to * relevant bits. */ static int @@ -377,7 +377,7 @@ login_access (pam_handle_t *pamh, struct login_info *item) if (line[0] == 0) /* skip blank lines */ continue; - /* Allow field seperator in last field of froms */ + /* Allow field separator in last field of froms */ if (!(perm = strtok_r(line, item->fs, &sptr)) || !(users = strtok_r(NULL, item->fs, &sptr)) || !(froms = strtok_r(NULL, "\n", &sptr))) { @@ -584,7 +584,7 @@ group_match (pam_handle_t *pamh, const char *tok, const char* usr, if (strlen(tok) < 3) return NO; - /* token is recieved under the format '(...)' */ + /* token is received under the format '(...)' */ memset(grptok, 0, BUFSIZ); strncpy(grptok, tok + 1, strlen(tok) - 2); diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c index e87ff7d8..f89f33da 100644 --- a/modules/pam_cracklib/pam_cracklib.c +++ b/modules/pam_cracklib/pam_cracklib.c @@ -13,7 +13,7 @@ * 0.5. supports retries - 'retry=N' argument * 0.4. added argument 'type=XXX' for 'New XXX password' prompt * 0.3. Added argument 'debug' - * 0.2. new password is feeded to cracklib for verify after typed once + * 0.2. new password is fed to cracklib for verify after typed once * 0.1. First release */ @@ -317,7 +317,7 @@ static int similar(struct cracklib_options *opt, } /* - * enough classes of charecters + * enough classes of characters */ static int minclass (struct cracklib_options *opt, diff --git a/modules/pam_env/pam_env.c b/modules/pam_env/pam_env.c index e514b2c2..1bdc119d 100644 --- a/modules/pam_env/pam_env.c +++ b/modules/pam_env/pam_env.c @@ -230,7 +230,7 @@ _parse_env_file(pam_handle_t *pamh, int ctrl, const char *file) mark[0] = '\0'; /* - * sanity check, the key must be alpha-numeric + * sanity check, the key must be alphanumeric */ if (key[0] == '=') { @@ -291,7 +291,7 @@ _parse_env_file(pam_handle_t *pamh, int ctrl, const char *file) /* * This is where we read a line of the PAM config file. The line may be - * preceeded by lines of comments and also extended with "\\\n" + * preceded by lines of comments and also extended with "\\\n" */ static int _assemble_line(FILE *f, char *buffer, int buf_len) diff --git a/modules/pam_filter/pam_filter.c b/modules/pam_filter/pam_filter.c index febb274f..b9274e83 100644 --- a/modules/pam_filter/pam_filter.c +++ b/modules/pam_filter/pam_filter.c @@ -296,7 +296,7 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl, struct termios t_mode = stored_mode; t_mode.c_iflag = 0; /* no input control */ - t_mode.c_oflag &= ~OPOST; /* no ouput post processing */ + t_mode.c_oflag &= ~OPOST; /* no output post processing */ /* no signals, canonical input, echoing, upper/lower output */ #ifdef XCASE @@ -444,7 +444,7 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl, close(fd[1]); - /* the current process is now aparently working with filtered + /* the current process is now apparently working with filtered stdio/stdout/stderr --- success! */ return PAM_SUCCESS; diff --git a/modules/pam_ftp/pam_ftp.c b/modules/pam_ftp/pam_ftp.c index 30806f28..ce6ead9a 100644 --- a/modules/pam_ftp/pam_ftp.c +++ b/modules/pam_ftp/pam_ftp.c @@ -123,7 +123,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, const char *users = NULL; /* - * this module checks if the user name is ftp or annonymous. If + * this module checks if the user name is ftp or anonymous. If * this is the case, it can set the PAM_RUSER to the entered email * address and SUCCEEDS, otherwise it FAILS. */ @@ -186,7 +186,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, } } - /* we are happy to grant annonymous access to the user */ + /* we are happy to grant anonymous access to the user */ retval = PAM_SUCCESS; } else { diff --git a/modules/pam_issue/pam_issue.c b/modules/pam_issue/pam_issue.c index ea8e2a06..0fd1a117 100644 --- a/modules/pam_issue/pam_issue.c +++ b/modules/pam_issue/pam_issue.c @@ -58,7 +58,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, if(_user_prompt_set) return PAM_IGNORE; - /* We set this here so if we fail below, we wont get further + /* We set this here so if we fail below, we won't get further than this next time around (only one real failure) */ _user_prompt_set = 1; diff --git a/modules/pam_keyinit/pam_keyinit.c b/modules/pam_keyinit/pam_keyinit.c index 611c06dc..d58744d7 100644 --- a/modules/pam_keyinit/pam_keyinit.c +++ b/modules/pam_keyinit/pam_keyinit.c @@ -155,7 +155,7 @@ static int kill_keyrings(pam_handle_t *pamh, int error_ret) ret = error_ret; } - /* return to the orignal UID and GID (probably root) */ + /* return to the original UID and GID (probably root) */ if (revoke_as_uid != old_uid && setreuid(-1, old_uid) < 0) { error(pamh, "Unable to change UID back to %d\n", old_uid); ret = error_ret; @@ -227,7 +227,7 @@ static int do_keyinit(pam_handle_t *pamh, int argc, const char **argv, int error ret = init_keyrings(pamh, force, error_ret); - /* return to the orignal UID and GID (probably root) */ + /* return to the original UID and GID (probably root) */ if (uid != old_uid && setreuid(old_uid, -1) < 0) { error(pamh, "Unable to change UID back to %d\n", old_uid); ret = error_ret; diff --git a/modules/pam_lastlog/pam_lastlog.c b/modules/pam_lastlog/pam_lastlog.c index 2edac5bf..1f707d93 100644 --- a/modules/pam_lastlog/pam_lastlog.c +++ b/modules/pam_lastlog/pam_lastlog.c @@ -104,7 +104,7 @@ _pam_auth_parse(pam_handle_t *pamh, int flags, int argc, const char **argv, *inactive = DEFAULT_INACTIVE_DAYS; - /* does the appliction require quiet? */ + /* does the application require quiet? */ if (flags & PAM_SILENT) { ctrl |= LASTLOG_QUIET; } @@ -170,7 +170,7 @@ _pam_session_parse(pam_handle_t *pamh, int flags, int argc, const char **argv) } } - /* does the appliction require quiet? */ + /* does the application require quiet? */ if (flags & PAM_SILENT) { ctrl |= LASTLOG_QUIET; ctrl &= ~LASTLOG_BTMP; @@ -449,7 +449,7 @@ last_login_write(pam_handle_t *pamh, int announce, int last_fd, */ D(("setting limit for 'fsize'")); - if ((announce & LASTLOG_UNLIMITED) == 0) { /* don't set to unlimted */ + if ((announce & LASTLOG_UNLIMITED) == 0) { /* don't set to unlimited */ setrlimit_res = -1; } else if (getrlimit(RLIMIT_FSIZE, &old_limit) == 0) { if (old_limit.rlim_cur == RLIM_INFINITY) { /* already unlimited */ diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c index a88fed28..c8a03ae4 100644 --- a/modules/pam_limits/pam_limits.c +++ b/modules/pam_limits/pam_limits.c @@ -1048,7 +1048,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED, return PAM_SUCCESS; } if (retval != PAM_SUCCESS || pl->conf_file != NULL) - /* skip reading limits.d if config file explicitely specified */ + /* skip reading limits.d if config file explicitly specified */ goto out; /* Read subsequent *.conf files, if they exist. */ diff --git a/modules/pam_mkhomedir/pam_mkhomedir.c b/modules/pam_mkhomedir/pam_mkhomedir.c index 077e6171..6e035f70 100644 --- a/modules/pam_mkhomedir/pam_mkhomedir.c +++ b/modules/pam_mkhomedir/pam_mkhomedir.c @@ -80,7 +80,7 @@ _pam_parse (const pam_handle_t *pamh, int flags, int argc, const char **argv, opt->umask = "0022"; opt->skeldir = "/etc/skel"; - /* does the appliction require quiet? */ + /* does the application require quiet? */ if ((flags & PAM_SILENT) == PAM_SILENT) opt->ctrl |= MKHOMEDIR_QUIET; diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c index d1010daf..63b5c665 100644 --- a/modules/pam_namespace/pam_namespace.c +++ b/modules/pam_namespace/pam_namespace.c @@ -740,7 +740,7 @@ static int parse_config_file(struct instance_data *idata) /* - * This funtion returns true if a given uid is present in the polyinstantiated + * This function returns true if a given uid is present in the polyinstantiated * directory's list of override uids. If the uid is one of the override * uids for the polyinstantiated directory, polyinstantiation is not * performed for that user for that directory. @@ -880,7 +880,7 @@ static int form_context(const struct polydir_s *polyptr, goto fail; } if (context_range_set(fcontext, context_range_get(scontext)) != 0) { - pam_syslog(idata->pamh, LOG_ERR, "Unable to set MLS Componant of context"); + pam_syslog(idata->pamh, LOG_ERR, "Unable to set MLS Component of context"); goto fail; } *i_context=strdup(context_str(fcontext)); diff --git a/modules/pam_namespace/pam_namespace.h b/modules/pam_namespace/pam_namespace.h index 1522386a..3a1e4ba3 100644 --- a/modules/pam_namespace/pam_namespace.h +++ b/modules/pam_namespace/pam_namespace.h @@ -138,12 +138,12 @@ enum polymethod { /* * Depending on the application using this namespace module, we - * may need to unmount priviously bind mounted instance directory. + * may need to unmount previously bind mounted instance directory. * Applications such as login and sshd, that establish a new * session unmount of instance directory is not needed. For applications * such as su and newrole, that switch the identity, this module * has to unmount previous instance directory first and re-mount - * based on the new indentity. For other trusted applications that + * based on the new identity. For other trusted applications that * just want to undo polyinstantiation, only unmount of previous * instance directory is needed. */ diff --git a/modules/pam_sepermit/pam_sepermit.c b/modules/pam_sepermit/pam_sepermit.c index 14965a2f..442703d3 100644 --- a/modules/pam_sepermit/pam_sepermit.c +++ b/modules/pam_sepermit/pam_sepermit.c @@ -1,5 +1,5 @@ /****************************************************************************** - * A module for Linux-PAM that allows/denies acces based on SELinux state. + * A module for Linux-PAM that allows/denies access based on SELinux state. * * Copyright (c) 2007, 2008, 2009 Red Hat, Inc. * Originally written by Tomas Mraz diff --git a/modules/pam_stress/README b/modules/pam_stress/README index e64bf2d3..ed56ae58 100644 --- a/modules/pam_stress/README +++ b/modules/pam_stress/README @@ -2,7 +2,7 @@ # This describes the behavior of this module with respect to the # /etc/pam.conf file. # -# writen by Andrew Morgan +# written by Andrew Morgan # This module recognizes the following arguments. diff --git a/modules/pam_tally/faillog.h b/modules/pam_tally/faillog.h index 7f704713..90756394 100644 --- a/modules/pam_tally/faillog.h +++ b/modules/pam_tally/faillog.h @@ -43,8 +43,8 @@ struct faillog { short fail_cnt; /* failures since last success */ short fail_max; /* failures before turning account off */ - char fail_line[12]; /* last failure occured here */ - time_t fail_time; /* last failure occured then */ + char fail_line[12]; /* last failure occurred here */ + time_t fail_time; /* last failure occurred then */ /* * If nonzero, the account will be re-enabled if there are no * failures for fail_locktime seconds since last failure. diff --git a/modules/pam_tally/pam_tally.c b/modules/pam_tally/pam_tally.c index cc221b87..6f578988 100644 --- a/modules/pam_tally/pam_tally.c +++ b/modules/pam_tally/pam_tally.c @@ -694,7 +694,7 @@ pam_sm_setcred(pam_handle_t *pamh, int flags, #ifdef PAM_SM_ACCOUNT -/* To reset failcount of user on successfull login */ +/* To reset failcount of user on successful login */ int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, diff --git a/modules/pam_tally2/pam_tally2.c b/modules/pam_tally2/pam_tally2.c index 6543991f..e8c74eb9 100644 --- a/modules/pam_tally2/pam_tally2.c +++ b/modules/pam_tally2/pam_tally2.c @@ -806,7 +806,7 @@ pam_sm_setcred(pam_handle_t *pamh, int flags UNUSED, /* --- authentication management functions (only) --- */ -/* To reset failcount of user on successfull login */ +/* To reset failcount of user on successful login */ int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED, diff --git a/modules/pam_unix/bigcrypt.c b/modules/pam_unix/bigcrypt.c index e1d57a07..e08e4098 100644 --- a/modules/pam_unix/bigcrypt.c +++ b/modules/pam_unix/bigcrypt.c @@ -13,7 +13,7 @@ * Description: The cleartext is divided into blocks of SEGMENT_SIZE=8 * characters or less. Each block is encrypted using the standard UNIX * libc crypt function. The result of the encryption for one block - * provides the salt for the suceeding block. + * provides the salt for the succeeding block. * * Restrictions: The buffer used to hold the encrypted result is * statically allocated. (see MAX_PASS_LEN below). This is necessary, diff --git a/modules/pam_unix/unix_chkpwd.c b/modules/pam_unix/unix_chkpwd.c index 39c84dbf..6aaf81a4 100644 --- a/modules/pam_unix/unix_chkpwd.c +++ b/modules/pam_unix/unix_chkpwd.c @@ -2,7 +2,7 @@ * This program is designed to run setuid(root) or with sufficient * privilege to read all of the unix password databases. It is designed * to provide a mechanism for the current user (defined by this - * process' uid) to verify their own password. + * process's uid) to verify their own password. * * The password is read from the standard input. The exit status of * this program indicates whether the user is authenticated or not. diff --git a/tests/tst-pam_set_data.c b/tests/tst-pam_set_data.c index 3b30dcc1..9acab6a6 100644 --- a/tests/tst-pam_set_data.c +++ b/tests/tst-pam_set_data.c @@ -331,7 +331,7 @@ main (void) if (retval == PAM_SUCCESS) { fprintf (stderr, - "pam_set_data with NULL as module_data_name succeded!\n"); + "pam_set_data with NULL as module_data_name succeeded!\n"); return 1; } free (dataptr); diff --git a/xtests/run-xtests.sh b/xtests/run-xtests.sh index 1cf8684b..14f585d9 100755 --- a/xtests/run-xtests.sh +++ b/xtests/run-xtests.sh @@ -13,7 +13,7 @@ XTESTS="$@" failed=0 pass=0 -skiped=0 +skipped=0 all=0 mkdir -p /etc/security @@ -36,7 +36,7 @@ for testname in $XTESTS ; do RETVAL=$? if test $RETVAL -eq 77 ; then echo "SKIP: $testname" - skiped=`expr $skiped + 1` + skipped=`expr $skipped + 1` elif test $RETVAL -ne 0 ; then echo "FAIL: $testname" failed=`expr $failed + 1` @@ -55,13 +55,13 @@ mv /etc/security/opasswd-pam-xtests /etc/security/opasswd if test "$failed" -ne 0; then echo "===================" echo "$failed of $all tests failed" - echo "$skiped tests not run" + echo "$skipped tests not run" echo "===================" exit 1 else echo "==================" echo "$all tests passed" - echo "$skiped tests not run" + echo "$skipped tests not run" echo "==================" fi exit 0 -- cgit v1.2.3 From 37b5259298be9137f5b40eef16027152ddb803ff Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Fri, 1 May 2020 19:20:12 +0000 Subject: modules: remove PAM_SM_* macros Starting with commit a684595c0bbd88df71285f43fb27630e3829121e aka Linux-PAM-1.3.0~14 (Remove "--enable-static-modules" option and support from Linux-PAM), PAM_SM_* macros have no effect. --- modules/pam_access/pam_access.c | 16 ++-------------- modules/pam_cracklib/pam_cracklib.c | 17 ++--------------- modules/pam_debug/pam_debug.c | 26 +++++--------------------- modules/pam_deny/pam_deny.c | 18 +----------------- modules/pam_echo/pam_echo.c | 5 ----- modules/pam_env/pam_env.c | 16 ++-------------- modules/pam_exec/pam_exec.c | 6 ------ modules/pam_faildelay/pam_faildelay.c | 7 ++----- modules/pam_faillock/pam_faillock.c | 4 ---- modules/pam_filter/pam_filter.c | 7 +------ modules/pam_ftp/pam_ftp.c | 14 +------------- modules/pam_group/pam_group.c | 13 ++----------- modules/pam_issue/pam_issue.c | 5 ++--- modules/pam_keyinit/pam_keyinit.c | 3 ++- modules/pam_lastlog/pam_lastlog.c | 15 ++------------- modules/pam_limits/pam_limits.c | 2 -- modules/pam_listfile/pam_listfile.c | 14 ++------------ modules/pam_localuser/pam_localuser.c | 4 ++-- modules/pam_loginuid/pam_loginuid.c | 4 +++- modules/pam_mail/pam_mail.c | 14 ++------------ modules/pam_mkhomedir/pam_mkhomedir.c | 9 --------- modules/pam_motd/pam_motd.c | 23 +++++------------------ modules/pam_nologin/pam_nologin.c | 15 +-------------- modules/pam_permit/pam_permit.c | 22 +++------------------- modules/pam_pwhistory/pam_pwhistory.c | 4 ++-- modules/pam_rhosts/pam_rhosts.c | 4 ++-- modules/pam_rootok/pam_rootok.c | 13 +------------ modules/pam_securetty/pam_securetty.c | 14 ++------------ modules/pam_selinux/pam_selinux.c | 4 ---- modules/pam_sepermit/pam_sepermit.c | 4 ---- modules/pam_setquota/pam_setquota.c | 3 --- modules/pam_shells/pam_shells.c | 22 ++++++---------------- modules/pam_stress/pam_stress.c | 12 ------------ modules/pam_succeed_if/pam_succeed_if.c | 6 ------ modules/pam_tally/pam_tally.c | 27 ++------------------------- modules/pam_tally2/pam_tally2.c | 19 ++----------------- modules/pam_time/pam_time.c | 25 ++++++++----------------- modules/pam_timestamp/pam_timestamp.c | 3 --- modules/pam_tty_audit/pam_tty_audit.c | 2 -- modules/pam_umask/pam_umask.c | 4 ++-- modules/pam_unix/pam_unix_acct.c | 6 ++---- modules/pam_unix/pam_unix_auth.c | 7 ++----- modules/pam_unix/pam_unix_passwd.c | 7 ++----- modules/pam_unix/pam_unix_sess.c | 6 +----- modules/pam_userdb/pam_userdb.c | 14 ++------------ modules/pam_usertype/pam_usertype.c | 5 ----- modules/pam_warn/pam_warn.c | 14 +------------- modules/pam_wheel/pam_wheel.c | 7 ++----- modules/pam_xauth/pam_xauth.c | 4 ++-- 49 files changed, 83 insertions(+), 432 deletions(-) (limited to 'modules/pam_limits/pam_limits.c') diff --git a/modules/pam_access/pam_access.c b/modules/pam_access/pam_access.c index 4c11418d..be726180 100644 --- a/modules/pam_access/pam_access.c +++ b/modules/pam_access/pam_access.c @@ -1,6 +1,6 @@ -/* pam_access module */ - /* + * pam_access module + * * Written by Alexei Nogin 1997/06/15 * (I took login_access from logdaemon-5.6 and converted it to PAM * using parts of pam_time code.) @@ -49,18 +49,6 @@ #include #endif -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c index f89f33da..a6ce9395 100644 --- a/modules/pam_cracklib/pam_cracklib.c +++ b/modules/pam_cracklib/pam_cracklib.c @@ -1,8 +1,6 @@ /* * pam_cracklib module - */ - -/* + * * 0.9. switch to using a distance algorithm in similar() * 0.86. added support for setting minimum numbers of digits, uppers, * lowers, and others @@ -15,9 +13,7 @@ * 0.3. Added argument 'debug' * 0.2. new password is fed to cracklib for verify after typed once * 0.1. First release - */ - -/* + * * Written by Cristian Gafton 1996/09/10 * Long password support by Philip W. Dalrymple 1997/07/18 * See the end of the file for Copyright Information @@ -69,15 +65,6 @@ extern char *FascistCheck(char *pw, const char *dictpath); #endif #define MIN(_a, _b) (((_a) < (_b)) ? (_a) : (_b)) -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_debug/pam_debug.c b/modules/pam_debug/pam_debug.c index 9b68d382..75d475f0 100644 --- a/modules/pam_debug/pam_debug.c +++ b/modules/pam_debug/pam_debug.c @@ -1,32 +1,14 @@ -/* pam_permit module */ - /* - * $Id$ + * pam_debug module * * Written by Andrew Morgan 2001/02/04 * - */ - -#define DEFAULT_USER "nobody" - -#include "config.h" - -#include - -/* * This module is intended as a debugging aide for determining how * the PAM stack is operating. - * - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. */ -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD +#include "config.h" +#include #include #include @@ -35,6 +17,8 @@ #define _PAM_ACTION_UNDEF (-10) #include "../../libpam/pam_tokens.h" +#define DEFAULT_USER "nobody" + /* --- authentication management functions --- */ static int state(pam_handle_t *pamh, const char *text) diff --git a/modules/pam_deny/pam_deny.c b/modules/pam_deny/pam_deny.c index 155a1f5d..a2fe0c23 100644 --- a/modules/pam_deny/pam_deny.c +++ b/modules/pam_deny/pam_deny.c @@ -1,26 +1,10 @@ -/* pam_deny module */ - /* - * $Id$ + * pam_deny module * * Written by Andrew Morgan 1996/3/11 - * - */ - -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. */ #include "config.h" - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include /* --- authentication management functions --- */ diff --git a/modules/pam_echo/pam_echo.c b/modules/pam_echo/pam_echo.c index bd5910b9..181aeb4c 100644 --- a/modules/pam_echo/pam_echo.c +++ b/modules/pam_echo/pam_echo.c @@ -52,11 +52,6 @@ #define HOST_NAME_MAX 255 #endif -#define PAM_SM_ACCOUNT -#define PAM_SM_AUTH -#define PAM_SM_PASSWORD -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_env/pam_env.c b/modules/pam_env/pam_env.c index 1bdc119d..79d43722 100644 --- a/modules/pam_env/pam_env.c +++ b/modules/pam_env/pam_env.c @@ -1,6 +1,6 @@ -/* pam_env module */ - /* + * pam_env module + * * Written by Dave Kinchlea 1997/01/31 * Inspired by Andrew Morgan , who also supplied the * template for this file (via pam_mail) @@ -26,18 +26,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH /* This is primarily a AUTH_SETCRED module */ -#define PAM_SM_SESSION /* But I like to be friendly */ -#define PAM_SM_PASSWORD /* "" */ -#define PAM_SM_ACCOUNT /* "" */ - #include #include #include diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c index 918422cf..5ca85ab3 100644 --- a/modules/pam_exec/pam_exec.c +++ b/modules/pam_exec/pam_exec.c @@ -49,12 +49,6 @@ #include #include - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_faildelay/pam_faildelay.c b/modules/pam_faildelay/pam_faildelay.c index 215074b2..02c5fafd 100644 --- a/modules/pam_faildelay/pam_faildelay.c +++ b/modules/pam_faildelay/pam_faildelay.c @@ -1,6 +1,6 @@ -/* pam_faildelay module */ - /* + * pam_faildelay module + * * Allows an admin to set the delay on failure per-application. * Provides "auth" interface only. * @@ -70,9 +70,6 @@ #include #include - -#define PAM_SM_AUTH - #include #include #include diff --git a/modules/pam_faillock/pam_faillock.c b/modules/pam_faillock/pam_faillock.c index 94c175b4..e340a83c 100644 --- a/modules/pam_faillock/pam_faillock.c +++ b/modules/pam_faillock/pam_faillock.c @@ -55,12 +55,8 @@ #include #include "pam_inline.h" - #include "faillock.h" -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #define FAILLOCK_ACTION_PREAUTH 0 #define FAILLOCK_ACTION_AUTHSUCC 1 #define FAILLOCK_ACTION_AUTHFAIL 2 diff --git a/modules/pam_filter/pam_filter.c b/modules/pam_filter/pam_filter.c index 4f75486d..9b523da2 100644 --- a/modules/pam_filter/pam_filter.c +++ b/modules/pam_filter/pam_filter.c @@ -1,5 +1,5 @@ /* - * $Id$ + * pam_filter module * * written by Andrew Morgan with much help from * Richard Stevens' UNIX Network Programming book. @@ -25,11 +25,6 @@ #include -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include #include "pam_filter.h" diff --git a/modules/pam_ftp/pam_ftp.c b/modules/pam_ftp/pam_ftp.c index ce6ead9a..0d53e5a5 100644 --- a/modules/pam_ftp/pam_ftp.c +++ b/modules/pam_ftp/pam_ftp.c @@ -1,10 +1,7 @@ -/* pam_ftp module */ - /* - * $Id$ + * pam_ftp module * * Written by Andrew Morgan 1996/3/11 - * */ #define PLEASE_ENTER_PASSWORD "Password required for %s." @@ -23,15 +20,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH - #include #include #include diff --git a/modules/pam_group/pam_group.c b/modules/pam_group/pam_group.c index 2172a0b5..b5532b81 100644 --- a/modules/pam_group/pam_group.c +++ b/modules/pam_group/pam_group.c @@ -1,6 +1,6 @@ -/* pam_group module */ - /* + * pam_group module + * * Written by Andrew Morgan 1996/7/6 * Field parsing rewritten by Tomas Mraz */ @@ -35,15 +35,6 @@ typedef enum { AND, OR } operator; -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. - */ - -#define PAM_SM_AUTH - #include #include #include diff --git a/modules/pam_issue/pam_issue.c b/modules/pam_issue/pam_issue.c index 8a74ce03..5b6a4669 100644 --- a/modules/pam_issue/pam_issue.c +++ b/modules/pam_issue/pam_issue.c @@ -1,4 +1,5 @@ -/* pam_issue module - a simple /etc/issue parser to set PAM_USER_PROMPT +/* + * pam_issue module - a simple /etc/issue parser to set PAM_USER_PROMPT * * Copyright 1999 by Ben Collins * @@ -28,8 +29,6 @@ #include #include -#define PAM_SM_AUTH - #include #include #include diff --git a/modules/pam_keyinit/pam_keyinit.c b/modules/pam_keyinit/pam_keyinit.c index d58744d7..b3aec483 100644 --- a/modules/pam_keyinit/pam_keyinit.c +++ b/modules/pam_keyinit/pam_keyinit.c @@ -1,4 +1,5 @@ -/* pam_keyinit.c: Initialise the session keyring on login through a PAM module +/* + * pam_keyinit: Initialise the session keyring on login through a PAM module * * Copyright (C) 2006 Red Hat, Inc. All Rights Reserved. * Written by David Howells (dhowells@redhat.com) diff --git a/modules/pam_lastlog/pam_lastlog.c b/modules/pam_lastlog/pam_lastlog.c index 1f707d93..1c46d03a 100644 --- a/modules/pam_lastlog/pam_lastlog.c +++ b/modules/pam_lastlog/pam_lastlog.c @@ -1,6 +1,6 @@ -/* pam_lastlog module */ - /* + * pam_lastlog module + * * Written by Andrew Morgan 1996/3/11 * * This module does the necessary work to display the last login @@ -66,17 +66,6 @@ struct lastlog { #define DEFAULT_INACTIVE_DAYS 90 #define MAX_INACTIVE_DAYS 100000 -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_SESSION -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c index c8a03ae4..b791cdce 100644 --- a/modules/pam_limits/pam_limits.c +++ b/modules/pam_limits/pam_limits.c @@ -102,8 +102,6 @@ struct pam_limit_s { #define LIMIT_SOFT 1 #define LIMIT_HARD 2 -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_listfile/pam_listfile.c b/modules/pam_listfile/pam_listfile.c index 44e0655c..74ebae1a 100644 --- a/modules/pam_listfile/pam_listfile.c +++ b/modules/pam_listfile/pam_listfile.c @@ -1,4 +1,6 @@ /* + * pam_listfile module + * * by Elliot Lee , Red Hat Software. July 25, 1996. * log refused access error christopher mccrory 1998/7/11 * @@ -22,18 +24,6 @@ #include #endif -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_PASSWORD -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_localuser/pam_localuser.c b/modules/pam_localuser/pam_localuser.c index ac51e4ef..3633b535 100644 --- a/modules/pam_localuser/pam_localuser.c +++ b/modules/pam_localuser/pam_localuser.c @@ -1,4 +1,6 @@ /* + * pam_localuser module + * * Copyright 2001, 2004 Red Hat, Inc. * * Redistribution and use in source and binary forms, with or without @@ -47,8 +49,6 @@ #include #include -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT #include #include #include diff --git a/modules/pam_loginuid/pam_loginuid.c b/modules/pam_loginuid/pam_loginuid.c index 03c0e3a3..31181789 100644 --- a/modules/pam_loginuid/pam_loginuid.c +++ b/modules/pam_loginuid/pam_loginuid.c @@ -1,4 +1,6 @@ -/* pam_loginuid.c -- +/* + * pam_loginuid module + * * Copyright 2005 Red Hat Inc., Durham, North Carolina. * All Rights Reserved. * diff --git a/modules/pam_mail/pam_mail.c b/modules/pam_mail/pam_mail.c index 2439ae75..c923817d 100644 --- a/modules/pam_mail/pam_mail.c +++ b/modules/pam_mail/pam_mail.c @@ -1,6 +1,6 @@ -/* pam_mail module */ - /* + * pam_mail module + * * Written by Andrew Morgan 1996/3/11 * $HOME additions by David Kinchlea 1997/1/7 * mailhash additions by Chris Adams 1998/7/11 @@ -30,16 +30,6 @@ #define MAIL_ENV_NAME "MAIL" #define MAIL_ENV_FORMAT MAIL_ENV_NAME "=%s" -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_SESSION -#define PAM_SM_AUTH - #include #include #include diff --git a/modules/pam_mkhomedir/pam_mkhomedir.c b/modules/pam_mkhomedir/pam_mkhomedir.c index 6e035f70..5f9b1661 100644 --- a/modules/pam_mkhomedir/pam_mkhomedir.c +++ b/modules/pam_mkhomedir/pam_mkhomedir.c @@ -44,15 +44,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_motd/pam_motd.c b/modules/pam_motd/pam_motd.c index 8147c6fd..46f4fe61 100644 --- a/modules/pam_motd/pam_motd.c +++ b/modules/pam_motd/pam_motd.c @@ -1,13 +1,8 @@ -/* pam_motd module */ - /* - * Modified for pam_motd by Ben Collins - * - * Based off of: - * $Id$ + * pam_motd module * + * Modified for pam_motd by Ben Collins * Written by Michael K. Johnson 1996/10/24 - * */ #include "config.h" @@ -26,21 +21,13 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_SESSION -#define DEFAULT_MOTD "/etc/motd:/run/motd:/usr/lib/motd" -#define DEFAULT_MOTD_D "/etc/motd.d:/run/motd.d:/usr/lib/motd.d" - #include #include #include "pam_inline.h" +#define DEFAULT_MOTD "/etc/motd:/run/motd:/usr/lib/motd" +#define DEFAULT_MOTD_D "/etc/motd.d:/run/motd.d:/usr/lib/motd.d" + /* --- session management functions (only) --- */ int diff --git a/modules/pam_nologin/pam_nologin.c b/modules/pam_nologin/pam_nologin.c index 775dda87..8666251a 100644 --- a/modules/pam_nologin/pam_nologin.c +++ b/modules/pam_nologin/pam_nologin.c @@ -1,10 +1,7 @@ -/* pam_nologin module */ - /* - * $Id$ + * pam_nologin module * * Written by Michael K. Johnson 1996/10/24 - * */ #include "config.h" @@ -19,16 +16,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_permit/pam_permit.c b/modules/pam_permit/pam_permit.c index c773087a..9e2aedf4 100644 --- a/modules/pam_permit/pam_permit.c +++ b/modules/pam_permit/pam_permit.c @@ -1,33 +1,17 @@ -/* pam_permit module */ - /* - * $Id$ + * pam_permit module * * Written by Andrew Morgan 1996/3/11 - * */ #include "config.h" - -#define DEFAULT_USER "nobody" - #include -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include +#define DEFAULT_USER "nobody" + /* --- authentication management functions --- */ int diff --git a/modules/pam_pwhistory/pam_pwhistory.c b/modules/pam_pwhistory/pam_pwhistory.c index 2d4507d5..c77eb3ea 100644 --- a/modules/pam_pwhistory/pam_pwhistory.c +++ b/modules/pam_pwhistory/pam_pwhistory.c @@ -1,4 +1,6 @@ /* + * pam_pwhistory module + * * Copyright (c) 2008, 2012 Thorsten Kukuk * Author: Thorsten Kukuk * @@ -38,8 +40,6 @@ #include #endif -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_rhosts/pam_rhosts.c b/modules/pam_rhosts/pam_rhosts.c index 258a7299..ab2fbd09 100644 --- a/modules/pam_rhosts/pam_rhosts.c +++ b/modules/pam_rhosts/pam_rhosts.c @@ -1,4 +1,6 @@ /* + * pam_rhosts module + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -38,8 +40,6 @@ #include #include -#define PAM_SM_AUTH /* only defines this management group */ - #include #include #include diff --git a/modules/pam_rootok/pam_rootok.c b/modules/pam_rootok/pam_rootok.c index accba21a..3a00d545 100644 --- a/modules/pam_rootok/pam_rootok.c +++ b/modules/pam_rootok/pam_rootok.c @@ -1,7 +1,5 @@ -/* pam_rootok module */ - /* - * $Id$ + * pam_rootok module * * Written by Andrew Morgan 1996/3/11 */ @@ -14,15 +12,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH - #include #include diff --git a/modules/pam_securetty/pam_securetty.c b/modules/pam_securetty/pam_securetty.c index e594fb6a..9a2835ef 100644 --- a/modules/pam_securetty/pam_securetty.c +++ b/modules/pam_securetty/pam_securetty.c @@ -1,6 +1,6 @@ -/* pam_securetty module */ - /* + * pam_securetty module + * * by Elliot Lee , Red Hat Software. * July 25, 1996. * This code shamelessly ripped from the pam_rootok module. @@ -22,16 +22,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_selinux/pam_selinux.c b/modules/pam_selinux/pam_selinux.c index deae3ef1..06c3ce65 100644 --- a/modules/pam_selinux/pam_selinux.c +++ b/modules/pam_selinux/pam_selinux.c @@ -36,7 +36,6 @@ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. - * */ #include "config.h" @@ -53,9 +52,6 @@ #include #include -#define PAM_SM_AUTH -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_sepermit/pam_sepermit.c b/modules/pam_sepermit/pam_sepermit.c index 442703d3..b6fde6c5 100644 --- a/modules/pam_sepermit/pam_sepermit.c +++ b/modules/pam_sepermit/pam_sepermit.c @@ -35,7 +35,6 @@ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. - * */ #include "config.h" @@ -55,9 +54,6 @@ #include #include -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_setquota/pam_setquota.c b/modules/pam_setquota/pam_setquota.c index 3e2b9508..43c76d66 100644 --- a/modules/pam_setquota/pam_setquota.c +++ b/modules/pam_setquota/pam_setquota.c @@ -6,7 +6,6 @@ Copyright © 2010 Shane Tzen Copyright © 2012-2020 Sven Hartge Copyright © 2016 Keller Fuchs - */ #include @@ -19,8 +18,6 @@ #include #include -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_shells/pam_shells.c b/modules/pam_shells/pam_shells.c index ae67a423..eec86dc4 100644 --- a/modules/pam_shells/pam_shells.c +++ b/modules/pam_shells/pam_shells.c @@ -1,10 +1,6 @@ -/* pam_shells module */ - -#define SHELL_FILE "/etc/shells" - -#define DEFAULT_SHELL "/bin/sh" - /* + * pam_shells module + * * by Erik Troan , Red Hat Software. * August 5, 1996. * This code shamelessly ripped from the pam_securetty module. @@ -21,20 +17,14 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include +#define SHELL_FILE "/etc/shells" + +#define DEFAULT_SHELL "/bin/sh" + static int perform_check(pam_handle_t *pamh) { int retval = PAM_AUTH_ERR; diff --git a/modules/pam_stress/pam_stress.c b/modules/pam_stress/pam_stress.c index 024455e5..62348fab 100644 --- a/modules/pam_stress/pam_stress.c +++ b/modules/pam_stress/pam_stress.c @@ -15,18 +15,6 @@ #include #include -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_succeed_if/pam_succeed_if.c b/modules/pam_succeed_if/pam_succeed_if.c index 82de4f33..76bc9825 100644 --- a/modules/pam_succeed_if/pam_succeed_if.c +++ b/modules/pam_succeed_if/pam_succeed_if.c @@ -34,7 +34,6 @@ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED * OF THE POSSIBILITY OF SUCH DAMAGE. - * */ #include "config.h" @@ -54,11 +53,6 @@ #include #include -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_tally/pam_tally.c b/modules/pam_tally/pam_tally.c index 6f578988..08b5ace2 100644 --- a/modules/pam_tally/pam_tally.c +++ b/modules/pam_tally/pam_tally.c @@ -1,10 +1,7 @@ /* - * pam_tally.c + * pam_tally module * - */ - - -/* By Tim Baverstock , Multi Media Machine Ltd. + * By Tim Baverstock , Multi Media Machine Ltd. * 5 March 1997 * * Stuff stolen from pam_rootok and pam_listfile @@ -30,19 +27,7 @@ #include #include "faillog.h" -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - #ifndef MAIN -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -/* #define PAM_SM_SESSION */ -/* #define PAM_SM_PASSWORD */ - #include #include #endif @@ -615,8 +600,6 @@ tally_reset (pam_handle_t *pamh, uid_t uid, struct tally_options *opts) /* --- authentication management functions (only) --- */ -#ifdef PAM_SM_AUTH - int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) @@ -686,14 +669,10 @@ pam_sm_setcred(pam_handle_t *pamh, int flags, return tally_reset(pamh, uid, opts); } -#endif - /*---------------------------------------------------------------------*/ /* --- authentication management functions (only) --- */ -#ifdef PAM_SM_ACCOUNT - /* To reset failcount of user on successful login */ int @@ -731,8 +710,6 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, return tally_reset(pamh, uid, opts); } -#endif /* #ifdef PAM_SM_ACCOUNT */ - /*-----------------------------------------------------------------------*/ #else /* #ifndef MAIN */ diff --git a/modules/pam_tally2/pam_tally2.c b/modules/pam_tally2/pam_tally2.c index e8c74eb9..8c171b68 100644 --- a/modules/pam_tally2/pam_tally2.c +++ b/modules/pam_tally2/pam_tally2.c @@ -1,10 +1,7 @@ /* - * pam_tally2.c + * pam_tally2 module * - */ - - -/* By Tim Baverstock , Multi Media Machine Ltd. + * By Tim Baverstock , Multi Media Machine Ltd. * 5 March 1997 * * Stuff stolen from pam_rootok and pam_listfile @@ -76,19 +73,7 @@ #define fseeko fseek #endif -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - #ifndef MAIN -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -/* #define PAM_SM_SESSION */ -/* #define PAM_SM_PASSWORD */ - #include #endif #include diff --git a/modules/pam_time/pam_time.c b/modules/pam_time/pam_time.c index 0643523a..e786d0f9 100644 --- a/modules/pam_time/pam_time.c +++ b/modules/pam_time/pam_time.c @@ -1,6 +1,6 @@ -/* pam_time module */ - /* + * pam_time module + * * Written by Andrew Morgan 1996/6/22 * (File syntax and much other inspiration from the shadow package * shadow-960129) @@ -23,6 +23,12 @@ #include #include +#include +#include +#include +#include +#include "pam_inline.h" + #ifdef HAVE_LIBAUDIT #include #endif @@ -42,21 +48,6 @@ typedef enum { AND, OR } operator; -/* - * here, we make definitions for the externally accessible functions - * in this file (these definitions are required for static modules - * but strongly encouraged generally) they are used to instruct the - * modules include file to define their prototypes. - */ - -#define PAM_SM_ACCOUNT - -#include -#include -#include -#include -#include "pam_inline.h" - static int _pam_parse (const pam_handle_t *pamh, int argc, const char **argv, const char **conffile) { diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c index 420ce9eb..249a9692 100644 --- a/modules/pam_timestamp/pam_timestamp.c +++ b/modules/pam_timestamp/pam_timestamp.c @@ -38,9 +38,6 @@ * */ -#define PAM_SM_AUTH -#define PAM_SM_SESSION - #include "config.h" #include diff --git a/modules/pam_tty_audit/pam_tty_audit.c b/modules/pam_tty_audit/pam_tty_audit.c index 1d9256c3..2f04a05c 100644 --- a/modules/pam_tty_audit/pam_tty_audit.c +++ b/modules/pam_tty_audit/pam_tty_audit.c @@ -48,8 +48,6 @@ #include #include -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_umask/pam_umask.c b/modules/pam_umask/pam_umask.c index 45b048e3..1b5df4b6 100644 --- a/modules/pam_umask/pam_umask.c +++ b/modules/pam_umask/pam_umask.c @@ -1,4 +1,6 @@ /* + * pam_umask module + * * Copyright (c) 2005, 2006, 2007, 2010, 2013 Thorsten Kukuk * * Redistribution and use in source and binary forms, with or without @@ -50,8 +52,6 @@ #include #include -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_unix/pam_unix_acct.c b/modules/pam_unix/pam_unix_acct.c index 0c5dff96..de8d65c1 100644 --- a/modules/pam_unix/pam_unix_acct.c +++ b/modules/pam_unix/pam_unix_acct.c @@ -1,4 +1,6 @@ /* + * pam_unix account management + * * Copyright Elliot Lee, 1996. All rights reserved. * Copyright Jan Rękorajski, 1999. All rights reserved. * @@ -51,10 +53,6 @@ #include -/* indicate that the following groups are defined */ - -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_unix/pam_unix_auth.c b/modules/pam_unix/pam_unix_auth.c index 40ff7c65..9a0cd372 100644 --- a/modules/pam_unix/pam_unix_auth.c +++ b/modules/pam_unix/pam_unix_auth.c @@ -1,4 +1,6 @@ /* + * pam_unix authentication management + * * Copyright Alexander O. Yuriev, 1996. All rights reserved. * NIS+ support by Thorsten Kukuk * Copyright Jan Rękorajski, 1999. All rights reserved. @@ -48,11 +50,6 @@ #include #include -/* indicate the following groups are defined */ - -#define PAM_SM_AUTH - -#define _PAM_EXTERN_FUNCTIONS #include #include #include diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c index 7985ad1b..e9c960a2 100644 --- a/modules/pam_unix/pam_unix_passwd.c +++ b/modules/pam_unix/pam_unix_passwd.c @@ -1,4 +1,6 @@ /* + * pam_unix password management + * * Main coding by Elliot Lee , Red Hat Software. * Copyright (C) 1996. * Copyright (c) Jan Rękorajski, 1999. @@ -60,11 +62,6 @@ #include #include - -/* indicate the following groups are defined */ - -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_unix/pam_unix_sess.c b/modules/pam_unix/pam_unix_sess.c index 437d1242..3f6a8fb3 100644 --- a/modules/pam_unix/pam_unix_sess.c +++ b/modules/pam_unix/pam_unix_sess.c @@ -1,5 +1,5 @@ /* - * $Id$ + * pam_unix session management * * Copyright Alexander O. Yuriev, 1996. All rights reserved. * Copyright Jan Rękorajski, 1999. All rights reserved. @@ -47,10 +47,6 @@ #include #include -/* indicate the following groups are defined */ - -#define PAM_SM_SESSION - #include #include #include diff --git a/modules/pam_userdb/pam_userdb.c b/modules/pam_userdb/pam_userdb.c index 32e759e3..d7d41233 100644 --- a/modules/pam_userdb/pam_userdb.c +++ b/modules/pam_userdb/pam_userdb.c @@ -1,6 +1,6 @@ -/* pam_userdb module */ - /* + * pam_userdb module + * * Written by Cristian Gafton 1996/09/10 * See the end of the file for Copyright Information */ @@ -37,16 +37,6 @@ # endif #endif -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_usertype/pam_usertype.c b/modules/pam_usertype/pam_usertype.c index 820cf693..76325063 100644 --- a/modules/pam_usertype/pam_usertype.c +++ b/modules/pam_usertype/pam_usertype.c @@ -48,11 +48,6 @@ #include #include -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_SESSION -#define PAM_SM_PASSWORD - #include #include #include diff --git a/modules/pam_warn/pam_warn.c b/modules/pam_warn/pam_warn.c index 1d196ad3..d91c3e9f 100644 --- a/modules/pam_warn/pam_warn.c +++ b/modules/pam_warn/pam_warn.c @@ -1,7 +1,5 @@ -/* pam_warn module */ - /* - * $Id$ + * pam_warn module * * Written by Andrew Morgan 1996/3/11 */ @@ -13,16 +11,6 @@ #include #include -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_PASSWORD - #include #include diff --git a/modules/pam_wheel/pam_wheel.c b/modules/pam_wheel/pam_wheel.c index 32b6cdb0..94f8887a 100644 --- a/modules/pam_wheel/pam_wheel.c +++ b/modules/pam_wheel/pam_wheel.c @@ -1,6 +1,6 @@ -/* pam_wheel module */ - /* + * pam_wheel module + * * Written by Cristian Gafton 1996/09/10 * See the end of the file for Copyright Information * @@ -39,9 +39,6 @@ * modules include file to define the function prototypes. */ -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT - #include #include #include diff --git a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c index 7d661a45..7a9f202b 100644 --- a/modules/pam_xauth/pam_xauth.c +++ b/modules/pam_xauth/pam_xauth.c @@ -1,4 +1,6 @@ /* + * pam_xauth module + * * Copyright 2001-2003 Red Hat, Inc. * * Redistribution and use in source and binary forms, with or without @@ -51,8 +53,6 @@ #include #include -#define PAM_SM_SESSION - #include #include #include -- cgit v1.2.3