From df687b4a249bdc941a5aee078749960356e2e259 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tm@t8m.info>
Date: Thu, 25 Sep 2008 18:58:10 +0000
Subject: Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2008-09-25  Tomas Mraz <t8m@centrum.cz>

        * modules/pam_tally/pam_tally.c(get_tally): Fix syslog message.
        (tally_check): Open faillog read only. Close file descriptor.
        Fix typos in messages.
---
 modules/pam_tally/pam_tally.c | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

(limited to 'modules')

diff --git a/modules/pam_tally/pam_tally.c b/modules/pam_tally/pam_tally.c
index a01e1938..dffbc895 100644
--- a/modules/pam_tally/pam_tally.c
+++ b/modules/pam_tally/pam_tally.c
@@ -350,7 +350,7 @@ get_tally(pam_handle_t *pamh, tally_t *tally, uid_t uid,
     }
 
     if ( ! ( *TALLY = fopen(filename,(*tally!=TALLY_HI)?"r+":"r") ) ) {
-      pam_syslog(pamh, LOG_ALERT, "Error opening %s for update", filename);
+      pam_syslog(pamh, LOG_ALERT, "Error opening %s for %s", filename, *tally!=TALLY_HI?"update":"read");
 
 /* Discovering why account service fails: e/uid are target user.
  *
@@ -504,7 +504,7 @@ tally_check (time_t oldtime, pam_handle_t *pamh, uid_t uid,
   tally_t
     deny          = opts->deny;
   tally_t
-    tally         = 0;  /* !TALLY_HI --> Log opened for update */
+    tally         = TALLY_HI;
   long
     lock_time     = opts->lock_time;
 
@@ -515,6 +515,10 @@ tally_check (time_t oldtime, pam_handle_t *pamh, uid_t uid,
     i=get_tally(pamh, &tally, uid, opts->filename, &TALLY, fsp);
     if ( i != PAM_SUCCESS ) { RETURN_ERROR( i ); }
 
+    if ( TALLY != NULL ) {
+      fclose(TALLY);
+    }
+
     if ( !(opts->ctrl & OPT_MAGIC_ROOT) || getuid() ) {       /* magic_root skips tally check */
 
       /* To deny or not to deny; that is the question */
@@ -534,7 +538,7 @@ tally_check (time_t oldtime, pam_handle_t *pamh, uid_t uid,
       	{
 	  if (!(opts->ctrl & OPT_SILENT))
 	       pam_info (pamh,
-			 _("Account temporary locked (%lds seconds left)"),
+			 _("Account temporary locked (%ld seconds left)"),
 			 oldtime+lock_time-time(NULL));
 
 	  if (!(opts->ctrl & OPT_NOLOGNOTICE))
@@ -559,8 +563,8 @@ tally_check (time_t oldtime, pam_handle_t *pamh, uid_t uid,
         ( ((opts->ctrl & OPT_DENY_ROOT) || uid) )    /* even_deny stops uid check    */
         ) {
 	if (!(opts->ctrl & OPT_SILENT))
-	  pam_info (pamh, _("Accounted locked due to "TALLY_FMT" failed login"),
-		    tally);
+	  pam_info (pamh, _("Account locked due to %u failed logins"),
+		    (unsigned int)tally);
 
 	if (!(opts->ctrl & OPT_NOLOGNOTICE))
 	  pam_syslog(pamh, LOG_NOTICE,
-- 
cgit v1.2.3