diff options
| author | Thorsten Kukuk <kukuk@thkukuk.de> | 2005-12-19 07:31:17 +0000 |
|---|---|---|
| committer | Thorsten Kukuk <kukuk@thkukuk.de> | 2005-12-19 07:31:17 +0000 |
| commit | 1d77132df8ba384969554dbc5ec82a943943b4d5 (patch) | |
| tree | 7eba731e32f68499a8e47e1724a7d4b1d60ce3fe | |
| parent | 6c45b51f441daab12166843bc12cbf0a4d480e35 (diff) | |
Relevant BUGIDs:
Purpose of commit: new feature
Commit summary:
---------------
2005-12-19 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_time/pam_time.c (check_account): Implement
support for netgroups.
* modules/pam_time/time.conf: Document usage of netgroups.
| -rw-r--r-- | ChangeLog | 7 | ||||
| -rw-r--r-- | modules/pam_time/pam_time.c | 14 | ||||
| -rw-r--r-- | modules/pam_time/time.conf | 5 |
3 files changed, 16 insertions, 10 deletions
@@ -1,3 +1,10 @@ +2005-12-19 Thorsten Kukuk <kukuk@thkukuk.de> + + * modules/pam_time/pam_time.c (check_account): Implement + support for netgroups. + + * modules/pam_time/time.conf: Document usage of netgroups. + 2005-12-16 Thorsten Kukuk <kukuk@thkukuk.de> * modules/pam_group/pam_group.c (check_account): Implement diff --git a/modules/pam_time/pam_time.c b/modules/pam_time/pam_time.c index d4aee8a4..b983ef17 100644 --- a/modules/pam_time/pam_time.c +++ b/modules/pam_time/pam_time.c @@ -1,18 +1,11 @@ /* pam_time module */ /* - * $Id$ - * * Written by Andrew Morgan <morgan@linux.kernel.org> 1996/6/22 * (File syntax and much other inspiration from the shadow package * shadow-960129) */ -static const char rcsid[] = -"$Id$;\n" -"\t\tVersion 0.22 for Linux-PAM\n" -"Copyright (C) Andrew G. Morgan 1996 <morgan@linux.kernel.org>\n"; - #include "config.h" #include <sys/file.h> @@ -27,6 +20,7 @@ static const char rcsid[] = #include <sys/types.h> #include <sys/stat.h> #include <fcntl.h> +#include <netdb.h> #define PAM_TIME_BUFLEN 1000 #define FIELD_SEPARATOR ';' /* this is new as of .02 */ @@ -522,7 +516,11 @@ check_account(pam_handle_t *pamh, const char *service, "%s: no user entry #%d", PAM_TIME_CONF, count); continue; } - good &= logic_field(pamh, user, buffer, count, is_same); + /* If buffer starts with @, we are using netgroups */ + if (buffer[0] == '@') + good &= innetgr (&buffer[1], NULL, user, NULL); + else + good &= logic_field(pamh, user, buffer, count, is_same); D(("with user: %s", good ? "passes":"fails" )); /* here we get the time field */ diff --git a/modules/pam_time/time.conf b/modules/pam_time/time.conf index d2062fdb..c7b7989c 100644 --- a/modules/pam_time/time.conf +++ b/modules/pam_time/time.conf @@ -20,7 +20,8 @@ # is a logic list of terminal names that this rule applies to. # # users -# is a logic list of users to whom this rule applies. +# is a logic list of users or a netgroup of users to whom this +# rule applies. # # NB. For these items the simple wildcard '*' may be used only once. # @@ -61,4 +62,4 @@ # # End of example file. -#
\ No newline at end of file +# |