Relevant BUGIDs: Red Hat bz 171164

Purpose of commit: new feature Commit summary: --------------- 2005-10-20 Tomas Mraz <t8m@centrum.cz> * configure.in: Added check for xauth binary and --with-xauth option. * config.h.in: Added configurable PAM_PATH_XAUTH. * modules/pam_xauth/README, modules/pam_xauth/pam_xauth.8: Document where xauth is looked for. * modules/pam_xauth/pam_xauth.c (pam_sm_open_session): Implement searching xauth binary on multiple places. (run_coprocess): Don't use execvp as it can be a security risk.
author: Tomas Mraz <tm@t8m.info> 2005-10-20 17:01:06 +0000
committer: Tomas Mraz <tm@t8m.info> 2005-10-20 17:01:06 +0000
commit: d9b712775c5f1962d3490b43465537c3e28a8c49 (patch)
tree: c9cf9e640727cd38b13f30b5b612d6da9357952a
parent: 593ea15559fedf71fdb6e6fdc23a8f2532f7d571 (diff)
7 files changed, 66 insertions, 11 deletions
diff --git a/ChangeLog b/ChangeLog
index 96175ccf..27289235 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2005-10-20  Tomas Mraz	<t8m@centrum.cz>
+
+	* configure.in: Added check for xauth binary and --with-xauth option.
+	* config.h.in: Added configurable PAM_PATH_XAUTH.
+	* modules/pam_xauth/README,
+	modules/pam_xauth/pam_xauth.8: Document where xauth is looked for.
+	* modules/pam_xauth/pam_xauth.c (pam_sm_open_session): Implement 
+	searching xauth binary on multiple places.
+	(run_coprocess): Don't use execvp as it can be a security risk.
+
 2005-10-04  Steve Langasek  <vorlon@debian.org>
 
 	* libpam/include/security/pam_malloc.h,
diff --git a/NEWS b/NEWS
index d7d72edc..2b829e3c 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,7 @@
 Linux-PAM NEWS -- history of user-visible changes.
 
+* pam_xauth: Look for xauth executable in multiple places
+
 Release 0.99.1.0
 
 * Use autoconf/automake/libtool
diff --git a/config.h.in b/config.h.in
index a42faad6..edb637ff 100644
--- a/config.h.in
+++ b/config.h.in
@@ -218,6 +218,9 @@
 /* Path where mails are stored */
 #undef PAM_PATH_MAILDIR
 
+/* Additional path of xauth executable */
+#undef PAM_PATH_XAUTH
+
 /* read both /etc/pam.d and /etc/pam.conf files */
 #undef PAM_READ_BOTH_CONFS
 
diff --git a/configure.in b/configure.in
index c24a8985..f6610f08 100644
--- a/configure.in
+++ b/configure.in
@@ -223,8 +223,8 @@ fi
 
 AC_CHECK_HEADERS(paths.h)
 AC_ARG_WITH(mailspool,
-[  --with-mailspool         path to mail spool directory
-                           [default _PATH_MAILDIR if defined in paths.h, otherwise /var/spool/mail]],
+[  --with-mailspool        path to mail spool directory
+                          [default _PATH_MAILDIR if defined in paths.h, otherwise /var/spool/mail]],
 with_mailspool=${withval})
 if test x$with_mailspool != x ; then
 	pam_mail_spool="\"$with_mailspool\""
@@ -244,6 +244,23 @@ fi
 AC_DEFINE_UNQUOTED(PAM_PATH_MAILDIR, $pam_mail_spool,
 	[Path where mails are stored])
 
+AC_ARG_WITH(xauth,
+[  --with-xauth            additional path to check for xauth when it is called from pam_xauth
+                          [added to the default of /usr/X11R6/bin/xauth, /usr/bin/xauth, /usr/bin/X11/xauth]],
+pam_xauth_path=${withval})
+if test x$with_xauth == x ; then
+	AC_PATH_PROG(pam_xauth_path, xauth)
+dnl There is no sense in adding the first default path
+	if test x$pam_xauth_path == x/usr/X11R6/bin/xauth ; then
+		unset pam_xauth_path
+	fi
+fi
+
+if test x$pam_xauth_path != x ; then
+	AC_DEFINE_UNQUOTED(PAM_PATH_XAUTH, "$pam_xauth_path",
+	[Additional path of xauth executable])
+fi
+
 dnl Checks for the existence of libdl - on BSD and Tru64 its part of libc
 AC_CHECK_LIB([dl], [dlopen], LIBDL="-ldl", LIBDL="")
 AC_SUBST(LIBDL)
diff --git a/modules/pam_xauth/README b/modules/pam_xauth/README
index dd65292f..97916b8f 100644
--- a/modules/pam_xauth/README
+++ b/modules/pam_xauth/README
@@ -23,7 +23,8 @@ pam_xauth:
 RECOGNIZED ARGUMENTS:
 	debug		write debugging messages to syslog
 	xauthpath=	the path to the xauth program, by default
-			/usr/X11R6/bin/xauth
+			/usr/X11R6/bin/xauth, /usr/bin/xauth and
+			/usr/bin/X11/xauth
 	systemuser=	highest user id assigned to system users, defaults
 			to 499 (pam_xauth will refuse to forward creds to
 			target users with id equal to or below this number,
diff --git a/modules/pam_xauth/pam_xauth.8 b/modules/pam_xauth/pam_xauth.8
index 9acb7249..897b43fa 100644
--- a/modules/pam_xauth/pam_xauth.8
+++ b/modules/pam_xauth/pam_xauth.8
@@ -1,11 +1,11 @@
 .\" Copyright 2001,2003 Red Hat, Inc.
 .\" Written by Nalin Dahyabhai <nalin@redhat.com>, based on the original
 .\" version by Michael K. Johnson
-.TH pam_xauth 8 2003/7/24 "Red Hat Linux" "System Administrator's Manual"
+.TH pam_xauth 8 2005/10/20 "Red Hat Linux" "System Administrator's Manual"
 .SH NAME
 pam_xauth \- forward xauth keys between users
 .SH SYNOPSIS
-.B session optional /lib/security/pam_xauth.so \fIarguments\fP
+.B session optional pam_xauth.so \fIarguments\fP
 .SH DESCRIPTION
 pam_xauth.so is designed to forward xauth keys (sometimes referred
 to as "cookies") between users.
@@ -45,8 +45,9 @@ the import and export files can be empty, signifying that no users are allowed.
 .SH ARGUMENTS
 .IP debug
 Turns on debugging messages sent to syslog.
-.IP xauthpath=\fI/usr/X11R6/bin/xauth\fP
-Specify the path the xauth program (the default is /usr/X11R6/bin/xauth).
+.IP xauthpath=\fI/path/to/xauth\fP
+Specify the path the xauth program (it is expected in \fB/usr/X11R6/bin/xauth,\fP
+or \fB/usr/bin/xauth\fP, or \fB/usr/bin/X11/xauth\fP by default).
 .IP systemuser=\fInumber\fP
 Specify the highest UID which will be assumed to belong to a "system" user.
 pam_xauth will refuse to forward credentials to users with UID less than or
diff --git a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c
index a830010d..886b2f88 100644
--- a/modules/pam_xauth/pam_xauth.c
+++ b/modules/pam_xauth/pam_xauth.c
@@ -58,12 +58,21 @@
 #include <security/pam_ext.h>
 
 #define DATANAME "pam_xauth_cookie_file"
-#define XAUTHBIN "/usr/X11R6/bin/xauth"
 #define XAUTHENV "XAUTHORITY"
 #define HOMEENV  "HOME"
 #define XAUTHDEF ".Xauthority"
 #define XAUTHTMP ".xauthXXXXXX"
 
+/* Possible paths to xauth executable */
+static const char * const xauthpaths[] = { 
+#ifdef PAM_PATH_XAUTH
+	PAM_PATH_XAUTH,
+#endif
+	"/usr/X11R6/bin/xauth",
+	"/usr/bin/xauth",
+	"/usr/bin/X11/xauth"
+};
+
 /* Run a given command (with a NULL-terminated argument list), feeding it the
  * given input on stdin, and storing any output it generates. */
 static int
@@ -131,7 +140,7 @@ run_coprocess(const char *input, char **output,
 			args[j] = strdup(tmp);
 		}
 		/* Run the command. */
-		execvp(command, args);
+		execv(command, args);
 		/* Never reached. */
 		exit(1);
 	}
@@ -276,10 +285,9 @@ int
 pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
 		     int argc, const char **argv)
 {
-	char xauthpath[] = XAUTHBIN;
 	char *cookiefile = NULL, *xauthority = NULL,
 	     *cookie = NULL, *display = NULL, *tmp = NULL;
-	const char *user, *xauth = xauthpath;
+	const char *user, *xauth = NULL;
 	struct passwd *tpwd, *rpwd;
 	int fd, i, debug = 0;
 	int retval = PAM_SUCCESS;
@@ -321,6 +329,19 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED,
 		pam_syslog(pamh, LOG_WARNING, "unrecognized option `%s'",
 			   argv[i]);
 	}
+	
+	if (xauth == NULL) {
+		for (i = 0; i < sizeof(xauthpaths)/sizeof(xauthpaths[0]); i++) {
+			if (access(xauthpaths[i], X_OK) == 0) {
+				xauth = xauthpaths[i];
+				break;
+			}
+		}
+		if (xauth == NULL) {
+			/* xauth executable not found - nothing to do */
+			return PAM_SUCCESS;
+		}
+	}
 
 	/* If DISPLAY isn't set, we don't really care, now do we? */
 	if ((display = getenv("DISPLAY")) == NULL) {
author	Tomas Mraz <tm@t8m.info>	2005-10-20 17:01:06 +0000
committer	Tomas Mraz <tm@t8m.info>	2005-10-20 17:01:06 +0000
commit	d9b712775c5f1962d3490b43465537c3e28a8c49 (patch)
tree	c9cf9e640727cd38b13f30b5b612d6da9357952a
parent	593ea15559fedf71fdb6e6fdc23a8f2532f7d571 (diff)