diff options
| author | Dmitry V. Levin <ldv@altlinux.org> | 2020-05-22 11:00:00 +0000 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@altlinux.org> | 2020-05-22 11:00:00 +0000 |
| commit | eec5fe0da3ec2af71995864840b3ab7599e598f1 (patch) | |
| tree | d199007d2059bd2e8d996b6b7d7c73a301c43c20 | |
| parent | aac5a8fdc4aa3f7e56335a6343774cc1b63b408d (diff) | |
modules: downgrade syslog level for errors related to pam_get_user
* modules/pam_faillock/pam_faillock.c (get_pam_user): Downgrade
the syslog level for diagnostics of errors returned by
pam_modutil_getpwnam for users returned by pam_get_user
from LOG_ERR to LOG_NOTICE.
* modules/pam_keyinit/pam_keyinit.c (do_keyinit): Likewise.
* modules/pam_lastlog/pam_lastlog.c (pam_sm_authenticate): Likewise.
* modules/pam_listfile/pam_listfile.c (pam_sm_authenticate): Likewise.
* modules/pam_loginuid/pam_loginuid.c (_pam_loginuid): Likewise.
* modules/pam_mail/pam_mail.c (_do_mail): Likewise.
* modules/pam_sepermit/pam_sepermit.c (sepermit_lock): Likewise.
* modules/pam_tally/pam_tally.c (pam_get_uid): Likewise.
* modules/pam_tally2/pam_tally2.c (pam_get_uid): Likewise.
* modules/pam_umask/pam_umask.c (pam_sm_open_session): Likewise.
* modules/pam_xauth/pam_xauth.c (pam_sm_open_session,
pam_sm_close_session): Likewise.
* modules/pam_tty_audit/pam_tty_audit.c (pam_sm_open_session): Downgrade
the syslog level for diagnostics of errors returned by
pam_modutil_getpwnam for users returned by pam_get_user
from LOG_WARNING to LOG_NOTICE.
Suggested-by: Tomáš Mráz <tmraz@fedoraproject.org>
| -rw-r--r-- | modules/pam_faillock/pam_faillock.c | 4 | ||||
| -rw-r--r-- | modules/pam_keyinit/pam_keyinit.c | 3 | ||||
| -rw-r--r-- | modules/pam_lastlog/pam_lastlog.c | 2 | ||||
| -rw-r--r-- | modules/pam_listfile/pam_listfile.c | 2 | ||||
| -rw-r--r-- | modules/pam_loginuid/pam_loginuid.c | 2 | ||||
| -rw-r--r-- | modules/pam_mail/pam_mail.c | 2 | ||||
| -rw-r--r-- | modules/pam_sepermit/pam_sepermit.c | 3 | ||||
| -rw-r--r-- | modules/pam_tally/pam_tally.c | 4 | ||||
| -rw-r--r-- | modules/pam_tally2/pam_tally2.c | 4 | ||||
| -rw-r--r-- | modules/pam_tty_audit/pam_tty_audit.c | 2 | ||||
| -rw-r--r-- | modules/pam_umask/pam_umask.c | 2 | ||||
| -rw-r--r-- | modules/pam_xauth/pam_xauth.c | 4 |
12 files changed, 18 insertions, 16 deletions
diff --git a/modules/pam_faillock/pam_faillock.c b/modules/pam_faillock/pam_faillock.c index 142cf7e3..f592d0a2 100644 --- a/modules/pam_faillock/pam_faillock.c +++ b/modules/pam_faillock/pam_faillock.c @@ -403,10 +403,10 @@ get_pam_user(pam_handle_t *pamh, struct options *opts) if ((pwd=pam_modutil_getpwnam(pamh, user)) == NULL) { if (opts->flags & FAILLOCK_FLAG_AUDIT) { - pam_syslog(pamh, LOG_ERR, "User unknown: %s", user); + pam_syslog(pamh, LOG_NOTICE, "User unknown: %s", user); } else { - pam_syslog(pamh, LOG_ERR, "User unknown"); + pam_syslog(pamh, LOG_NOTICE, "User unknown"); } return PAM_IGNORE; } diff --git a/modules/pam_keyinit/pam_keyinit.c b/modules/pam_keyinit/pam_keyinit.c index b3aec483..92e4953b 100644 --- a/modules/pam_keyinit/pam_keyinit.c +++ b/modules/pam_keyinit/pam_keyinit.c @@ -202,7 +202,8 @@ static int do_keyinit(pam_handle_t *pamh, int argc, const char **argv, int error pw = pam_modutil_getpwnam(pamh, username); if (!pw) { - error(pamh, "Unable to look up user \"%s\"\n", username); + pam_syslog(pamh, LOG_NOTICE, "Unable to look up user \"%s\"\n", + username); return PAM_USER_UNKNOWN; } diff --git a/modules/pam_lastlog/pam_lastlog.c b/modules/pam_lastlog/pam_lastlog.c index a8686df7..abd048df 100644 --- a/modules/pam_lastlog/pam_lastlog.c +++ b/modules/pam_lastlog/pam_lastlog.c @@ -678,7 +678,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, pwd = pam_modutil_getpwnam (pamh, user); if (pwd == NULL) { - pam_syslog(pamh, LOG_ERR, "user unknown"); + pam_syslog(pamh, LOG_NOTICE, "user unknown"); return PAM_USER_UNKNOWN; } uid = pwd->pw_uid; diff --git a/modules/pam_listfile/pam_listfile.c b/modules/pam_listfile/pam_listfile.c index 4d30d017..28fd58fc 100644 --- a/modules/pam_listfile/pam_listfile.c +++ b/modules/pam_listfile/pam_listfile.c @@ -254,7 +254,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, gets set to PAM_USER in the extitem switch */ userinfo = pam_modutil_getpwnam(pamh, citemp); if (userinfo == NULL) { - pam_syslog(pamh,LOG_ERR, "getpwnam(%s) failed", + pam_syslog(pamh, LOG_NOTICE, "getpwnam(%s) failed", citemp); free(ifname); return onerr; diff --git a/modules/pam_loginuid/pam_loginuid.c b/modules/pam_loginuid/pam_loginuid.c index c3eca539..62dd3d59 100644 --- a/modules/pam_loginuid/pam_loginuid.c +++ b/modules/pam_loginuid/pam_loginuid.c @@ -210,7 +210,7 @@ _pam_loginuid(pam_handle_t *pamh, int flags UNUSED, /* get user info */ if ((pwd = pam_modutil_getpwnam(pamh, user)) == NULL) { - pam_syslog(pamh, LOG_ERR, + pam_syslog(pamh, LOG_NOTICE, "error: login user-name '%s' does not exist", user); return PAM_SESSION_ERR; } diff --git a/modules/pam_mail/pam_mail.c b/modules/pam_mail/pam_mail.c index 0e2c8f0d..17383c7b 100644 --- a/modules/pam_mail/pam_mail.c +++ b/modules/pam_mail/pam_mail.c @@ -390,7 +390,7 @@ static int _do_mail(pam_handle_t *pamh, int flags, int argc, pwd = pam_modutil_getpwnam (pamh, user); if (pwd == NULL) { - pam_syslog(pamh, LOG_ERR, "user unknown"); + pam_syslog(pamh, LOG_NOTICE, "user unknown"); return PAM_USER_UNKNOWN; } diff --git a/modules/pam_sepermit/pam_sepermit.c b/modules/pam_sepermit/pam_sepermit.c index ffa06b32..f7d98d5b 100644 --- a/modules/pam_sepermit/pam_sepermit.c +++ b/modules/pam_sepermit/pam_sepermit.c @@ -227,7 +227,8 @@ sepermit_lock(pam_handle_t *pamh, const char *user, int debug) struct passwd *pw = pam_modutil_getpwnam( pamh, user ); if (!pw) { - pam_syslog(pamh, LOG_ERR, "Unable to find uid for user %s", user); + pam_syslog(pamh, LOG_NOTICE, "Unable to find uid for user %s", + user); return -1; } if (check_running(pamh, pw->pw_uid, 0, debug) > 0) { diff --git a/modules/pam_tally/pam_tally.c b/modules/pam_tally/pam_tally.c index 7baf2c92..34ae6241 100644 --- a/modules/pam_tally/pam_tally.c +++ b/modules/pam_tally/pam_tally.c @@ -241,8 +241,8 @@ pam_get_uid(pam_handle_t *pamh, uid_t *uid, const char **userp, struct tally_opt if ( ! ( pw = pam_modutil_getpwnam( pamh, user ) ) ) { opts->ctrl & OPT_AUDIT ? - pam_syslog(pamh, LOG_ERR, "pam_get_uid; no such user %s", user) : - pam_syslog(pamh, LOG_ERR, "pam_get_uid; no such user"); + pam_syslog(pamh, LOG_NOTICE, "pam_get_uid; no such user %s", user) : + pam_syslog(pamh, LOG_NOTICE, "pam_get_uid; no such user"); return PAM_USER_UNKNOWN; } diff --git a/modules/pam_tally2/pam_tally2.c b/modules/pam_tally2/pam_tally2.c index 246c8c10..117df699 100644 --- a/modules/pam_tally2/pam_tally2.c +++ b/modules/pam_tally2/pam_tally2.c @@ -273,8 +273,8 @@ pam_get_uid(pam_handle_t *pamh, uid_t *uid, const char **userp, struct tally_opt if ( ! ( pw = pam_modutil_getpwnam( pamh, user ) ) ) { opts->ctrl & OPT_AUDIT ? - pam_syslog(pamh, LOG_ERR, "pam_get_uid; no such user %s", user) : - pam_syslog(pamh, LOG_ERR, "pam_get_uid; no such user"); + pam_syslog(pamh, LOG_NOTICE, "pam_get_uid; no such user %s", user) : + pam_syslog(pamh, LOG_NOTICE, "pam_get_uid; no such user"); return PAM_USER_UNKNOWN; } diff --git a/modules/pam_tty_audit/pam_tty_audit.c b/modules/pam_tty_audit/pam_tty_audit.c index 6b91bc50..15fb910f 100644 --- a/modules/pam_tty_audit/pam_tty_audit.c +++ b/modules/pam_tty_audit/pam_tty_audit.c @@ -275,7 +275,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char **argv) pwd = pam_modutil_getpwnam(pamh, user); if (pwd == NULL) { - pam_syslog(pamh, LOG_WARNING, + pam_syslog(pamh, LOG_NOTICE, "open_session unknown user '%s'", user); return PAM_SESSION_ERR; } diff --git a/modules/pam_umask/pam_umask.c b/modules/pam_umask/pam_umask.c index a6fb0299..c9efe245 100644 --- a/modules/pam_umask/pam_umask.c +++ b/modules/pam_umask/pam_umask.c @@ -209,7 +209,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED, pw = pam_modutil_getpwnam (pamh, name); if (pw == NULL) { - pam_syslog (pamh, LOG_ERR, "account for %s not found", name); + pam_syslog (pamh, LOG_NOTICE, "account for %s not found", name); return PAM_USER_UNKNOWN; } diff --git a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c index bcd0d3a9..ae731211 100644 --- a/modules/pam_xauth/pam_xauth.c +++ b/modules/pam_xauth/pam_xauth.c @@ -441,7 +441,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED, * on the xauthority file we create later on. */ tpwd = pam_modutil_getpwnam(pamh, user); if (tpwd == NULL) { - pam_syslog(pamh, LOG_ERR, + pam_syslog(pamh, LOG_NOTICE, "error determining target user's UID"); retval = PAM_SESSION_ERR; goto cleanup; @@ -785,7 +785,7 @@ pam_sm_close_session (pam_handle_t *pamh, int flags UNUSED, return PAM_SESSION_ERR; } if (!(tpwd = pam_modutil_getpwnam(pamh, user))) { - pam_syslog(pamh, LOG_ERR, + pam_syslog(pamh, LOG_NOTICE, "error determining target user's UID"); return PAM_SESSION_ERR; } |