diff options
| author | Thorsten Kukuk <kukuk@thkukuk.de> | 2009-06-30 10:28:53 +0000 |
|---|---|---|
| committer | Thorsten Kukuk <kukuk@thkukuk.de> | 2009-06-30 10:28:53 +0000 |
| commit | 2037cd51a2b787c492d60c9235b85868f03ed9ba (patch) | |
| tree | e26118a22a2b18899e841676dd70c01571d11141 /modules/pam_access | |
| parent | 006cf0e7333c53f7981c60c1cfcad77537d0fe74 (diff) | |
Relevant BUGIDs:
Purpose of commit: bugfix
Commit summary:
---------------
This makes Linux-PAM compile able with uClibc or on embedded systems
without full libc/libnsl.
2009-06-29 Thorsten Kukuk <kukuk@thkukuk.de>
* modules/pam_unix/yppasswd_xdr.c: Remove unnecessary header files.
* modules/pam_unix/support.c (_unix_getpwnam): Only compile in NIS
support if all necessary functions exist.
* modules/pam_unix/pam_unix_passwd.c (getNISserver): Add debug
option, handle correct if OS has no NIS support.
* modules/pam_access/pam_access.c (netgroup_match): Check if
yp_get_default_domain and innetgr are available at compile time.
* configure.in: Check for functions: innetgr, getdomainname
check for headers: rpcsvc/ypclnt.h, rpcsvc/yp_prot.h.
Diffstat (limited to 'modules/pam_access')
| -rw-r--r-- | modules/pam_access/pam_access.c | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/modules/pam_access/pam_access.c b/modules/pam_access/pam_access.c index ba8effe3..963ce528 100644 --- a/modules/pam_access/pam_access.c +++ b/modules/pam_access/pam_access.c @@ -41,11 +41,12 @@ #include <errno.h> #include <ctype.h> #include <sys/utsname.h> -#include <rpcsvc/ypclnt.h> #include <arpa/inet.h> #include <netdb.h> #include <sys/socket.h> - +#ifdef HAVE_RPCSVC_YPCLNT_H +#include <rpcsvc/ypclnt.h> +#endif #ifdef HAVE_LIBAUDIT #include <libaudit.h> #endif @@ -465,13 +466,31 @@ static int netgroup_match (pam_handle_t *pamh, const char *netgroup, const char *machine, const char *user, int debug) { - char *mydomain = NULL; int retval; + char *mydomain = NULL; +#ifdef HAVE_YP_GET_DEFAUTL_DOMAIN yp_get_default_domain(&mydomain); +#elif defined(HAVE_GETDOMAINNAME) + char domainname_res[256]; + if (getdomainname (domainname_res, sizeof (domainname_res)) == 0) + { + if (strcmp (domainname_res, "(none)") == 0) + { + /* If domainname is not set, some systems will return "(none)" */ + domainname_res[0] = '\0'; + } + mydomain = domainname_res; + } +#endif +#ifdef HAVE_INNETGR retval = innetgr (netgroup, machine, user, mydomain); +#else + retval = 0; + pam_syslog (pamh, LOG_ERR, "pam_access does not have netgroup support"); +#endif if (debug == YES) pam_syslog (pamh, LOG_DEBUG, "netgroup_match: %d (netgroup=%s, machine=%s, user=%s, domain=%s)", @@ -479,7 +498,6 @@ netgroup_match (pam_handle_t *pamh, const char *netgroup, machine ? machine : "NULL", user ? user : "NULL", mydomain ? mydomain : "NULL"); return retval; - } /* user_match - match a username against one token */ |