pam_env: expand @{HOME} and @{SHELL} and enhance documentation

(Ticket#24 and #29)

* modules/pam_env/pam_env.c: Replace @{HOME} and @{SHELL} with passwd entries
* modules/pam_env/pam_env.conf.5.xml: Document @{HOME} and @{SHELL}
* modules/pam_env/pam_env.8.xml: Enhance documentation

1 files changed, 14 insertions, 1 deletions

diff --git a/modules/pam_env/pam_env.c b/modules/pam_env/pam_env.c
index e04f5b53..1bfdf089 100644
--- a/modules/pam_env/pam_env.c
+++ b/modules/pam_env/pam_env.c
@@ -676,7 +676,7 @@ static const char * _pam_get_item_byname(pam_handle_t *pamh, const char *name)
   const void *itemval;
 
   D(("Called."));
-  if (strcmp(name, "PAM_USER") == 0) {
+  if (strcmp(name, "PAM_USER") == 0 || strcmp(name, "HOME") == 0 || strcmp(name, "SHELL") == 0) {
     item = PAM_USER;
   } else if (strcmp(name, "PAM_USER_PROMPT") == 0) {
     item = PAM_USER_PROMPT;
@@ -696,6 +696,19 @@ static const char * _pam_get_item_byname(pam_handle_t *pamh, const char *name)
     D(("pam_get_item failed"));
     return NULL;     /* let pam_get_item() log the error */
   }
+
+  if (itemval && (strcmp(name, "HOME") == 0 || strcmp(name, "SHELL") == 0)) {
+    struct passwd *user_entry;
+    user_entry = pam_modutil_getpwnam (pamh, (char *) itemval);
+    if (!user_entry) {
+      pam_syslog(pamh, LOG_ERR, "No such user!?");
+      return NULL;
+    }
+    return (strcmp(name, "SHELL") == 0) ?
+      user_entry->pw_shell :
+      user_entry->pw_dir;
+  }
+
   D(("Exit."));
   return itemval;
 }