diff options
| -rw-r--r-- | CHANGELOG | 2 | ||||
| -rw-r--r-- | doc/modules/pam_access.sgml | 4 | ||||
| -rw-r--r-- | modules/pam_access/pam_access.c | 22 |
3 files changed, 16 insertions, 12 deletions
@@ -35,6 +35,8 @@ Where you should replace XXXXX with a bug-id. 0.74: please submit patches for this section with actual code/doc patches! +* pam_access - fixed the non-default config file option (Bug 127561 - + agmorgan) * pam.8 manual page clarified with respect to the default location for finding modules, also added some text describing the [...] control syntax. (Bug 127625 - agmorgan) diff --git a/doc/modules/pam_access.sgml b/doc/modules/pam_access.sgml index d6f317bd..00c7ea16 100644 --- a/doc/modules/pam_access.sgml +++ b/doc/modules/pam_access.sgml @@ -59,7 +59,7 @@ Provides logdaemon style login access control. <tag><bf>Recognized arguments:</bf></tag> -<tt>accessconf=<it>/path/to/file.conf</it></tt> +<tt>accessfile=<it>/path/to/file.conf</it></tt> <tag><bf>Description:</bf></tag> @@ -75,7 +75,7 @@ The behavior of this module can be modified with the following arguments: <itemize> -<item><tt>accessconf=/path/to/file.conf</tt> - +<item><tt>accessfile=/path/to/file.conf</tt> - indicate an alternative <em/access/ configuration file to override the default. This can be useful when different services need different access lists. diff --git a/modules/pam_access/pam_access.c b/modules/pam_access/pam_access.c index 384f1e0a..87ad708d 100644 --- a/modules/pam_access/pam_access.c +++ b/modules/pam_access/pam_access.c @@ -160,12 +160,12 @@ static int login_access(struct login_info *item) { FILE *fp; char line[BUFSIZ]; - char *perm; /* becomes permission field */ - char *users; /* becomes list of login names */ - char *froms; /* becomes list of terminals or hosts */ + char *perm; /* becomes permission field */ + char *users; /* becomes list of login names */ + char *froms; /* becomes list of terminals or hosts */ int match = NO; int end; - int lineno = 0; /* for diagnostics */ + int lineno = 0; /* for diagnostics */ /* * Process the table one line at a time and stop at the first match. @@ -175,12 +175,12 @@ static int login_access(struct login_info *item) * non-existing table means no access control. */ - if ((fp = fopen(PAM_ACCESS_CONFIG, "r"))!=NULL) { + if ((fp = fopen(item->config_file, "r"))!=NULL) { while (!match && fgets(line, sizeof(line), fp)) { lineno++; if (line[end = strlen(line) - 1] != '\n') { _log_err("%s: line %d: missing newline or line too long", - PAM_ACCESS_CONFIG, lineno); + item->config_file, lineno); continue; } if (line[0] == '#') @@ -194,11 +194,13 @@ static int login_access(struct login_info *item) || !(users = strtok((char *) 0, fs)) || !(froms = strtok((char *) 0, fs)) || strtok((char *) 0, fs)) { - _log_err("%s: line %d: bad field count", PAM_ACCESS_CONFIG, lineno); + _log_err("%s: line %d: bad field count", + item->config_file, lineno); continue; } if (perm[0] != '+' && perm[0] != '-') { - _log_err("%s: line %d: bad first field", PAM_ACCESS_CONFIG, lineno); + _log_err("%s: line %d: bad first field", + item->config_file, lineno); continue; } match = (list_match(froms, item, from_match) @@ -206,7 +208,7 @@ static int login_access(struct login_info *item) } (void) fclose(fp); } else if (errno != ENOENT) { - _log_err("cannot open %s: %m", PAM_ACCESS_CONFIG); + _log_err("cannot open %s: %m", item->config_file); } return (match == 0 || (line[0] == '+')); } @@ -450,7 +452,7 @@ PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc if ((user_pw=getpwnam(user))==NULL) return (PAM_USER_UNKNOWN); /* - * Bundle up the arguments to avoid unnecessary clumsiness lateron. + * Bundle up the arguments to avoid unnecessary clumsiness later on. */ loginfo.user = user_pw; loginfo.from = from; |