summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog6
-rw-r--r--NEWS2
-rw-r--r--configure.in2
-rw-r--r--modules/pam_tally/pam_tally.c38
4 files changed, 30 insertions, 18 deletions
diff --git a/ChangeLog b/ChangeLog
index 0ce089a3..d1b092fe 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2006-05-04 Thorsten Kukuk <kukuk@suse.de>
+
+ * configure.in: Check for fseeko.
+ * modules/pam_tally/pam_tally.c: Use fseeko if available
+ (Based on patch by IBM).
+
2006-05-04 Thorsten Kukuk <kukuk@thkukuk.de>
* release version 0.99.4.0
diff --git a/NEWS b/NEWS
index 7e28ca44..9bc77809 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,8 @@
Linux-PAM NEWS -- history of user-visible changes.
+* pam_tally: Fix support for large UIDs
+
Release 0.99.4.0
* Add test suite
diff --git a/configure.in b/configure.in
index 8df53d0d..bb8532eb 100644
--- a/configure.in
+++ b/configure.in
@@ -377,7 +377,7 @@ AC_TYPE_GETGROUPS
AC_PROG_GCC_TRADITIONAL
AC_FUNC_MEMCMP
AC_FUNC_VPRINTF
-AC_CHECK_FUNCS(gethostname gettimeofday lckpwdf mkdir select)
+AC_CHECK_FUNCS(fseeko gethostname gettimeofday lckpwdf mkdir select)
AC_CHECK_FUNCS(strcspn strdup strspn strstr strtol uname)
AC_CHECK_FUNCS(getpwnam_r getpwuid_r getgrnam_r getgrgid_r getspnam_r)
AC_CHECK_FUNCS(getgrouplist getline getdelim)
diff --git a/modules/pam_tally/pam_tally.c b/modules/pam_tally/pam_tally.c
index ffd9b330..f3642c34 100644
--- a/modules/pam_tally/pam_tally.c
+++ b/modules/pam_tally/pam_tally.c
@@ -1,7 +1,6 @@
/*
* pam_tally.c
*
- * $Id$
*/
@@ -34,11 +33,6 @@
#include <sys/param.h>
#include "faillog.h"
-#ifndef TRUE
-#define TRUE 1L
-#define FALSE 0L
-#endif
-
/*
* here, we make a definition for the externally accessible function
* in this file (this definition is required for static a module
@@ -55,6 +49,15 @@
#include <security/pam_modutil.h>
#include <security/pam_ext.h>
+#ifndef TRUE
+#define TRUE 1L
+#define FALSE 0L
+#endif
+
+#ifndef HAVE_FSEEKO
+#define fseeko fseek
+#endif
+
/*---------------------------------------------------------------------*/
#define DEFAULT_LOGFILE "/var/log/faillog"
@@ -64,8 +67,6 @@
#define TALLY_FMT "%hu"
#define TALLY_HI ((tally_t)~0L)
-#define UID_FMT "%hu"
-
#ifndef FILENAME_MAX
# define FILENAME_MAX MAXPATHLEN
#endif
@@ -345,7 +346,7 @@ get_tally(pam_handle_t *pamh, tally_t *tally, uid_t uid,
return PAM_AUTH_ERR;
}
- if ( fseek( *TALLY, uid * sizeof(struct faillog), SEEK_SET ) ) {
+ if ( fseeko( *TALLY, (off_t) uid * sizeof(struct faillog), SEEK_SET ) ) {
pam_syslog(pamh, LOG_ALERT, "fseek failed for %s", filename);
fclose(*TALLY);
return PAM_AUTH_ERR;
@@ -382,7 +383,7 @@ set_tally(pam_handle_t *pamh, tally_t tally, uid_t uid,
int retval = PAM_SUCCESS;
if ( tally!=TALLY_HI ) {
- if ( fseek( *TALLY, uid * sizeof(struct faillog), SEEK_SET ) ) {
+ if ( fseeko( *TALLY, (off_t) uid * sizeof(struct faillog), SEEK_SET ) ) {
pam_syslog(pamh, LOG_ALERT, "fseek failed for %s", filename);
retval = PAM_AUTH_ERR;
} else {
@@ -518,9 +519,9 @@ tally_check (time_t oldtime, pam_handle_t *pamh, uid_t uid,
if ( lock_time + oldtime > time(NULL) )
{
pam_syslog(pamh, LOG_NOTICE,
- "user %s ("UID_FMT") has time limit [%lds left]"
+ "user %s (%lu) has time limit [%lds left]"
" since last failure.",
- user,uid,
+ user, (unsigned long int) uid,
oldtime+lock_time
-time(NULL));
return PAM_AUTH_ERR;
@@ -539,8 +540,8 @@ tally_check (time_t oldtime, pam_handle_t *pamh, uid_t uid,
( ((opts->ctrl & OPT_DENY_ROOT) || uid) ) /* even_deny stops uid check */
) {
pam_syslog(pamh, LOG_NOTICE,
- "user %s ("UID_FMT") tally "TALLY_FMT", deny "TALLY_FMT,
- user, uid, tally, deny);
+ "user %s (%lu) tally "TALLY_FMT", deny "TALLY_FMT,
+ user, (unsigned long int) uid, tally, deny);
return PAM_AUTH_ERR; /* Only unconditional failure */
}
}
@@ -807,7 +808,8 @@ int main ( int argc UNUSED, char **argv )
}
if ( !cline_quiet )
- printf("User %s\t("UID_FMT")\t%s "TALLY_FMT"\n",cline_user,uid,
+ printf("User %s\t(%lu)\t%s "TALLY_FMT"\n",cline_user,
+ (unsigned long int) uid,
(cline_reset!=TALLY_HI)?"had":"has",tally);
i=set_tally(NULL, cline_reset, uid, cline_filename, &TALLY, fsp);
@@ -832,11 +834,13 @@ int main ( int argc UNUSED, char **argv )
tally = fsp->fs_faillog.fail_cnt;
if ( ( pw=getpwuid(uid) ) ) {
- printf("User %s\t("UID_FMT")\t%s "TALLY_FMT"\n",pw->pw_name,uid,
+ printf("User %s\t(%lu)\t%s "TALLY_FMT"\n",pw->pw_name,
+ (unsigned long int) uid,
(cline_reset!=TALLY_HI)?"had":"has",tally);
}
else {
- printf("User [NONAME]\t("UID_FMT")\t%s "TALLY_FMT"\n",uid,
+ printf("User [NONAME]\t(%lu)\t%s "TALLY_FMT"\n",
+ (unsigned long int) uid,
(cline_reset!=TALLY_HI)?"had":"has",tally);
}
}