diff options
| -rw-r--r-- | CHANGELOG | 2 | ||||
| -rw-r--r-- | modules/pam_tally/pam_tally.c | 11 |
2 files changed, 11 insertions, 2 deletions
@@ -35,6 +35,8 @@ Where you should replace XXXXX with a bug-id. 0.74: please submit patches for this section with actual code/doc patches! +* pam_tally - check for PAM_TTY if PAM_RHOST is not set when writing + to faillog (Bug 124394 - baggins) * use O_NOFOLLOW if available when opening debug log (Bug 124385 - baggins) * pam_cracklib - removed comments about pam_unix not working with pam_cracklib, added information about use_authtok parameter diff --git a/modules/pam_tally/pam_tally.c b/modules/pam_tally/pam_tally.c index 436ce956..e5e17b95 100644 --- a/modules/pam_tally/pam_tally.c +++ b/modules/pam_tally/pam_tally.c @@ -295,7 +295,8 @@ static int tally_bump (int inc, *TALLY = NULL; const char *user = NULL, - *remote_host = NULL; + *remote_host = NULL, + *cur_tty = NULL; int i=pam_get_uid(pamh, &uid, &user); if ( i != PAM_SUCCESS ) RETURN_ERROR( i ); @@ -306,7 +307,13 @@ static int tally_bump (int inc, (void) pam_get_item(pamh, PAM_RHOST, (const void **)&remote_host); if (!remote_host) { - strcpy(faillog.fail_line, "unknown"); + (void) pam_get_item(pamh, PAM_TTY, (const void **)&cur_tty); + if (!cur_tty) + strcpy(faillog.fail_line, "unknown"); + else { + strncpy(faillog.fail_line, cur_tty, (size_t)sizeof(faillog.fail_line)); + faillog.fail_line[sizeof(faillog.fail_line)-1] = 0; + } } else { |