diff options
| -rw-r--r-- | ChangeLog | 9 | ||||
| -rw-r--r-- | modules/pam_umask/README | 4 | ||||
| -rw-r--r-- | modules/pam_umask/pam_umask.8 | 9 | ||||
| -rw-r--r-- | modules/pam_umask/pam_umask.8.xml | 14 | ||||
| -rw-r--r-- | modules/pam_umask/pam_umask.c | 23 | ||||
| -rw-r--r-- | xtests/Makefile.am | 10 | ||||
| -rw-r--r-- | xtests/tst-pam_dispatch1.c | 3 | ||||
| -rw-r--r-- | xtests/tst-pam_dispatch2.c | 3 | ||||
| -rw-r--r-- | xtests/tst-pam_dispatch3.c | 3 |
9 files changed, 64 insertions, 14 deletions
@@ -1,3 +1,12 @@ +2006-08-06 Thorsten Kukuk <kukuk@thkukuk.de> + + * modules/pam_umask/pam_umask.c (setup_limits_from_gecos): + Add error handling. + * modules/pam_umask/pam_umask.8.xml: Document silent option. + + * xtests/Makefile.am: Fix includes for bootstrapping. + Reported by Greg Schafer <gschafer@zip.com.au>. + 2006-08-05 Thorsten Kukuk <kukuk@thkukuk.de> * release version 0.99.6.0 diff --git a/modules/pam_umask/README b/modules/pam_umask/README index 2a4f2641..69003ec3 100644 --- a/modules/pam_umask/README +++ b/modules/pam_umask/README @@ -29,6 +29,10 @@ debug Print debug information. +silent + + Don't print informative messages. + usergroups If the user is not root, and the user ID is equal to the group ID, and the diff --git a/modules/pam_umask/pam_umask.8 b/modules/pam_umask/pam_umask.8 index 230a4676..43160d63 100644 --- a/modules/pam_umask/pam_umask.8 +++ b/modules/pam_umask/pam_umask.8 @@ -1,11 +1,11 @@ .\" Title: pam_umask .\" Author: .\" Generator: DocBook XSL Stylesheets v1.70.1 <http://docbook.sf.net/> -.\" Date: 06/09/2006 +.\" Date: 08/06/2006 .\" Manual: Linux\-PAM Manual .\" Source: Linux\-PAM Manual .\" -.TH "PAM_UMASK" "8" "06/09/2006" "Linux\-PAM Manual" "Linux\-PAM Manual" +.TH "PAM_UMASK" "8" "08/06/2006" "Linux\-PAM Manual" "Linux\-PAM Manual" .\" disable hyphenation .nh .\" disable justification (adjust text to left margin only) @@ -14,7 +14,7 @@ pam_umask \- PAM module to set the file mode creation mask .SH "SYNOPSIS" .HP 13 -\fBpam_umask.so\fR [debug] [usergroups] [umask=\fImask\fR] +\fBpam_umask.so\fR [debug] [silent] [usergroups] [umask=\fImask\fR] .SH "DESCRIPTION" .PP pam_umask is a PAM module to set the file mode creation mask of the current environment. The umask affects the default permissions assigned to newly created files. @@ -46,6 +46,9 @@ UMASK entry from /etc/login.defs \fBdebug\fR Print debug information. .TP 3n +\fBsilent\fR +Don't print informative messages. +.TP 3n \fBusergroups\fR If the user is not root, and the user ID is equal to the group ID, and the username is the same as primary group name, the umask group bits are set to be the same as owner bits (examples: 022 \-> 002, 077 \-> 007). .TP 3n diff --git a/modules/pam_umask/pam_umask.8.xml b/modules/pam_umask/pam_umask.8.xml index 8bb866a0..d65e6660 100644 --- a/modules/pam_umask/pam_umask.8.xml +++ b/modules/pam_umask/pam_umask.8.xml @@ -22,6 +22,9 @@ debug </arg> <arg choice="opt"> + silent + </arg> + <arg choice="opt"> usergroups </arg> <arg choice="opt"> @@ -97,6 +100,17 @@ <varlistentry> <term> + <option>silent</option> + </term> + <listitem> + <para> + Don't print informative messages. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term> <option>usergroups</option> </term> <listitem> diff --git a/modules/pam_umask/pam_umask.c b/modules/pam_umask/pam_umask.c index 46f25ae7..c5fa773b 100644 --- a/modules/pam_umask/pam_umask.c +++ b/modules/pam_umask/pam_umask.c @@ -39,6 +39,7 @@ #include <grp.h> #include <stdio.h> #include <ctype.h> +#include <errno.h> #include <string.h> #include <stdarg.h> #include <unistd.h> @@ -57,6 +58,7 @@ struct options_t { int debug; int usergroups; + int silent; char *umask; }; typedef struct options_t options_t; @@ -73,6 +75,8 @@ parse_option (const pam_handle_t *pamh, const char *argv, options_t *options) options->umask = strdup (&argv[6]); else if (strcasecmp (argv, "usergroups") == 0) options->usergroups = 1; + else if (strcasecmp (argv, "silent") == 0) + options->silent = 1; else pam_syslog (pamh, LOG_ERR, "Unknown option: `%s'", argv); } @@ -211,13 +215,26 @@ setup_limits_from_gecos (pam_handle_t *pamh, options_t *options, if (strncasecmp (cp, "umask=", 6) == 0) umask (strtol (cp + 6, NULL, 8) & 0777); else if (strncasecmp (cp, "pri=", 4) == 0) - nice (strtol (cp + 4, NULL, 10)); + { + errno = 0; + if (nice (strtol (cp + 4, NULL, 10)) == -1 && errno != 0) + { + if (!options->silent || options->debug) + pam_error (pamh, "nice failed: %m\n"); + pam_syslog (pamh, LOG_ERR, "nice failed: %m"); + } + } else if (strncasecmp (cp, "ulimit=", 7) == 0) { struct rlimit rlimit_fsize; rlimit_fsize.rlim_cur = 512L * strtol (cp + 7, NULL, 10); rlimit_fsize.rlim_max = rlimit_fsize.rlim_cur; - setrlimit (RLIMIT_FSIZE, &rlimit_fsize); + if (setrlimit (RLIMIT_FSIZE, &rlimit_fsize) == -1) + { + if (!options->silent || options->debug) + pam_error (pamh, "setrlimit failed: %m\n"); + pam_syslog (pamh, LOG_ERR, "setrlimit failed: %m"); + } } } } @@ -233,6 +250,8 @@ pam_sm_open_session (pam_handle_t *pamh, int flags UNUSED, int retval = PAM_SUCCESS; get_options (pamh, &options, argc, argv); + if (flags & PAM_SILENT) + options.silent = 1; /* get the user name. */ if ((retval = pam_get_user (pamh, &name, NULL)) != PAM_SUCCESS) diff --git a/xtests/Makefile.am b/xtests/Makefile.am index 622e3e59..549ef8c9 100644 --- a/xtests/Makefile.am +++ b/xtests/Makefile.am @@ -2,8 +2,10 @@ # Copyright (c) 2006 Thorsten Kukuk <kukuk@suse.de> # -AM_CFLAGS = -DLIBPAM_COMPILE -I$(top_srcdir)/libpam/include -AM_LDFLAGS = -L$(top_builddir)/libpam -lpam +AM_CFLAGS = -DLIBPAM_COMPILE -I$(top_srcdir)/libpam/include \ + -I$(top_srcdir)/libpamc/include -I$(top_srcdir)/libpam_misc/include +AM_LDFLAGS = -L$(top_builddir)/libpam -lpam \ + -L$(top_builddir)/libpam_misc -lpam_misc CLEANFILES = *~ @@ -14,10 +16,6 @@ XTESTS = tst-pam_dispatch1 tst-pam_dispatch2 tst-pam_dispatch3 noinst_PROGRAMS = $(XTESTS) -tst_pam_dispatch1_LDADD = -L$(top_builddir)/libpam -lpam -ldl -L$(top_builddir)/libpam_misc -lpam_misc -tst_pam_dispatch2_LDADD = -L$(top_builddir)/libpam -lpam -ldl -L$(top_builddir)/libpam_misc -lpam_misc -tst_pam_dispatch3_LDADD = -L$(top_builddir)/libpam -lpam -ldl -L$(top_builddir)/libpam_misc -lpam_misc - xtests: $(XTESTS) @failed=0; pass=0; all=0; \ for testname in $(XTESTS) ; do \ diff --git a/xtests/tst-pam_dispatch1.c b/xtests/tst-pam_dispatch1.c index 0fb5bdef..73720ab8 100644 --- a/xtests/tst-pam_dispatch1.c +++ b/xtests/tst-pam_dispatch1.c @@ -1,7 +1,8 @@ +#include <stdio.h> +#include <string.h> #include <security/pam_appl.h> #include <security/pam_misc.h> -#include <stdio.h> static struct pam_conv conv = { misc_conv, diff --git a/xtests/tst-pam_dispatch2.c b/xtests/tst-pam_dispatch2.c index 181484f9..7b4221be 100644 --- a/xtests/tst-pam_dispatch2.c +++ b/xtests/tst-pam_dispatch2.c @@ -1,7 +1,8 @@ +#include <stdio.h> +#include <strings.h> #include <security/pam_appl.h> #include <security/pam_misc.h> -#include <stdio.h> static struct pam_conv conv = { misc_conv, diff --git a/xtests/tst-pam_dispatch3.c b/xtests/tst-pam_dispatch3.c index 76f3a940..9183cada 100644 --- a/xtests/tst-pam_dispatch3.c +++ b/xtests/tst-pam_dispatch3.c @@ -1,7 +1,8 @@ +#include <stdio.h> +#include <string.h> #include <security/pam_appl.h> #include <security/pam_misc.h> -#include <stdio.h> static struct pam_conv conv = { misc_conv, |