diff options
Diffstat (limited to 'Linux-PAM/modules/pam_listfile')
| -rw-r--r-- | Linux-PAM/modules/pam_listfile/Makefile.am | 31 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_listfile/Makefile.in | 666 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_listfile/README | 101 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_listfile/README.xml | 41 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_listfile/pam_listfile.8 | 189 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_listfile/pam_listfile.8.xml | 297 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_listfile/pam_listfile.c | 462 | ||||
| -rwxr-xr-x | Linux-PAM/modules/pam_listfile/tst-pam_listfile | 2 |
8 files changed, 0 insertions, 1789 deletions
diff --git a/Linux-PAM/modules/pam_listfile/Makefile.am b/Linux-PAM/modules/pam_listfile/Makefile.am deleted file mode 100644 index 2f211320..00000000 --- a/Linux-PAM/modules/pam_listfile/Makefile.am +++ /dev/null @@ -1,31 +0,0 @@ -# -# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de> -# - -CLEANFILES = *~ - -EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_listfile - -man_MANS = pam_listfile.8 -XMLS = README.xml pam_listfile.8.xml - -TESTS = tst-pam_listfile - -securelibdir = $(SECUREDIR) -secureconfdir = $(SCONFIGDIR) - -AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include -AM_LDFLAGS = -no-undefined -avoid-version -module -if HAVE_VERSIONING - AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map -endif - -securelib_LTLIBRARIES = pam_listfile.la -pam_listfile_la_LIBADD = -L$(top_builddir)/libpam -lpam - -if ENABLE_REGENERATE_MAN -noinst_DATA = README -README: pam_listfile.8.xml --include $(top_srcdir)/Make.xml.rules -endif - diff --git a/Linux-PAM/modules/pam_listfile/Makefile.in b/Linux-PAM/modules/pam_listfile/Makefile.in deleted file mode 100644 index 8e12f5d9..00000000 --- a/Linux-PAM/modules/pam_listfile/Makefile.in +++ /dev/null @@ -1,666 +0,0 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. -# @configure_input@ - -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# This Makefile.in is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY, to the extent permitted by law; without -# even the implied warranty of MERCHANTABILITY or FITNESS FOR A -# PARTICULAR PURPOSE. - -@SET_MAKE@ - -# -# Copyright (c) 2005, 2006 Thorsten Kukuk <kukuk@suse.de> -# - - -VPATH = @srcdir@ -pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ -pkgincludedir = $(includedir)/@PACKAGE@ -am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd -install_sh_DATA = $(install_sh) -c -m 644 -install_sh_PROGRAM = $(install_sh) -c -install_sh_SCRIPT = $(install_sh) -c -INSTALL_HEADER = $(INSTALL_DATA) -transform = $(program_transform_name) -NORMAL_INSTALL = : -PRE_INSTALL = : -POST_INSTALL = : -NORMAL_UNINSTALL = : -PRE_UNINSTALL = : -POST_UNINSTALL = : -build_triplet = @build@ -host_triplet = @host@ -@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map -subdir = modules/pam_listfile -DIST_COMMON = README $(srcdir)/Makefile.am $(srcdir)/Makefile.in -ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \ - $(top_srcdir)/m4/iconv.m4 \ - $(top_srcdir)/m4/jh_path_xml_catalog.m4 \ - $(top_srcdir)/m4/ld-O1.m4 $(top_srcdir)/m4/ld-as-needed.m4 \ - $(top_srcdir)/m4/lib-ld.m4 $(top_srcdir)/m4/lib-link.m4 \ - $(top_srcdir)/m4/lib-prefix.m4 $(top_srcdir)/m4/libprelude.m4 \ - $(top_srcdir)/m4/nls.m4 $(top_srcdir)/m4/po.m4 \ - $(top_srcdir)/m4/progtest.m4 $(top_srcdir)/acinclude.m4 \ - $(top_srcdir)/configure.in -am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ - $(ACLOCAL_M4) -mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs -CONFIG_HEADER = $(top_builddir)/config.h -CONFIG_CLEAN_FILES = -am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; -am__vpath_adj = case $$p in \ - $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ - *) f=$$p;; \ - esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; -am__installdirs = "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)" -securelibLTLIBRARIES_INSTALL = $(INSTALL) -LTLIBRARIES = $(securelib_LTLIBRARIES) -pam_listfile_la_DEPENDENCIES = -pam_listfile_la_SOURCES = pam_listfile.c -pam_listfile_la_OBJECTS = pam_listfile.lo -DEFAULT_INCLUDES = -I. -I$(top_builddir)@am__isrc@ -depcomp = $(SHELL) $(top_srcdir)/depcomp -am__depfiles_maybe = depfiles -COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ - $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ -SOURCES = pam_listfile.c -DIST_SOURCES = pam_listfile.c -man8dir = $(mandir)/man8 -NROFF = nroff -MANS = $(man_MANS) -DATA = $(noinst_DATA) -ETAGS = etags -CTAGS = ctags -DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) -ACLOCAL = @ACLOCAL@ -AMTAR = @AMTAR@ -AR = @AR@ -AUTOCONF = @AUTOCONF@ -AUTOHEADER = @AUTOHEADER@ -AUTOMAKE = @AUTOMAKE@ -AWK = @AWK@ -BROWSER = @BROWSER@ -CC = @CC@ -CCDEPMODE = @CCDEPMODE@ -CFLAGS = @CFLAGS@ -CPP = @CPP@ -CPPFLAGS = @CPPFLAGS@ -CXX = @CXX@ -CXXCPP = @CXXCPP@ -CXXDEPMODE = @CXXDEPMODE@ -CXXFLAGS = @CXXFLAGS@ -CYGPATH_W = @CYGPATH_W@ -DEFS = @DEFS@ -DEPDIR = @DEPDIR@ -ECHO = @ECHO@ -ECHO_C = @ECHO_C@ -ECHO_N = @ECHO_N@ -ECHO_T = @ECHO_T@ -EGREP = @EGREP@ -EXEEXT = @EXEEXT@ -F77 = @F77@ -FFLAGS = @FFLAGS@ -FO2PDF = @FO2PDF@ -GMSGFMT = @GMSGFMT@ -GMSGFMT_015 = @GMSGFMT_015@ -GREP = @GREP@ -HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ -INTLLIBS = @INTLLIBS@ -INTL_MACOSX_LIBS = @INTL_MACOSX_LIBS@ -LDFLAGS = @LDFLAGS@ -LEX = @LEX@ -LEXLIB = @LEXLIB@ -LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@ -LIBAUDIT = @LIBAUDIT@ -LIBCRACK = @LIBCRACK@ -LIBCRYPT = @LIBCRYPT@ -LIBDB = @LIBDB@ -LIBDL = @LIBDL@ -LIBICONV = @LIBICONV@ -LIBINTL = @LIBINTL@ -LIBNSL = @LIBNSL@ -LIBOBJS = @LIBOBJS@ -LIBPRELUDE_CFLAGS = @LIBPRELUDE_CFLAGS@ -LIBPRELUDE_CONFIG = @LIBPRELUDE_CONFIG@ -LIBPRELUDE_CONFIG_PREFIX = @LIBPRELUDE_CONFIG_PREFIX@ -LIBPRELUDE_LDFLAGS = @LIBPRELUDE_LDFLAGS@ -LIBPRELUDE_LIBS = @LIBPRELUDE_LIBS@ -LIBPRELUDE_PREFIX = @LIBPRELUDE_PREFIX@ -LIBPRELUDE_PTHREAD_CFLAGS = @LIBPRELUDE_PTHREAD_CFLAGS@ -LIBS = @LIBS@ -LIBSELINUX = @LIBSELINUX@ -LIBTOOL = @LIBTOOL@ -LN_S = @LN_S@ -LTLIBICONV = @LTLIBICONV@ -LTLIBINTL = @LTLIBINTL@ -LTLIBOBJS = @LTLIBOBJS@ -MAKEINFO = @MAKEINFO@ -MKDIR_P = @MKDIR_P@ -MSGFMT = @MSGFMT@ -MSGFMT_015 = @MSGFMT_015@ -MSGMERGE = @MSGMERGE@ -OBJEXT = @OBJEXT@ -PACKAGE = @PACKAGE@ -PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ -PACKAGE_NAME = @PACKAGE_NAME@ -PACKAGE_STRING = @PACKAGE_STRING@ -PACKAGE_TARNAME = @PACKAGE_TARNAME@ -PACKAGE_VERSION = @PACKAGE_VERSION@ -PAM_READ_BOTH_CONFS = @PAM_READ_BOTH_CONFS@ -PATH_SEPARATOR = @PATH_SEPARATOR@ -PIE_CFLAGS = @PIE_CFLAGS@ -PIE_LDFLAGS = @PIE_LDFLAGS@ -POSUB = @POSUB@ -RANLIB = @RANLIB@ -SCONFIGDIR = @SCONFIGDIR@ -SECUREDIR = @SECUREDIR@ -SED = @SED@ -SET_MAKE = @SET_MAKE@ -SHELL = @SHELL@ -STRIP = @STRIP@ -USE_NLS = @USE_NLS@ -VERSION = @VERSION@ -WITH_DEBUG = @WITH_DEBUG@ -WITH_PAMLOCKING = @WITH_PAMLOCKING@ -XGETTEXT = @XGETTEXT@ -XGETTEXT_015 = @XGETTEXT_015@ -XMLCATALOG = @XMLCATALOG@ -XMLLINT = @XMLLINT@ -XML_CATALOG_FILE = @XML_CATALOG_FILE@ -XSLTPROC = @XSLTPROC@ -YACC = @YACC@ -YFLAGS = @YFLAGS@ -abs_builddir = @abs_builddir@ -abs_srcdir = @abs_srcdir@ -abs_top_builddir = @abs_top_builddir@ -abs_top_srcdir = @abs_top_srcdir@ -ac_ct_CC = @ac_ct_CC@ -ac_ct_CXX = @ac_ct_CXX@ -ac_ct_F77 = @ac_ct_F77@ -am__include = @am__include@ -am__leading_dot = @am__leading_dot@ -am__quote = @am__quote@ -am__tar = @am__tar@ -am__untar = @am__untar@ -bindir = @bindir@ -build = @build@ -build_alias = @build_alias@ -build_cpu = @build_cpu@ -build_os = @build_os@ -build_vendor = @build_vendor@ -builddir = @builddir@ -datadir = @datadir@ -datarootdir = @datarootdir@ -docdir = @docdir@ -dvidir = @dvidir@ -exec_prefix = @exec_prefix@ -host = @host@ -host_alias = @host_alias@ -host_cpu = @host_cpu@ -host_os = @host_os@ -host_vendor = @host_vendor@ -htmldir = @htmldir@ -includedir = @includedir@ -infodir = @infodir@ -install_sh = @install_sh@ -libc_cv_fpie = @libc_cv_fpie@ -libdir = @libdir@ -libexecdir = @libexecdir@ -localedir = @localedir@ -localstatedir = @localstatedir@ -mandir = @mandir@ -mkdir_p = @mkdir_p@ -oldincludedir = @oldincludedir@ -pam_cv_ld_as_needed = @pam_cv_ld_as_needed@ -pam_xauth_path = @pam_xauth_path@ -pdfdir = @pdfdir@ -prefix = @prefix@ -program_transform_name = @program_transform_name@ -psdir = @psdir@ -sbindir = @sbindir@ -sharedstatedir = @sharedstatedir@ -srcdir = @srcdir@ -sysconfdir = @sysconfdir@ -target_alias = @target_alias@ -top_builddir = @top_builddir@ -top_srcdir = @top_srcdir@ -CLEANFILES = *~ -EXTRA_DIST = README $(MANS) $(XMLS) tst-pam_listfile -man_MANS = pam_listfile.8 -XMLS = README.xml pam_listfile.8.xml -TESTS = tst-pam_listfile -securelibdir = $(SECUREDIR) -secureconfdir = $(SCONFIGDIR) -AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include -AM_LDFLAGS = -no-undefined -avoid-version -module $(am__append_1) -securelib_LTLIBRARIES = pam_listfile.la -pam_listfile_la_LIBADD = -L$(top_builddir)/libpam -lpam -@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README -all: all-am - -.SUFFIXES: -.SUFFIXES: .c .lo .o .obj -$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) - @for dep in $?; do \ - case '$(am__configure_deps)' in \ - *$$dep*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ - && exit 0; \ - exit 1;; \ - esac; \ - done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_listfile/Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --gnu modules/pam_listfile/Makefile -.PRECIOUS: Makefile -Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status - @case '$?' in \ - *config.status*) \ - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ - *) \ - echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ - cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ - esac; - -$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh - -$(top_srcdir)/configure: $(am__configure_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -$(ACLOCAL_M4): $(am__aclocal_m4_deps) - cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh -install-securelibLTLIBRARIES: $(securelib_LTLIBRARIES) - @$(NORMAL_INSTALL) - test -z "$(securelibdir)" || $(MKDIR_P) "$(DESTDIR)$(securelibdir)" - @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ - if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(securelibdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(securelibLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(securelibdir)/$$f"; \ - else :; fi; \ - done - -uninstall-securelibLTLIBRARIES: - @$(NORMAL_UNINSTALL) - @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(securelibdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(securelibdir)/$$p"; \ - done - -clean-securelibLTLIBRARIES: - -test -z "$(securelib_LTLIBRARIES)" || rm -f $(securelib_LTLIBRARIES) - @list='$(securelib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done -pam_listfile.la: $(pam_listfile_la_OBJECTS) $(pam_listfile_la_DEPENDENCIES) - $(LINK) -rpath $(securelibdir) $(pam_listfile_la_OBJECTS) $(pam_listfile_la_LIBADD) $(LIBS) - -mostlyclean-compile: - -rm -f *.$(OBJEXT) - -distclean-compile: - -rm -f *.tab.c - -@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_listfile.Plo@am__quote@ - -.c.o: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c $< - -.c.obj: -@am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'` -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c `$(CYGPATH_W) '$<'` - -.c.lo: -@am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $< -@am__fastdepCC_TRUE@ mv -f $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ -@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< - -mostlyclean-libtool: - -rm -f *.lo - -clean-libtool: - -rm -rf .libs _libs -install-man8: $(man8_MANS) $(man_MANS) - @$(NORMAL_INSTALL) - test -z "$(man8dir)" || $(MKDIR_P) "$(DESTDIR)$(man8dir)" - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ - else file=$$i; fi; \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " $(INSTALL_DATA) '$$file' '$(DESTDIR)$(man8dir)/$$inst'"; \ - $(INSTALL_DATA) "$$file" "$(DESTDIR)$(man8dir)/$$inst"; \ - done -uninstall-man8: - @$(NORMAL_UNINSTALL) - @list='$(man8_MANS) $(dist_man8_MANS) $(nodist_man8_MANS)'; \ - l2='$(man_MANS) $(dist_man_MANS) $(nodist_man_MANS)'; \ - for i in $$l2; do \ - case "$$i" in \ - *.8*) list="$$list $$i" ;; \ - esac; \ - done; \ - for i in $$list; do \ - ext=`echo $$i | sed -e 's/^.*\\.//'`; \ - case "$$ext" in \ - 8*) ;; \ - *) ext='8' ;; \ - esac; \ - inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ - inst=`echo $$inst | sed -e 's/^.*\///'`; \ - inst=`echo $$inst | sed '$(transform)'`.$$ext; \ - echo " rm -f '$(DESTDIR)$(man8dir)/$$inst'"; \ - rm -f "$(DESTDIR)$(man8dir)/$$inst"; \ - done - -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ - test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ - fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ - || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique - -GTAGS: - here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here - -distclean-tags: - -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags - -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ - done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ - else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ - fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ - else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ - fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi - -distdir: $(DISTFILES) - @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ - list='$(DISTFILES)'; \ - dist_files=`for file in $$list; do echo $$file; done | \ - sed -e "s|^$$srcdirstrip/||;t" \ - -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \ - case $$dist_files in \ - */*) $(MKDIR_P) `echo "$$dist_files" | \ - sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \ - sort -u` ;; \ - esac; \ - for file in $$dist_files; do \ - if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ - if test -d $$d/$$file; then \ - dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ - if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ - fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ - else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ - || exit 1; \ - fi; \ - done -check-am: all-am - $(MAKE) $(AM_MAKEFLAGS) check-TESTS -check: check-am -all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA) -installdirs: - for dir in "$(DESTDIR)$(securelibdir)" "$(DESTDIR)$(man8dir)"; do \ - test -z "$$dir" || $(MKDIR_P) "$$dir"; \ - done -install: install-am -install-exec: install-exec-am -install-data: install-data-am -uninstall: uninstall-am - -install-am: all-am - @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am - -installcheck: installcheck-am -install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install -mostlyclean-generic: - -clean-generic: - -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) - -distclean-generic: - -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) - -maintainer-clean-generic: - @echo "This command is intended for maintainers to use" - @echo "it deletes files that may require special tools to rebuild." -clean: clean-am - -clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \ - mostlyclean-am - -distclean: distclean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -distclean-am: clean-am distclean-compile distclean-generic \ - distclean-tags - -dvi: dvi-am - -dvi-am: - -html: html-am - -info: info-am - -info-am: - -install-data-am: install-man install-securelibLTLIBRARIES - -install-dvi: install-dvi-am - -install-exec-am: - -install-html: install-html-am - -install-info: install-info-am - -install-man: install-man8 - -install-pdf: install-pdf-am - -install-ps: install-ps-am - -installcheck-am: - -maintainer-clean: maintainer-clean-am - -rm -rf ./$(DEPDIR) - -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic - -mostlyclean: mostlyclean-am - -mostlyclean-am: mostlyclean-compile mostlyclean-generic \ - mostlyclean-libtool - -pdf: pdf-am - -pdf-am: - -ps: ps-am - -ps-am: - -uninstall-am: uninstall-man uninstall-securelibLTLIBRARIES - -uninstall-man: uninstall-man8 - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS all all-am check check-TESTS check-am clean \ - clean-generic clean-libtool clean-securelibLTLIBRARIES ctags \ - distclean distclean-compile distclean-generic \ - distclean-libtool distclean-tags distdir dvi dvi-am html \ - html-am info info-am install install-am install-data \ - install-data-am install-dvi install-dvi-am install-exec \ - install-exec-am install-html install-html-am install-info \ - install-info-am install-man install-man8 install-pdf \ - install-pdf-am install-ps install-ps-am \ - install-securelibLTLIBRARIES install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-man uninstall-man8 \ - uninstall-securelibLTLIBRARIES - -@ENABLE_REGENERATE_MAN_TRUE@README: pam_listfile.8.xml -@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules -# Tell versions [3.59,3.63) of GNU make to not export all variables. -# Otherwise a system limit (for SysV at least) may be exceeded. -.NOEXPORT: diff --git a/Linux-PAM/modules/pam_listfile/README b/Linux-PAM/modules/pam_listfile/README deleted file mode 100644 index 7fe7051b..00000000 --- a/Linux-PAM/modules/pam_listfile/README +++ /dev/null @@ -1,101 +0,0 @@ -pam_listfile — deny or allow services based on an arbitrary file - -━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ - -DESCRIPTION - -pam_listfile is a PAM module which provides a way to deny or allow services -based on an arbitrary file. - -The module gets the item of the type specified -- user specifies the username, -PAM_USER; tty specifies the name of the terminal over which the request has -been made, PAM_TTY; rhost specifies the name of the remote host (if any) from -which the request was made, PAM_RHOST; and ruser specifies the name of the -remote user (if available) who made the request, PAM_RUSER -- and looks for an -instance of that item in the file=filename. filename contains one line per item -listed. If the item is found, then if sense=allow, PAM_SUCCESS is returned, -causing the authorization request to succeed; else if sense=deny, PAM_AUTH_ERR -is returned, causing the authorization request to fail. - -If an error is encountered (for instance, if filename does not exist, or a -poorly-constructed argument is encountered), then if onerr=succeed, PAM_SUCCESS -is returned, otherwise if onerr=fail, PAM_AUTH_ERR or PAM_SERVICE_ERR (as -appropriate) will be returned. - -An additional argument, apply=, can be used to restrict the application of the -above to a specific user (apply=username) or a given group (apply=@groupname). -This added restriction is only meaningful when used with the tty, rhost and -shell items. - -Besides this last one, all arguments should be specified; do not count on any -default behavior. - -No credentials are awarded by this module. - -OPTIONS - -item=[tty|user|rhost|ruser|group|shell] - - What is listed in the file and should be checked for. - -sense=[allow|deny] - - Action to take if found in file, if the item is NOT found in the file, then - the opposite action is requested. - -file=/path/filename - - File containing one item per line. The file needs to be a plain file and - not world writeable. - -onerr=[succeed|fail] - - What to do if something weird happens like being unable to open the file. - -apply=[user|@group] - - Restrict the user class for which the restriction apply. Note that with - item=[user|ruser|group] this does not make sense, but for item=[tty|rhost| - shell] it have a meaning. - -quiet - - Do not treat service refusals or missing list files as errors that need to - be logged. - -EXAMPLES - -Classic 'ftpusers' authentication can be implemented with this entry in /etc/ -pam.d/ftpd: - -# -# deny ftp-access to users listed in the /etc/ftpusers file -# -auth required pam_listfile.so \ - onerr=succeed item=user sense=deny file=/etc/ftpusers - - -Note, users listed in /etc/ftpusers file are (counterintuitively) not allowed -access to the ftp service. - -To allow login access only for certain users, you can use a /etc/pam.d/login -entry like this: - -# -# permit login to users listed in /etc/loginusers -# -auth required pam_listfile.so \ - onerr=fail item=user sense=allow file=/etc/loginusers - - -For this example to work, all users who are allowed to use the login service -should be listed in the file /etc/loginusers. Unless you are explicitly trying -to lock out root, make sure that when you do this, you leave a way for root to -log in, either by listing root in /etc/loginusers, or by listing a user who is -able to su to the root account. - -AUTHOR - -pam_listfile was written by Michael K. Johnson <johnsonm@redhat.com> and Elliot -Lee <sopwith@cuc.edu>. - diff --git a/Linux-PAM/modules/pam_listfile/README.xml b/Linux-PAM/modules/pam_listfile/README.xml deleted file mode 100644 index d851aef3..00000000 --- a/Linux-PAM/modules/pam_listfile/README.xml +++ /dev/null @@ -1,41 +0,0 @@ -<?xml version="1.0" encoding='UTF-8'?> -<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" -"http://www.docbook.org/xml/4.3/docbookx.dtd" -[ -<!-- -<!ENTITY pamaccess SYSTEM "pam_listfile.8.xml"> ---> -]> - -<article> - - <articleinfo> - - <title> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_listfile.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_listfile-name"]/*)'/> - </title> - - </articleinfo> - - <section> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-description"]/*)'/> - </section> - - <section> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-options"]/*)'/> - </section> - - <section> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-examples"]/*)'/> - </section> - - <section> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-author"]/*)'/> - </section> - -</article> diff --git a/Linux-PAM/modules/pam_listfile/pam_listfile.8 b/Linux-PAM/modules/pam_listfile/pam_listfile.8 deleted file mode 100644 index e14525d8..00000000 --- a/Linux-PAM/modules/pam_listfile/pam_listfile.8 +++ /dev/null @@ -1,189 +0,0 @@ -.\" Title: pam_listfile -.\" Author: -.\" Generator: DocBook XSL Stylesheets v1.73.1 <http://docbook.sf.net/> -.\" Date: 01/08/2008 -.\" Manual: Linux-PAM Manual -.\" Source: Linux-PAM Manual -.\" -.TH "PAM_LISTFILE" "8" "01/08/2008" "Linux-PAM Manual" "Linux\-PAM Manual" -.\" disable hyphenation -.nh -.\" disable justification (adjust text to left margin only) -.ad l -.SH "NAME" -pam_listfile - deny or allow services based on an arbitrary file -.SH "SYNOPSIS" -.HP 16 -\fBpam_listfile\.so\fR item=[tty|user|rhost|ruser|group|shell] sense=[allow|deny] file=\fI/path/filename\fR onerr=[succeed|fail] [apply=[\fIuser\fR|\fI@group\fR]] [quiet] -.SH "DESCRIPTION" -.PP -pam_listfile is a PAM module which provides a way to deny or allow services based on an arbitrary file\. -.PP -The module gets the -\fBitem\fR -of the type specified \-\- -\fIuser\fR -specifies the username, -\fIPAM_USER\fR; tty specifies the name of the terminal over which the request has been made, -\fIPAM_TTY\fR; rhost specifies the name of the remote host (if any) from which the request was made, -\fIPAM_RHOST\fR; and ruser specifies the name of the remote user (if available) who made the request, -\fIPAM_RUSER\fR -\-\- and looks for an instance of that item in the -\fBfile=\fR\fB\fIfilename\fR\fR\. -\fIfilename\fR -contains one line per item listed\. If the item is found, then if -\fBsense=\fR\fB\fIallow\fR\fR, -\fIPAM_SUCCESS\fR -is returned, causing the authorization request to succeed; else if -\fBsense=\fR\fB\fIdeny\fR\fR, -\fIPAM_AUTH_ERR\fR -is returned, causing the authorization request to fail\. -.PP -If an error is encountered (for instance, if -\fIfilename\fR -does not exist, or a poorly\-constructed argument is encountered), then if -\fIonerr=succeed\fR, -\fIPAM_SUCCESS\fR -is returned, otherwise if -\fIonerr=fail\fR, -\fIPAM_AUTH_ERR\fR -or -\fIPAM_SERVICE_ERR\fR -(as appropriate) will be returned\. -.PP -An additional argument, -\fBapply=\fR, can be used to restrict the application of the above to a specific user (\fBapply=\fR\fB\fIusername\fR\fR) or a given group (\fBapply=\fR\fB\fI@groupname\fR\fR)\. This added restriction is only meaningful when used with the -\fItty\fR, -\fIrhost\fR -and -\fIshell\fR -items\. -.PP -Besides this last one, all arguments should be specified; do not count on any default behavior\. -.PP -No credentials are awarded by this module\. -.SH "OPTIONS" -.PP -.PP -\fBitem=[tty|user|rhost|ruser|group|shell]\fR -.RS 4 -What is listed in the file and should be checked for\. -.RE -.PP -\fBsense=[allow|deny]\fR -.RS 4 -Action to take if found in file, if the item is NOT found in the file, then the opposite action is requested\. -.RE -.PP -\fBfile=\fR\fB\fI/path/filename\fR\fR -.RS 4 -File containing one item per line\. The file needs to be a plain file and not world writeable\. -.RE -.PP -\fBonerr=[succeed|fail]\fR -.RS 4 -What to do if something weird happens like being unable to open the file\. -.RE -.PP -\fBapply=[\fR\fB\fIuser\fR\fR\fB|\fR\fB\fI@group\fR\fR\fB]\fR -.RS 4 -Restrict the user class for which the restriction apply\. Note that with -\fBitem=[user|ruser|group]\fR -this does not make sense, but for -\fBitem=[tty|rhost|shell]\fR -it have a meaning\. -.RE -.PP -\fBquiet\fR -.RS 4 -Do not treat service refusals or missing list files as errors that need to be logged\. -.RE -.SH "MODULE SERVICES PROVIDED" -.PP -The services -\fBauth\fR, -\fBaccount\fR, -\fBpassword\fR -and -\fBsession\fR -are supported\. -.SH "RETURN VALUES" -.PP -.PP -PAM_AUTH_ERR -.RS 4 -Authentication failure\. -.RE -.PP -PAM_BUF_ERR -.RS 4 -Memory buffer error\. -.RE -.PP -PAM_IGNORE -.RS 4 -The rule does not apply to the -\fBapply\fR -option\. -.RE -.PP -PAM_SERVICE_ERR -.RS 4 -Error in service module\. -.RE -.PP -PAM_SUCCESS -.RS 4 -Success\. -.RE -.SH "EXAMPLES" -.PP -Classic \'ftpusers\' authentication can be implemented with this entry in -\fI/etc/pam\.d/ftpd\fR: -.sp -.RS 4 -.nf -# -# deny ftp\-access to users listed in the /etc/ftpusers file -# -auth required pam_listfile\.so \e - onerr=succeed item=user sense=deny file=/etc/ftpusers - -.fi -.RE -.sp -Note, users listed in -\fI/etc/ftpusers\fR -file are (counterintuitively) -\fInot\fR -allowed access to the ftp service\. -.PP -To allow login access only for certain users, you can use a -\fI/etc/pam\.d/login\fR -entry like this: -.sp -.RS 4 -.nf -# -# permit login to users listed in /etc/loginusers -# -auth required pam_listfile\.so \e - onerr=fail item=user sense=allow file=/etc/loginusers - -.fi -.RE -.sp -For this example to work, all users who are allowed to use the login service should be listed in the file -\fI/etc/loginusers\fR\. Unless you are explicitly trying to lock out root, make sure that when you do this, you leave a way for root to log in, either by listing root in -\fI/etc/loginusers\fR, or by listing a user who is able to -\fIsu\fR -to the root account\. -.SH "SEE ALSO" -.PP - -\fBpam.conf\fR(5), -\fBpam.d\fR(8), -\fBpam\fR(8) -.SH "AUTHOR" -.PP -pam_listfile was written by Michael K\. Johnson <johnsonm@redhat\.com> and Elliot Lee <sopwith@cuc\.edu>\. diff --git a/Linux-PAM/modules/pam_listfile/pam_listfile.8.xml b/Linux-PAM/modules/pam_listfile/pam_listfile.8.xml deleted file mode 100644 index e54e80a4..00000000 --- a/Linux-PAM/modules/pam_listfile/pam_listfile.8.xml +++ /dev/null @@ -1,297 +0,0 @@ -<?xml version="1.0" encoding='UTF-8'?> -<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" - "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd"> - -<refentry id="pam_listfile"> - - <refmeta> - <refentrytitle>pam_listfile</refentrytitle> - <manvolnum>8</manvolnum> - <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo> - </refmeta> - - <refnamediv id="pam_listfile-name"> - <refname>pam_listfile</refname> - <refpurpose>deny or allow services based on an arbitrary file</refpurpose> - </refnamediv> - - <refsynopsisdiv> - <cmdsynopsis id="pam_listfile-cmdsynopsis"> - <command>pam_listfile.so</command> - <arg choice="plain"> - item=[tty|user|rhost|ruser|group|shell] - </arg> - <arg choice="plain"> - sense=[allow|deny] - </arg> - <arg choice="plain"> - file=<replaceable>/path/filename</replaceable> - </arg> - <arg choice="plain"> - onerr=[succeed|fail] - </arg> - <arg choice="opt"> - apply=[<replaceable>user</replaceable>|<replaceable>@group</replaceable>] - </arg> - <arg choice="opt"> - quiet - </arg> - </cmdsynopsis> - </refsynopsisdiv> - - <refsect1 id="pam_listfile-description"> - - <title>DESCRIPTION</title> - - <para> - pam_listfile is a PAM module which provides a way to deny or - allow services based on an arbitrary file. - </para> - <para> - The module gets the <option>item</option> of the type specified -- - <emphasis>user</emphasis> specifies the username, - <emphasis>PAM_USER</emphasis>; tty specifies the name of the terminal - over which the request has been made, <emphasis>PAM_TTY</emphasis>; - rhost specifies the name of the remote host (if any) from which the - request was made, <emphasis>PAM_RHOST</emphasis>; and ruser specifies - the name of the remote user (if available) who made the request, - <emphasis>PAM_RUSER</emphasis> -- and looks for an instance of that - item in the <option>file=<replaceable>filename</replaceable></option>. - <filename>filename</filename> contains one line per item listed. If - the item is found, then if - <option>sense=<replaceable>allow</replaceable></option>, - <emphasis>PAM_SUCCESS</emphasis> is returned, causing the authorization - request to succeed; else if - <option>sense=<replaceable>deny</replaceable></option>, - <emphasis>PAM_AUTH_ERR</emphasis> is returned, causing the authorization - request to fail. - </para> - <para> - If an error is encountered (for instance, if - <filename>filename</filename> does not exist, or a poorly-constructed - argument is encountered), then if <emphasis>onerr=succeed</emphasis>, - <emphasis>PAM_SUCCESS</emphasis> is returned, otherwise if - <emphasis>onerr=fail</emphasis>, <emphasis>PAM_AUTH_ERR</emphasis> or - <emphasis>PAM_SERVICE_ERR</emphasis> (as appropriate) will be returned. - </para> - <para> - An additional argument, <option>apply=</option>, can be used - to restrict the application of the above to a specific user - (<option>apply=<replaceable>username</replaceable></option>) - or a given group - (<option>apply=<replaceable>@groupname</replaceable></option>). - This added restriction is only meaningful when used with the - <emphasis>tty</emphasis>, <emphasis>rhost</emphasis> and - <emphasis>shell</emphasis> items. - </para> - <para> - Besides this last one, all arguments should be specified; do not - count on any default behavior. - </para> - <para> - No credentials are awarded by this module. - </para> - </refsect1> - - <refsect1 id="pam_listfile-options"> - - <title>OPTIONS</title> - <para> - <variablelist> - - <varlistentry> - <term> - <option>item=[tty|user|rhost|ruser|group|shell]</option> - </term> - <listitem> - <para> - What is listed in the file and should be checked for. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - <option>sense=[allow|deny]</option> - </term> - <listitem> - <para> - Action to take if found in file, if the item is NOT found in - the file, then the opposite action is requested. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - <option>file=<replaceable>/path/filename</replaceable></option> - </term> - <listitem> - <para> - File containing one item per line. The file needs to be a plain - file and not world writeable. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - <option>onerr=[succeed|fail]</option> - </term> - <listitem> - <para> - What to do if something weird happens like being unable to open - the file. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - <option>apply=[<replaceable>user</replaceable>|<replaceable>@group</replaceable>]</option> - </term> - <listitem> - <para> - Restrict the user class for which the restriction apply. Note that - with <option>item=[user|ruser|group]</option> this does not make sense, - but for <option>item=[tty|rhost|shell]</option> it have a meaning. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term> - <option>quiet</option> - </term> - <listitem> - <para> - Do not treat service refusals or missing list files as - errors that need to be logged. - </para> - </listitem> - </varlistentry> - </variablelist> - - </para> - </refsect1> - - <refsect1 id="pam_listfile-services"> - <title>MODULE SERVICES PROVIDED</title> - <para> - The services <option>auth</option>, <option>account</option>, - <option>password</option> and <option>session</option> are supported. - </para> - </refsect1> - - <refsect1 id='pam_listfile-return_values'> - <title>RETURN VALUES</title> - <para> - <variablelist> - - <varlistentry> - <term>PAM_AUTH_ERR</term> - <listitem> - <para>Authentication failure.</para> - </listitem> - </varlistentry> - - <varlistentry> - <term>PAM_BUF_ERR</term> - <listitem> - <para> - Memory buffer error. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>PAM_IGNORE</term> - <listitem> - <para> - The rule does not apply to the <option>apply</option> option. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>PAM_SERVICE_ERR</term> - <listitem> - <para> - Error in service module. - </para> - </listitem> - </varlistentry> - - <varlistentry> - <term>PAM_SUCCESS</term> - <listitem> - <para> - Success. - </para> - </listitem> - </varlistentry> - - </variablelist> - </para> - </refsect1> - - <refsect1 id='pam_listfile-examples'> - <title>EXAMPLES</title> - <para> - Classic 'ftpusers' authentication can be implemented with this entry - in <filename>/etc/pam.d/ftpd</filename>: - <programlisting> -# -# deny ftp-access to users listed in the /etc/ftpusers file -# -auth required pam_listfile.so \ - onerr=succeed item=user sense=deny file=/etc/ftpusers - </programlisting> - Note, users listed in <filename>/etc/ftpusers</filename> file are - (counterintuitively) <emphasis>not</emphasis> allowed access to - the ftp service. - </para> - <para> - To allow login access only for certain users, you can use a - <filename>/etc/pam.d/login</filename> entry like this: - <programlisting> -# -# permit login to users listed in /etc/loginusers -# -auth required pam_listfile.so \ - onerr=fail item=user sense=allow file=/etc/loginusers - </programlisting> - For this example to work, all users who are allowed to use the - login service should be listed in the file - <filename>/etc/loginusers</filename>. Unless you are explicitly - trying to lock out root, make sure that when you do this, you leave - a way for root to log in, either by listing root in - <filename>/etc/loginusers</filename>, or by listing a user who is - able to <emphasis>su</emphasis> to the root account. - </para> - </refsect1> - - <refsect1 id='pam_listfile-see_also'> - <title>SEE ALSO</title> - <para> - <citerefentry> - <refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum> - </citerefentry>, - <citerefentry> - <refentrytitle>pam.d</refentrytitle><manvolnum>8</manvolnum> - </citerefentry>, - <citerefentry> - <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum> - </citerefentry> - </para> - </refsect1> - - <refsect1 id='pam_listfile-author'> - <title>AUTHOR</title> - <para> - pam_listfile was written by Michael K. Johnson <johnsonm@redhat.com> - and Elliot Lee <sopwith@cuc.edu>. - </para> - </refsect1> - -</refentry> diff --git a/Linux-PAM/modules/pam_listfile/pam_listfile.c b/Linux-PAM/modules/pam_listfile/pam_listfile.c deleted file mode 100644 index f276e5b8..00000000 --- a/Linux-PAM/modules/pam_listfile/pam_listfile.c +++ /dev/null @@ -1,462 +0,0 @@ -/* - * by Elliot Lee <sopwith@redhat.com>, Red Hat Software. July 25, 1996. - * log refused access error christopher mccrory <chrismcc@netus.com> 1998/7/11 - * - * This code began life as the pam_rootok module. - */ - -#include "config.h" - -#include <stdio.h> -#include <stdlib.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <unistd.h> -#include <syslog.h> -#include <stdarg.h> -#include <string.h> -#include <pwd.h> -#include <grp.h> - -#ifdef DEBUG -#include <assert.h> -#endif - -/* - * here, we make a definition for the externally accessible function - * in this file (this definition is required for static a module - * but strongly encouraged generally) it is used to instruct the - * modules include file to define the function prototypes. - */ - -#define PAM_SM_AUTH -#define PAM_SM_ACCOUNT -#define PAM_SM_PASSWORD -#define PAM_SM_SESSION - -#include <security/pam_modules.h> -#include <security/_pam_macros.h> -#include <security/pam_modutil.h> -#include <security/pam_ext.h> - -/* checks if a user is on a list of members */ -static int is_on_list(char * const *list, const char *member) -{ - while (*list) { - if (strcmp(*list, member) == 0) - return 1; - list++; - } - return 0; -} - -/* --- authentication management functions (only) --- */ - -/* Extended Items that are not directly available via pam_get_item() */ -#define EI_GROUP (1 << 0) -#define EI_SHELL (1 << 1) - -/* Constants for apply= parameter */ -#define APPLY_TYPE_NULL 0 -#define APPLY_TYPE_NONE 1 -#define APPLY_TYPE_USER 2 -#define APPLY_TYPE_GROUP 3 - -#define LESSER(a, b) ((a) < (b) ? (a) : (b)) - -PAM_EXTERN int -pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, - int argc, const char **argv) -{ - int retval, i, citem=0, extitem=0, onerr=PAM_SERVICE_ERR, sense=2, quiet=0; - const void *void_citemp; - const char *citemp; - char *ifname=NULL; - char aline[256]; - char mybuf[256],myval[256]; - struct stat fileinfo; - FILE *inf; - char apply_val[256]; - int apply_type; - - /* Stuff for "extended" items */ - struct passwd *userinfo; - struct group *grpinfo; - char *itemlist[256]; /* Maximum of 256 items */ - - apply_type=APPLY_TYPE_NULL; - memset(apply_val,0,sizeof(apply_val)); - - for(i=0; i < argc; i++) { - { - const char *junk; - - memset(mybuf,'\0',sizeof(mybuf)); - memset(myval,'\0',sizeof(mybuf)); - junk = strchr(argv[i], '='); - if((junk == NULL) || (junk - argv[i]) >= (int) sizeof(mybuf)) { - pam_syslog(pamh,LOG_ERR, "Bad option: \"%s\"", - argv[i]); - continue; - } - strncpy(mybuf, argv[i], - LESSER(junk - argv[i], (int)sizeof(mybuf) - 1)); - strncpy(myval, junk + 1, sizeof(myval) - 1); - } - if(!strcmp(mybuf,"onerr")) - if(!strcmp(myval,"succeed")) - onerr = PAM_SUCCESS; - else if(!strcmp(myval,"fail")) - onerr = PAM_SERVICE_ERR; - else { - if (ifname) free (ifname); - return PAM_SERVICE_ERR; - } - else if(!strcmp(mybuf,"sense")) - if(!strcmp(myval,"allow")) - sense=0; - else if(!strcmp(myval,"deny")) - sense=1; - else { - if (ifname) free (ifname); - return onerr; - } - else if(!strcmp(mybuf,"file")) { - if (ifname) free (ifname); - ifname = (char *)malloc(strlen(myval)+1); - if (!ifname) - return PAM_BUF_ERR; - strcpy(ifname,myval); - } else if(!strcmp(mybuf,"item")) - if(!strcmp(myval,"user")) - citem = PAM_USER; - else if(!strcmp(myval,"tty")) - citem = PAM_TTY; - else if(!strcmp(myval,"rhost")) - citem = PAM_RHOST; - else if(!strcmp(myval,"ruser")) - citem = PAM_RUSER; - else { /* These items are related to the user, but are not - directly gettable with pam_get_item */ - citem = PAM_USER; - if(!strcmp(myval,"group")) - extitem = EI_GROUP; - else if(!strcmp(myval,"shell")) - extitem = EI_SHELL; - else - citem = 0; - } else if(!strcmp(mybuf,"apply")) { - apply_type=APPLY_TYPE_NONE; - memset(apply_val,'\0',sizeof(apply_val)); - if (myval[0]=='@') { - apply_type=APPLY_TYPE_GROUP; - strncpy(apply_val,myval+1,sizeof(apply_val)-1); - } else { - apply_type=APPLY_TYPE_USER; - strncpy(apply_val,myval,sizeof(apply_val)-1); - } - } else if (!strcmp(mybuf,"quiet")) { - quiet = 1; - } else { - free(ifname); - pam_syslog(pamh,LOG_ERR, "Unknown option: %s",mybuf); - return onerr; - } - } - - if(!citem) { - pam_syslog(pamh,LOG_ERR, - "Unknown item or item not specified"); - free(ifname); - return onerr; - } else if(!ifname) { - pam_syslog(pamh,LOG_ERR, "List filename not specified"); - return onerr; - } else if(sense == 2) { - pam_syslog(pamh,LOG_ERR, - "Unknown sense or sense not specified"); - free(ifname); - return onerr; - } else if( - (apply_type==APPLY_TYPE_NONE) || - ((apply_type!=APPLY_TYPE_NULL) && (*apply_val=='\0')) - ) { - pam_syslog(pamh,LOG_ERR, - "Invalid usage for apply= parameter"); - free (ifname); - return onerr; - } - - /* Check if it makes sense to use the apply= parameter */ - if (apply_type != APPLY_TYPE_NULL) { - if((citem==PAM_USER) || (citem==PAM_RUSER)) { - pam_syslog(pamh,LOG_WARNING, - "Non-sense use for apply= parameter"); - apply_type=APPLY_TYPE_NULL; - } - if(extitem && (extitem==EI_GROUP)) { - pam_syslog(pamh,LOG_WARNING, - "Non-sense use for apply= parameter"); - apply_type=APPLY_TYPE_NULL; - } - } - - /* Short-circuit - test if this session apply for this user */ - { - const char *user_name; - int rval; - - rval=pam_get_user(pamh,&user_name,NULL); - if((rval==PAM_SUCCESS) && user_name && user_name[0]) { - /* Got it ? Valid ? */ - if(apply_type==APPLY_TYPE_USER) { - if(strcmp(user_name, apply_val)) { - /* Does not apply to this user */ -#ifdef DEBUG - pam_syslog(pamh,LOG_DEBUG, - "don't apply: apply=%s, user=%s", - apply_val,user_name); -#endif /* DEBUG */ - free(ifname); - return PAM_IGNORE; - } - } else if(apply_type==APPLY_TYPE_GROUP) { - if(!pam_modutil_user_in_group_nam_nam(pamh,user_name,apply_val)) { - /* Not a member of apply= group */ -#ifdef DEBUG - pam_syslog(pamh,LOG_DEBUG, - - "don't apply: %s not a member of group %s", - user_name,apply_val); -#endif /* DEBUG */ - free(ifname); - return PAM_IGNORE; - } - } - } - } - - retval = pam_get_item(pamh,citem,&void_citemp); - citemp = void_citemp; - if(retval != PAM_SUCCESS) { - return onerr; - } - if((citem == PAM_USER) && !citemp) { - retval = pam_get_user(pamh,&citemp,NULL); - if (retval != PAM_SUCCESS || !citemp) { - free(ifname); - return PAM_SERVICE_ERR; - } - } - if((citem == PAM_TTY) && citemp) { - /* Normalize the TTY name. */ - if(strncmp(citemp, "/dev/", 5) == 0) { - citemp += 5; - } - } - - if(!citemp || (strlen(citemp) == 0)) { - free(ifname); - /* The item was NULL - we are sure not to match */ - return sense?PAM_SUCCESS:PAM_AUTH_ERR; - } - - if(extitem) { - switch(extitem) { - case EI_GROUP: - userinfo = pam_modutil_getpwnam(pamh, citemp); - if (userinfo == NULL) { - pam_syslog(pamh,LOG_ERR, "getpwnam(%s) failed", - citemp); - free(ifname); - return onerr; - } - grpinfo = pam_modutil_getgrgid(pamh, userinfo->pw_gid); - if (grpinfo == NULL) { - pam_syslog(pamh,LOG_ERR, "getgrgid(%d) failed", - (int)userinfo->pw_gid); - free(ifname); - return onerr; - } - itemlist[0] = x_strdup(grpinfo->gr_name); - setgrent(); - for (i=1; (i < (int)(sizeof(itemlist)/sizeof(itemlist[0])-1)) && - (grpinfo = getgrent()); ) { - if (is_on_list(grpinfo->gr_mem,citemp)) { - itemlist[i++] = x_strdup(grpinfo->gr_name); - } - } - endgrent(); - itemlist[i] = NULL; - break; - case EI_SHELL: - /* Assume that we have already gotten PAM_USER in - pam_get_item() - a valid assumption since citem - gets set to PAM_USER in the extitem switch */ - userinfo = pam_modutil_getpwnam(pamh, citemp); - if (userinfo == NULL) { - pam_syslog(pamh,LOG_ERR, "getpwnam(%s) failed", - citemp); - free(ifname); - return onerr; - } - citemp = userinfo->pw_shell; - break; - default: - pam_syslog(pamh,LOG_ERR, - - "Internal weirdness, unknown extended item %d", - extitem); - free(ifname); - return onerr; - } - } -#ifdef DEBUG - pam_syslog(pamh,LOG_INFO, - - "Got file = %s, item = %d, value = %s, sense = %d", - ifname, citem, citemp, sense); -#endif - if(lstat(ifname,&fileinfo)) { - pam_syslog(pamh,LOG_ERR, "Couldn't open %s",ifname); - free(ifname); - return onerr; - } - - if((fileinfo.st_mode & S_IWOTH) - || !S_ISREG(fileinfo.st_mode)) { - /* If the file is world writable or is not a - normal file, return error */ - pam_syslog(pamh,LOG_ERR, - "%s is either world writable or not a normal file", - ifname); - free(ifname); - return PAM_AUTH_ERR; - } - - inf = fopen(ifname,"r"); - if(inf == NULL) { /* Check that we opened it successfully */ - if (onerr == PAM_SERVICE_ERR) { - /* Only report if it's an error... */ - pam_syslog(pamh,LOG_ERR, "Error opening %s", ifname); - } - free(ifname); - return onerr; - } - /* There should be no more errors from here on */ - retval=PAM_AUTH_ERR; - /* This loop assumes that PAM_SUCCESS == 0 - and PAM_AUTH_ERR != 0 */ -#ifdef DEBUG - assert(PAM_SUCCESS == 0); - assert(PAM_AUTH_ERR != 0); -#endif - if(extitem == EI_GROUP) { - while((fgets(aline,sizeof(aline),inf) != NULL) - && retval) { - if(strlen(aline) == 0) - continue; - if(aline[strlen(aline) - 1] == '\n') - aline[strlen(aline) - 1] = '\0'; - for(i=0;itemlist[i];) - /* If any of the items match, strcmp() == 0, and we get out - of this loop */ - retval = (strcmp(aline,itemlist[i++]) && retval); - } - for(i=0;itemlist[i];) - free(itemlist[i++]); - } else { - while((fgets(aline,sizeof(aline),inf) != NULL) - && retval) { - char *a = aline; - if(strlen(aline) == 0) - continue; - if(aline[strlen(aline) - 1] == '\n') - aline[strlen(aline) - 1] = '\0'; - if(strlen(aline) == 0) - continue; - if(aline[strlen(aline) - 1] == '\r') - aline[strlen(aline) - 1] = '\0'; - if(citem == PAM_TTY) - if(strncmp(a, "/dev/", 5) == 0) - a += 5; - retval = strcmp(a,citemp); - } - } - fclose(inf); - free(ifname); - if ((sense && retval) || (!sense && !retval)) { -#ifdef DEBUG - pam_syslog(pamh,LOG_INFO, - "Returning PAM_SUCCESS, retval = %d", retval); -#endif - return PAM_SUCCESS; - } - else { - const void *service; - const char *user_name; -#ifdef DEBUG - pam_syslog(pamh,LOG_INFO, - "Returning PAM_AUTH_ERR, retval = %d", retval); -#endif - (void) pam_get_item(pamh, PAM_SERVICE, &service); - (void) pam_get_user(pamh, &user_name, NULL); - if (!quiet) - pam_syslog (pamh, LOG_ALERT, "Refused user %s for service %s", - user_name, (const char *)service); - return PAM_AUTH_ERR; - } -} - -PAM_EXTERN int -pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED, - int argc UNUSED, const char **argv UNUSED) -{ - return PAM_SUCCESS; -} - -PAM_EXTERN int -pam_sm_acct_mgmt (pam_handle_t *pamh, int flags, - int argc, const char **argv) -{ - return pam_sm_authenticate(pamh, flags, argc, argv); -} - -PAM_EXTERN int -pam_sm_open_session (pam_handle_t *pamh, int flags, - int argc, const char **argv) -{ - return pam_sm_authenticate(pamh, flags, argc, argv); -} - -PAM_EXTERN int -pam_sm_close_session (pam_handle_t *pamh, int flags, - int argc, const char **argv) -{ - return pam_sm_authenticate(pamh, flags, argc, argv); -} - -PAM_EXTERN int -pam_sm_chauthtok (pam_handle_t *pamh, int flags, - int argc, const char **argv) -{ - return pam_sm_authenticate(pamh, flags, argc, argv); -} - -#ifdef PAM_STATIC - -/* static module data */ - -struct pam_module _pam_listfile_modstruct = { - "pam_listfile", - pam_sm_authenticate, - pam_sm_setcred, - pam_sm_acct_mgmt, - pam_sm_open_session, - pam_sm_close_session, - pam_sm_chauthtok, -}; - -#endif /* PAM_STATIC */ - -/* end of module definition */ diff --git a/Linux-PAM/modules/pam_listfile/tst-pam_listfile b/Linux-PAM/modules/pam_listfile/tst-pam_listfile deleted file mode 100755 index f555a9f5..00000000 --- a/Linux-PAM/modules/pam_listfile/tst-pam_listfile +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -../../tests/tst-dlopen .libs/pam_listfile.so |