diff options
Diffstat (limited to 'Linux-PAM/modules/pam_pwdb')
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/BUGS | 2 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/CHANGELOG | 2 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/Makefile | 7 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/TODO | 2 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/md5.c | 2 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/md5_crypt.c | 2 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/pam_pwdb.c | 4 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/pam_unix_acct.-c | 4 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c | 4 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/pam_unix_passwd.-c | 4 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/pam_unix_pwupd.-c | 2 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/pam_unix_sess.-c | 4 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/pwdb_chkpwd.c | 2 | ||||
| -rw-r--r-- | Linux-PAM/modules/pam_pwdb/support.-c | 28 |
14 files changed, 46 insertions, 23 deletions
diff --git a/Linux-PAM/modules/pam_pwdb/BUGS b/Linux-PAM/modules/pam_pwdb/BUGS index 7258822c..d51686e5 100644 --- a/Linux-PAM/modules/pam_pwdb/BUGS +++ b/Linux-PAM/modules/pam_pwdb/BUGS @@ -1,3 +1,3 @@ -$Id: BUGS,v 1.1.1.1 2001/04/29 04:17:27 hartmans Exp $ +$Id: BUGS,v 1.2 2000/12/04 19:02:34 baggins Exp $ As of Linux-PAM-0.52 this is new. No known bugs yet. diff --git a/Linux-PAM/modules/pam_pwdb/CHANGELOG b/Linux-PAM/modules/pam_pwdb/CHANGELOG index 78c1a239..a3614031 100644 --- a/Linux-PAM/modules/pam_pwdb/CHANGELOG +++ b/Linux-PAM/modules/pam_pwdb/CHANGELOG @@ -1,4 +1,4 @@ -$Id: CHANGELOG,v 1.1.1.1 2001/04/29 04:17:27 hartmans Exp $ +$Id: CHANGELOG,v 1.1.1.1 2000/06/20 22:11:46 agmorgan Exp $ Tue Apr 23 12:28:09 EDT 1996 (Alexander O. Yuriev alex@bach.cis.temple.edu) diff --git a/Linux-PAM/modules/pam_pwdb/Makefile b/Linux-PAM/modules/pam_pwdb/Makefile index bce2950f..228c6704 100644 --- a/Linux-PAM/modules/pam_pwdb/Makefile +++ b/Linux-PAM/modules/pam_pwdb/Makefile @@ -1,4 +1,4 @@ -# $Id: Makefile,v 1.1.1.1 2001/04/29 04:17:27 hartmans Exp $ +# $Id: Makefile,v 1.3 2004/09/28 13:48:47 kukuk Exp $ # # This Makefile controls a build process of the pam_unix module # for Linux-PAM. You should not modify this Makefile. @@ -17,6 +17,9 @@ EXTRAS += -DCHKPWD_HELPER=\"$(SUPLEMENTED)/$(CHKPWD)\" ifeq ($(HAVE_LIBCRYPT),yes) EXTRALS += -lcrypt endif +ifeq ($(HAVE_LIBNSL),yes) + EXTRALS += -lnsl +endif TITLE=pam_pwdb CHKPWD=pwdb_chkpwd @@ -53,7 +56,7 @@ info: $(CHKPWD): pwdb_chkpwd.o md5_good.o md5_broken.o \ md5_crypt_good.o md5_crypt_broken.o - $(CC) -o $(CHKPWD) $^ -lpwdb + $(CC) $(CFLAGS) -o $(CHKPWD) $^ $(LDFLAGS) -lpwdb $(EXTRALS) pwdb_chkpwd.o: pwdb_chkpwd.c pam_unix_md.-c bigcrypt.-c diff --git a/Linux-PAM/modules/pam_pwdb/TODO b/Linux-PAM/modules/pam_pwdb/TODO index 04635859..520a262e 100644 --- a/Linux-PAM/modules/pam_pwdb/TODO +++ b/Linux-PAM/modules/pam_pwdb/TODO @@ -1,4 +1,4 @@ -$Id: TODO,v 1.1.1.1 2001/04/29 04:17:27 hartmans Exp $ +$Id: TODO,v 1.1.1.1 2000/06/20 22:11:47 agmorgan Exp $ * get NIS working * .. including "nonis" argument diff --git a/Linux-PAM/modules/pam_pwdb/md5.c b/Linux-PAM/modules/pam_pwdb/md5.c index a0e5a974..44282941 100644 --- a/Linux-PAM/modules/pam_pwdb/md5.c +++ b/Linux-PAM/modules/pam_pwdb/md5.c @@ -1,4 +1,4 @@ -/* $Id: md5.c,v 1.1.1.1 2001/04/29 04:17:27 hartmans Exp $ +/* $Id: md5.c,v 1.2 2000/12/04 19:02:34 baggins Exp $ * * This code implements the MD5 message-digest algorithm. * The algorithm is due to Ron Rivest. This code was diff --git a/Linux-PAM/modules/pam_pwdb/md5_crypt.c b/Linux-PAM/modules/pam_pwdb/md5_crypt.c index 28f22727..826087f2 100644 --- a/Linux-PAM/modules/pam_pwdb/md5_crypt.c +++ b/Linux-PAM/modules/pam_pwdb/md5_crypt.c @@ -1,4 +1,4 @@ -/* $Id: md5_crypt.c,v 1.1.1.1 2001/04/29 04:17:27 hartmans Exp $ +/* $Id: md5_crypt.c,v 1.2 2000/12/04 19:02:34 baggins Exp $ * * ---------------------------------------------------------------------------- * "THE BEER-WARE LICENSE" (Revision 42): diff --git a/Linux-PAM/modules/pam_pwdb/pam_pwdb.c b/Linux-PAM/modules/pam_pwdb/pam_pwdb.c index c2a5639c..8c75ac23 100644 --- a/Linux-PAM/modules/pam_pwdb/pam_pwdb.c +++ b/Linux-PAM/modules/pam_pwdb/pam_pwdb.c @@ -1,5 +1,5 @@ /* - * $Id: pam_pwdb.c,v 1.1.1.1 2001/04/29 04:17:28 hartmans Exp $ + * $Id: pam_pwdb.c,v 1.3 2000/11/19 23:54:04 agmorgan Exp $ * * This is the single file that will be compiled for pam_unix. * it includes each of the modules that have beed defined in the .-c @@ -14,7 +14,7 @@ */ static const char rcsid[] = -"$Id: pam_pwdb.c,v 1.1.1.1 2001/04/29 04:17:28 hartmans Exp $\n" +"$Id: pam_pwdb.c,v 1.3 2000/11/19 23:54:04 agmorgan Exp $\n" " - PWDB Pluggable Authentication module. <morgan@linux.kernel.org>" ; diff --git a/Linux-PAM/modules/pam_pwdb/pam_unix_acct.-c b/Linux-PAM/modules/pam_pwdb/pam_unix_acct.-c index 3a6ff1ed..adcb6538 100644 --- a/Linux-PAM/modules/pam_pwdb/pam_unix_acct.-c +++ b/Linux-PAM/modules/pam_pwdb/pam_unix_acct.-c @@ -1,11 +1,11 @@ /* - * $Id: pam_unix_acct.-c,v 1.1.1.1 2001/04/29 04:17:28 hartmans Exp $ + * $Id: pam_unix_acct.-c,v 1.2 2000/12/04 19:02:34 baggins Exp $ * * See end of file for copyright information */ static const char rcsid_acct[] = -"$Id: pam_unix_acct.-c,v 1.1.1.1 2001/04/29 04:17:28 hartmans Exp $\n" +"$Id: pam_unix_acct.-c,v 1.2 2000/12/04 19:02:34 baggins Exp $\n" " - PAM_PWDB account management <gafton@redhat.com>"; /* the shadow suite has accout managment.. */ diff --git a/Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c b/Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c index 14d74b74..31230394 100644 --- a/Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c +++ b/Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c @@ -1,11 +1,11 @@ /* - * $Id: pam_unix_auth.-c,v 1.1.1.1 2001/04/29 04:17:28 hartmans Exp $ + * $Id: pam_unix_auth.-c,v 1.1.1.1 2000/06/20 22:11:49 agmorgan Exp $ * * See end of file for Copyright information. */ static const char rcsid_auth[] = -"$Id: pam_unix_auth.-c,v 1.1.1.1 2001/04/29 04:17:28 hartmans Exp $: pam_unix_auth.-c,v 1.2 1996/09/05 06:46:53 morgan Exp morgan $\n" +"$Id: pam_unix_auth.-c,v 1.1.1.1 2000/06/20 22:11:49 agmorgan Exp $: pam_unix_auth.-c,v 1.2 1996/09/05 06:46:53 morgan Exp morgan $\n" " - PAM_PWDB authentication functions. <morgan@parc.power.net>"; /* diff --git a/Linux-PAM/modules/pam_pwdb/pam_unix_passwd.-c b/Linux-PAM/modules/pam_pwdb/pam_unix_passwd.-c index dc106431..7ed65000 100644 --- a/Linux-PAM/modules/pam_pwdb/pam_unix_passwd.-c +++ b/Linux-PAM/modules/pam_pwdb/pam_unix_passwd.-c @@ -1,7 +1,7 @@ -/* $Id: pam_unix_passwd.-c,v 1.1.1.2 2002/09/15 20:08:55 hartmans Exp $ */ +/* $Id: pam_unix_passwd.-c,v 1.3 2001/11/12 06:57:38 agmorgan Exp $ */ static const char rcsid_pass[] = -"$Id: pam_unix_passwd.-c,v 1.1.1.2 2002/09/15 20:08:55 hartmans Exp $\n" +"$Id: pam_unix_passwd.-c,v 1.3 2001/11/12 06:57:38 agmorgan Exp $\n" " - PAM_PWDB password module <morgan@parc.power.net>" ; diff --git a/Linux-PAM/modules/pam_pwdb/pam_unix_pwupd.-c b/Linux-PAM/modules/pam_pwdb/pam_unix_pwupd.-c index adb286e2..a1fc65ff 100644 --- a/Linux-PAM/modules/pam_pwdb/pam_unix_pwupd.-c +++ b/Linux-PAM/modules/pam_pwdb/pam_unix_pwupd.-c @@ -1,5 +1,5 @@ /* - * $Id: pam_unix_pwupd.-c,v 1.1.1.1 2001/04/29 04:17:29 hartmans Exp $ + * $Id: pam_unix_pwupd.-c,v 1.1.1.1 2000/06/20 22:11:51 agmorgan Exp $ * * This file contains the routines to update the passwd databases. */ diff --git a/Linux-PAM/modules/pam_pwdb/pam_unix_sess.-c b/Linux-PAM/modules/pam_pwdb/pam_unix_sess.-c index 3e03fc55..395bd9bb 100644 --- a/Linux-PAM/modules/pam_pwdb/pam_unix_sess.-c +++ b/Linux-PAM/modules/pam_pwdb/pam_unix_sess.-c @@ -1,11 +1,11 @@ /* - * $Id: pam_unix_sess.-c,v 1.1.1.1 2001/04/29 04:17:29 hartmans Exp $ + * $Id: pam_unix_sess.-c,v 1.2 2000/12/04 19:02:34 baggins Exp $ * * See end for Copyright information */ static const char rcsid_sess[] = -"$Id: pam_unix_sess.-c,v 1.1.1.1 2001/04/29 04:17:29 hartmans Exp $\n" +"$Id: pam_unix_sess.-c,v 1.2 2000/12/04 19:02:34 baggins Exp $\n" " - PAM_PWDB session management. morgan@parc.power.net"; /* Define internal functions */ diff --git a/Linux-PAM/modules/pam_pwdb/pwdb_chkpwd.c b/Linux-PAM/modules/pam_pwdb/pwdb_chkpwd.c index 0b55c952..36c248ef 100644 --- a/Linux-PAM/modules/pam_pwdb/pwdb_chkpwd.c +++ b/Linux-PAM/modules/pam_pwdb/pwdb_chkpwd.c @@ -1,5 +1,5 @@ /* - * $Id: pwdb_chkpwd.c,v 1.1.1.2 2002/09/15 20:08:55 hartmans Exp $ + * $Id: pwdb_chkpwd.c,v 1.4 2001/12/09 21:44:58 agmorgan Exp $ * * This program is designed to run setuid(root) or with sufficient * privilege to read all of the unix password databases. It is designed diff --git a/Linux-PAM/modules/pam_pwdb/support.-c b/Linux-PAM/modules/pam_pwdb/support.-c index 623fe2c3..bfa4e8a1 100644 --- a/Linux-PAM/modules/pam_pwdb/support.-c +++ b/Linux-PAM/modules/pam_pwdb/support.-c @@ -1,5 +1,5 @@ /* - * $Id: support.-c,v 1.1.1.2 2002/09/15 20:08:55 hartmans Exp $ + * $Id: support.-c,v 1.6 2004/09/15 12:06:17 kukuk Exp $ * * Copyright information at end of file. */ @@ -79,8 +79,9 @@ typedef struct { #define UNIX_UNIX 19 /* wish to use /etc/passwd for pwd */ #define UNIX_BIGCRYPT 20 /* use DEC-C2 crypt()^x function */ #define UNIX_LIKE_AUTH 21 /* need to auth for setcred to work */ +#define UNIX_NOREAP 22 /* don't reap child process */ /* -------------- */ -#define UNIX_CTRLS_ 22 /* number of ctrl arguments defined */ +#define UNIX_CTRLS_ 23 /* number of ctrl arguments defined */ static const UNIX_Ctrls unix_args[UNIX_CTRLS_] = { @@ -109,6 +110,7 @@ static const UNIX_Ctrls unix_args[UNIX_CTRLS_] = { /* UNIX_UNIX */ { "unix", _ALL_ON_^(050000), 01000000 }, /* UNIX_BIGCRYPT */ { "bigcrypt", _ALL_ON_^(020000), 02000000 }, /* UNIX_LIKE_AUTH */ { "likeauth", _ALL_ON_, 04000000 }, +/* UNIX_NOREAP */ {"noreap", _ALL_ON_, 010000000 }, }; #define UNIX_DEFAULTS (unix_args[UNIX__NONULL].flag) @@ -342,13 +344,15 @@ static void _cleanup_failures(pam_handle_t *pamh, void *fl, int err) * verify the password of a user */ +#include <signal.h> #include <sys/types.h> #include <sys/wait.h> static int pwdb_run_helper_binary(pam_handle_t *pamh, const char *passwd, - const char *user) + unsigned int ctrl, const char *user) { int retval, child, fds[2]; + void (*sighandler)(int) = NULL; D(("called.")); /* create a pipe for the password */ @@ -357,6 +361,18 @@ static int pwdb_run_helper_binary(pam_handle_t *pamh, const char *passwd, return PAM_AUTH_ERR; } + if (off(UNIX_NOREAP, ctrl)) { + /* + * This code arranges that the demise of the child does not cause + * the application to receive a signal it is not expecting - which + * may kill the application or worse. + * + * The "noreap" module argument is provided so that the admin can + * override this behavior. + */ + sighandler = signal(SIGCHLD, SIG_DFL); + } + /* fork */ child = fork(); if (child == 0) { @@ -397,6 +413,10 @@ static int pwdb_run_helper_binary(pam_handle_t *pamh, const char *passwd, retval = PAM_AUTH_ERR; } + if (sighandler != NULL) { + (void) signal(SIGCHLD, sighandler); /* restore old signal handler */ + } + D(("returning %d", retval)); return retval; } @@ -468,7 +488,7 @@ static int _unix_verify_password(pam_handle_t *pamh, const char *name, if (geteuid()) { /* we are not root perhaps this is the reason? Run helper */ D(("running helper binary")); - retval = pwdb_run_helper_binary(pamh, p, name); + retval = pwdb_run_helper_binary(pamh, p, ctrl, name); } else { retval = PAM_AUTHINFO_UNAVAIL; _log_err(LOG_ALERT, "get passwd; %s", pwdb_strerror(retval)); |