diff options
Diffstat (limited to 'modules/pam_listfile')
-rw-r--r-- | modules/pam_listfile/Makefile.am | 4 | ||||
-rw-r--r-- | modules/pam_listfile/Makefile.in | 15 | ||||
-rw-r--r-- | modules/pam_listfile/README.xml | 32 | ||||
-rw-r--r-- | modules/pam_listfile/pam_listfile.8 | 22 | ||||
-rw-r--r-- | modules/pam_listfile/pam_listfile.8.xml | 55 | ||||
-rw-r--r-- | modules/pam_listfile/pam_listfile.c | 9 |
6 files changed, 67 insertions, 70 deletions
diff --git a/modules/pam_listfile/Makefile.am b/modules/pam_listfile/Makefile.am index 8b0fc281..c9ba85f6 100644 --- a/modules/pam_listfile/Makefile.am +++ b/modules/pam_listfile/Makefile.am @@ -15,7 +15,11 @@ dist_check_SCRIPTS = tst-pam_listfile TESTS = $(dist_check_SCRIPTS) securelibdir = $(SECUREDIR) +if HAVE_VENDORDIR +secureconfdir = $(VENDOR_SCONFIGDIR) +else secureconfdir = $(SCONFIGDIR) +endif AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \ $(WARN_CFLAGS) diff --git a/modules/pam_listfile/Makefile.in b/modules/pam_listfile/Makefile.in index 86a9e918..ffe0df6a 100644 --- a/modules/pam_listfile/Makefile.in +++ b/modules/pam_listfile/Makefile.in @@ -428,6 +428,7 @@ CYGPATH_W = @CYGPATH_W@ DEFS = @DEFS@ DEPDIR = @DEPDIR@ DLLTOOL = @DLLTOOL@ +DOCBOOK_RNG = @DOCBOOK_RNG@ DSYMUTIL = @DSYMUTIL@ DUMPBIN = @DUMPBIN@ ECHO_C = @ECHO_C@ @@ -440,11 +441,13 @@ EXEEXT = @EXEEXT@ EXE_CFLAGS = @EXE_CFLAGS@ EXE_LDFLAGS = @EXE_LDFLAGS@ FGREP = @FGREP@ +FILECMD = @FILECMD@ FO2PDF = @FO2PDF@ GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@ GMSGFMT = @GMSGFMT@ GMSGFMT_015 = @GMSGFMT_015@ GREP = @GREP@ +HTML_STYLESHEET = @HTML_STYLESHEET@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ @@ -476,12 +479,14 @@ LIBSELINUX = @LIBSELINUX@ LIBTOOL = @LIBTOOL@ LIPO = @LIPO@ LN_S = @LN_S@ +LOGIND_CFLAGS = @LOGIND_CFLAGS@ LTLIBICONV = @LTLIBICONV@ LTLIBINTL = @LTLIBINTL@ LTLIBOBJS = @LTLIBOBJS@ LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@ MAKEINFO = @MAKEINFO@ MANIFEST_TOOL = @MANIFEST_TOOL@ +MAN_STYLESHEET = @MAN_STYLESHEET@ MKDIR_P = @MKDIR_P@ MSGFMT = @MSGFMT@ MSGFMT_015 = @MSGFMT_015@ @@ -504,6 +509,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ +PDF_STYLESHEET = @PDF_STYLESHEET@ PKG_CONFIG = @PKG_CONFIG@ PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@ PKG_CONFIG_PATH = @PKG_CONFIG_PATH@ @@ -514,12 +520,16 @@ SECUREDIR = @SECUREDIR@ SED = @SED@ SET_MAKE = @SET_MAKE@ SHELL = @SHELL@ -STRINGPARAM_HMAC = @STRINGPARAM_HMAC@ +STRINGPARAM_PROFILECONDITIONS = @STRINGPARAM_PROFILECONDITIONS@ STRINGPARAM_VENDORDIR = @STRINGPARAM_VENDORDIR@ STRIP = @STRIP@ +SYSTEMD_CFLAGS = @SYSTEMD_CFLAGS@ +SYSTEMD_LIBS = @SYSTEMD_LIBS@ TIRPC_CFLAGS = @TIRPC_CFLAGS@ TIRPC_LIBS = @TIRPC_LIBS@ +TXT_STYLESHEET = @TXT_STYLESHEET@ USE_NLS = @USE_NLS@ +VENDOR_SCONFIGDIR = @VENDOR_SCONFIGDIR@ VERSION = @VERSION@ WARN_CFLAGS = @WARN_CFLAGS@ XGETTEXT = @XGETTEXT@ @@ -593,7 +603,8 @@ XMLS = README.xml pam_listfile.8.xml dist_check_SCRIPTS = tst-pam_listfile TESTS = $(dist_check_SCRIPTS) securelibdir = $(SECUREDIR) -secureconfdir = $(SCONFIGDIR) +@HAVE_VENDORDIR_FALSE@secureconfdir = $(SCONFIGDIR) +@HAVE_VENDORDIR_TRUE@secureconfdir = $(VENDOR_SCONFIGDIR) AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \ $(WARN_CFLAGS) diff --git a/modules/pam_listfile/README.xml b/modules/pam_listfile/README.xml index d851aef3..d0b60107 100644 --- a/modules/pam_listfile/README.xml +++ b/modules/pam_listfile/README.xml @@ -1,41 +1,27 @@ -<?xml version="1.0" encoding='UTF-8'?> -<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" -"http://www.docbook.org/xml/4.3/docbookx.dtd" -[ -<!-- -<!ENTITY pamaccess SYSTEM "pam_listfile.8.xml"> ---> -]> +<article xmlns="http://docbook.org/ns/docbook" version="5.0"> -<article> - - <articleinfo> + <info> <title> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_listfile.8.xml" xpointer='xpointer(//refnamediv[@id = "pam_listfile-name"]/*)'/> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_listfile.8.xml" xpointer='xpointer(id("pam_listfile-name")/*)'/> </title> - </articleinfo> + </info> <section> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-description"]/*)'/> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_listfile.8.xml" xpointer='xpointer(id("pam_listfile-description")/*)'/> </section> <section> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-options"]/*)'/> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_listfile.8.xml" xpointer='xpointer(id("pam_listfile-options")/*)'/> </section> <section> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-examples"]/*)'/> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_listfile.8.xml" xpointer='xpointer(id("pam_listfile-examples")/*)'/> </section> <section> - <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" - href="pam_listfile.8.xml" xpointer='xpointer(//refsect1[@id = "pam_listfile-author"]/*)'/> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="pam_listfile.8.xml" xpointer='xpointer(id("pam_listfile-author")/*)'/> </section> -</article> +</article>
\ No newline at end of file diff --git a/modules/pam_listfile/pam_listfile.8 b/modules/pam_listfile/pam_listfile.8 index 35cc2e74..a23e6e5a 100644 --- a/modules/pam_listfile/pam_listfile.8 +++ b/modules/pam_listfile/pam_listfile.8 @@ -1,13 +1,13 @@ '\" t .\" Title: pam_listfile .\" Author: [see the "AUTHOR" section] -.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/> -.\" Date: 09/03/2021 +.\" Generator: DocBook XSL Stylesheets v1.79.2 <http://docbook.sf.net/> +.\" Date: 05/07/2023 .\" Manual: Linux-PAM Manual -.\" Source: Linux-PAM Manual +.\" Source: Linux-PAM .\" Language: English .\" -.TH "PAM_LISTFILE" "8" "09/03/2021" "Linux-PAM Manual" "Linux\-PAM Manual" +.TH "PAM_LISTFILE" "8" "05/07/2023" "Linux\-PAM" "Linux\-PAM Manual" .\" ----------------------------------------------------------------- .\" * Define some portability stuff .\" ----------------------------------------------------------------- @@ -82,27 +82,27 @@ No credentials are awarded by this module\&. .SH "OPTIONS" .PP .PP -\fBitem=[tty|user|rhost|ruser|group|shell]\fR +item=[tty|user|rhost|ruser|group|shell] .RS 4 What is listed in the file and should be checked for\&. .RE .PP -\fBsense=[allow|deny]\fR +sense=[allow|deny] .RS 4 Action to take if found in file, if the item is NOT found in the file, then the opposite action is requested\&. .RE .PP -\fBfile=\fR\fB\fI/path/filename\fR\fR +file=/path/filename .RS 4 File containing one item per line\&. The file needs to be a plain file and not world writable\&. .RE .PP -\fBonerr=[succeed|fail]\fR +onerr=[succeed|fail] .RS 4 What to do if something weird happens like being unable to open the file\&. .RE .PP -\fBapply=[\fR\fB\fIuser\fR\fR\fB|\fR\fB\fI@group\fR\fR\fB]\fR +apply=[user|@group] .RS 4 Restrict the user class for which the restriction apply\&. Note that with \fBitem=[user|ruser|group]\fR @@ -111,7 +111,7 @@ this does not make sense, but for it have a meaning\&. .RE .PP -\fBquiet\fR +quiet .RS 4 Do not treat service refusals or missing list files as errors that need to be logged\&. .RE @@ -205,7 +205,7 @@ to the root account\&. .PP \fBpam.conf\fR(5), \fBpam.d\fR(5), -\fBpam\fR(8) +\fBpam\fR(7) .SH "AUTHOR" .PP pam_listfile was written by Michael K\&. Johnson <johnsonm@redhat\&.com> and Elliot Lee <sopwith@cuc\&.edu>\&. diff --git a/modules/pam_listfile/pam_listfile.8.xml b/modules/pam_listfile/pam_listfile.8.xml index 15f047c2..af747c1b 100644 --- a/modules/pam_listfile/pam_listfile.8.xml +++ b/modules/pam_listfile/pam_listfile.8.xml @@ -1,45 +1,42 @@ -<?xml version="1.0" encoding='UTF-8'?> -<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" - "http://www.oasis-open.org/docbook/xml/4.3/docbookx.dtd"> - -<refentry id="pam_listfile"> +<refentry xmlns="http://docbook.org/ns/docbook" version="5.0" xml:id="pam_listfile"> <refmeta> <refentrytitle>pam_listfile</refentrytitle> <manvolnum>8</manvolnum> - <refmiscinfo class="sectdesc">Linux-PAM Manual</refmiscinfo> + <refmiscinfo class="source">Linux-PAM</refmiscinfo> + <refmiscinfo class="manual">Linux-PAM Manual</refmiscinfo> </refmeta> - <refnamediv id="pam_listfile-name"> + <refnamediv xml:id="pam_listfile-name"> <refname>pam_listfile</refname> <refpurpose>deny or allow services based on an arbitrary file</refpurpose> </refnamediv> <refsynopsisdiv> - <cmdsynopsis id="pam_listfile-cmdsynopsis"> + <cmdsynopsis xml:id="pam_listfile-cmdsynopsis" sepchar=" "> <command>pam_listfile.so</command> - <arg choice="plain"> + <arg choice="plain" rep="norepeat"> item=[tty|user|rhost|ruser|group|shell] </arg> - <arg choice="plain"> + <arg choice="plain" rep="norepeat"> sense=[allow|deny] </arg> - <arg choice="plain"> + <arg choice="plain" rep="norepeat"> file=<replaceable>/path/filename</replaceable> </arg> - <arg choice="plain"> + <arg choice="plain" rep="norepeat"> onerr=[succeed|fail] </arg> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> apply=[<replaceable>user</replaceable>|<replaceable>@group</replaceable>] </arg> - <arg choice="opt"> + <arg choice="opt" rep="norepeat"> quiet </arg> </cmdsynopsis> </refsynopsisdiv> - <refsect1 id="pam_listfile-description"> + <refsect1 xml:id="pam_listfile-description"> <title>DESCRIPTION</title> @@ -93,7 +90,7 @@ </para> </refsect1> - <refsect1 id="pam_listfile-options"> + <refsect1 xml:id="pam_listfile-options"> <title>OPTIONS</title> <para> @@ -101,7 +98,7 @@ <varlistentry> <term> - <option>item=[tty|user|rhost|ruser|group|shell]</option> + item=[tty|user|rhost|ruser|group|shell] </term> <listitem> <para> @@ -112,7 +109,7 @@ <varlistentry> <term> - <option>sense=[allow|deny]</option> + sense=[allow|deny] </term> <listitem> <para> @@ -124,7 +121,7 @@ <varlistentry> <term> - <option>file=<replaceable>/path/filename</replaceable></option> + file=/path/filename </term> <listitem> <para> @@ -136,7 +133,7 @@ <varlistentry> <term> - <option>onerr=[succeed|fail]</option> + onerr=[succeed|fail] </term> <listitem> <para> @@ -148,7 +145,7 @@ <varlistentry> <term> - <option>apply=[<replaceable>user</replaceable>|<replaceable>@group</replaceable>]</option> + apply=[user|@group] </term> <listitem> <para> @@ -161,7 +158,7 @@ <varlistentry> <term> - <option>quiet</option> + quiet </term> <listitem> <para> @@ -175,7 +172,7 @@ </para> </refsect1> - <refsect1 id="pam_listfile-types"> + <refsect1 xml:id="pam_listfile-types"> <title>MODULE TYPES PROVIDED</title> <para> All module types (<option>auth</option>, <option>account</option>, @@ -183,7 +180,7 @@ </para> </refsect1> - <refsect1 id='pam_listfile-return_values'> + <refsect1 xml:id="pam_listfile-return_values"> <title>RETURN VALUES</title> <para> <variablelist> @@ -235,7 +232,7 @@ </para> </refsect1> - <refsect1 id='pam_listfile-examples'> + <refsect1 xml:id="pam_listfile-examples"> <title>EXAMPLES</title> <para> Classic 'ftpusers' authentication can be implemented with this entry @@ -271,7 +268,7 @@ auth required pam_listfile.so \ </para> </refsect1> - <refsect1 id='pam_listfile-see_also'> + <refsect1 xml:id="pam_listfile-see_also"> <title>SEE ALSO</title> <para> <citerefentry> @@ -281,12 +278,12 @@ auth required pam_listfile.so \ <refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum> </citerefentry>, <citerefentry> - <refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum> + <refentrytitle>pam</refentrytitle><manvolnum>7</manvolnum> </citerefentry> </para> </refsect1> - <refsect1 id='pam_listfile-author'> + <refsect1 xml:id="pam_listfile-author"> <title>AUTHOR</title> <para> pam_listfile was written by Michael K. Johnson <johnsonm@redhat.com> @@ -294,4 +291,4 @@ auth required pam_listfile.so \ </para> </refsect1> -</refentry> +</refentry>
\ No newline at end of file diff --git a/modules/pam_listfile/pam_listfile.c b/modules/pam_listfile/pam_listfile.c index 28fd58fc..937576fd 100644 --- a/modules/pam_listfile/pam_listfile.c +++ b/modules/pam_listfile/pam_listfile.c @@ -53,17 +53,16 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, const char *citemp; char *ifname=NULL; char aline[256]; - char mybuf[256],myval[256]; + char mybuf[256],myval[256],apply_val[256]; struct stat fileinfo; FILE *inf; - const char *apply_val; int apply_type; /* Stuff for "extended" items */ struct passwd *userinfo; apply_type=APPLY_TYPE_NULL; - apply_val=""; + apply_val[0] = '\0'; for(i=0; i < argc; i++) { { @@ -133,10 +132,10 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED, apply_type=APPLY_TYPE_NONE; if (myval[0]=='@') { apply_type=APPLY_TYPE_GROUP; - apply_val=myval+1; + memcpy(apply_val,myval+1,sizeof(myval)-1); } else { apply_type=APPLY_TYPE_USER; - apply_val=myval; + memcpy(apply_val,myval,sizeof(myval)); } } else { free(ifname); |