summaryrefslogtreecommitdiff
path: root/modules/pam_time
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_time')
-rw-r--r--modules/pam_time/Makefile.am17
-rw-r--r--modules/pam_time/Makefile.in146
-rw-r--r--modules/pam_time/README2
-rw-r--r--modules/pam_time/pam_time.817
-rw-r--r--modules/pam_time/pam_time.8.xml15
-rw-r--r--modules/pam_time/pam_time.c80
-rw-r--r--modules/pam_time/time.conf.58
-rw-r--r--modules/pam_time/time.conf.5.xml6
8 files changed, 180 insertions, 111 deletions
diff --git a/modules/pam_time/Makefile.am b/modules/pam_time/Makefile.am
index a1640c17..833d51a6 100644
--- a/modules/pam_time/Makefile.am
+++ b/modules/pam_time/Makefile.am
@@ -5,18 +5,20 @@
CLEANFILES = *~
MAINTAINERCLEANFILES = $(MANS) README
-EXTRA_DIST = README $(MANS) $(XMLS) time.conf tst-pam_time
+EXTRA_DIST = $(XMLS)
-man_MANS = time.conf.5 pam_time.8
+if HAVE_DOC
+dist_man_MANS = time.conf.5 pam_time.8
+endif
XMLS = README.xml time.conf.5.xml pam_time.8.xml
-
-TESTS = tst-pam_time
+dist_check_SCRIPTS = tst-pam_time
+TESTS = $(dist_check_SCRIPTS)
securelibdir = $(SECUREDIR)
secureconfdir = $(SCONFIGDIR)
AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
- -DPAM_TIME_CONF=\"$(SCONFIGDIR)/time.conf\"
+ -DPAM_TIME_CONF=\"$(SCONFIGDIR)/time.conf\" $(WARN_CFLAGS)
AM_LDFLAGS = -no-undefined -avoid-version -module
if HAVE_VERSIONING
AM_LDFLAGS += -Wl,--version-script=$(srcdir)/../modules.map
@@ -24,10 +26,9 @@ endif
pam_time_la_LIBADD = $(top_builddir)/libpam/libpam.la
securelib_LTLIBRARIES = pam_time.la
-secureconf_DATA = time.conf
+dist_secureconf_DATA = time.conf
if ENABLE_REGENERATE_MAN
-noinst_DATA = README
-README: pam_time.8.xml time.conf.5.xml
+dist_noinst_DATA = README
-include $(top_srcdir)/Make.xml.rules
endif
diff --git a/modules/pam_time/Makefile.in b/modules/pam_time/Makefile.in
index e1bd436e..331bcc31 100644
--- a/modules/pam_time/Makefile.in
+++ b/modules/pam_time/Makefile.in
@@ -1,7 +1,7 @@
-# Makefile.in generated by automake 1.13.4 from Makefile.am.
+# Makefile.in generated by automake 1.16.1 from Makefile.am.
# @configure_input@
-# Copyright (C) 1994-2013 Free Software Foundation, Inc.
+# Copyright (C) 1994-2018 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
@@ -20,7 +20,17 @@
VPATH = @srcdir@
-am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)'
+am__is_gnu_make = { \
+ if test -z '$(MAKELEVEL)'; then \
+ false; \
+ elif test -n '$(MAKE_HOST)'; then \
+ true; \
+ elif test -n '$(MAKE_VERSION)' && test -n '$(CURDIR)'; then \
+ true; \
+ else \
+ false; \
+ fi; \
+}
am__make_running_with_option = \
case $${target_option-} in \
?) ;; \
@@ -85,9 +95,6 @@ build_triplet = @build@
host_triplet = @host@
@HAVE_VERSIONING_TRUE@am__append_1 = -Wl,--version-script=$(srcdir)/../modules.map
subdir = modules/pam_time
-DIST_COMMON = $(srcdir)/Makefile.in $(srcdir)/Makefile.am \
- $(top_srcdir)/build-aux/depcomp \
- $(top_srcdir)/build-aux/test-driver README
ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/iconv.m4 $(top_srcdir)/m4/intlmacosx.m4 \
@@ -103,6 +110,9 @@ am__aclocal_m4_deps = $(top_srcdir)/m4/gettext.m4 \
$(top_srcdir)/m4/progtest.m4 $(top_srcdir)/configure.ac
am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
$(ACLOCAL_M4)
+DIST_COMMON = $(srcdir)/Makefile.am $(dist_check_SCRIPTS) \
+ $(am__dist_noinst_DATA_DIST) $(dist_secureconf_DATA) \
+ $(am__DIST_COMMON)
mkinstalldirs = $(install_sh) -d
CONFIG_HEADER = $(top_builddir)/config.h
CONFIG_CLEAN_FILES =
@@ -158,7 +168,8 @@ am__v_at_0 = @
am__v_at_1 =
DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
-am__depfiles_maybe = depfiles
+am__maybe_remake_depfiles = depfiles
+am__depfiles_remade = ./$(DEPDIR)/pam_time.Plo
am__mv = mv -f
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
@@ -188,8 +199,9 @@ am__can_run_installinfo = \
man5dir = $(mandir)/man5
man8dir = $(mandir)/man8
NROFF = nroff
-MANS = $(man_MANS)
-DATA = $(noinst_DATA) $(secureconf_DATA)
+MANS = $(dist_man_MANS)
+am__dist_noinst_DATA_DIST = README
+DATA = $(dist_noinst_DATA) $(dist_secureconf_DATA)
am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) $(LISP)
# Read a list of newline-separated strings from the standard input,
# and print each of them once, without duplicates. Input order is
@@ -386,6 +398,9 @@ TEST_LOGS = $(am__test_logs2:.test.log=.log)
TEST_LOG_DRIVER = $(SHELL) $(top_srcdir)/build-aux/test-driver
TEST_LOG_COMPILE = $(TEST_LOG_COMPILER) $(AM_TEST_LOG_FLAGS) \
$(TEST_LOG_FLAGS)
+am__DIST_COMMON = $(dist_man_MANS) $(srcdir)/Makefile.in \
+ $(top_srcdir)/build-aux/depcomp \
+ $(top_srcdir)/build-aux/test-driver
DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
ACLOCAL = @ACLOCAL@
AMTAR = @AMTAR@
@@ -414,6 +429,8 @@ DUMPBIN = @DUMPBIN@
ECHO_C = @ECHO_C@
ECHO_N = @ECHO_N@
ECHO_T = @ECHO_T@
+ECONF_CFLAGS = @ECONF_CFLAGS@
+ECONF_LIBS = @ECONF_LIBS@
EGREP = @EGREP@
EXEEXT = @EXEEXT@
FGREP = @FGREP@
@@ -422,7 +439,6 @@ GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
GMSGFMT = @GMSGFMT@
GMSGFMT_015 = @GMSGFMT_015@
GREP = @GREP@
-HAVE_KEY_MANAGEMENT = @HAVE_KEY_MANAGEMENT@
INSTALL = @INSTALL@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
@@ -458,6 +474,7 @@ LN_S = @LN_S@
LTLIBICONV = @LTLIBICONV@
LTLIBINTL = @LTLIBINTL@
LTLIBOBJS = @LTLIBOBJS@
+LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
MAKEINFO = @MAKEINFO@
MANIFEST_TOOL = @MANIFEST_TOOL@
MKDIR_P = @MKDIR_P@
@@ -494,11 +511,13 @@ SECUREDIR = @SECUREDIR@
SED = @SED@
SET_MAKE = @SET_MAKE@
SHELL = @SHELL@
+STRINGPARAM_VENDORDIR = @STRINGPARAM_VENDORDIR@
STRIP = @STRIP@
TIRPC_CFLAGS = @TIRPC_CFLAGS@
TIRPC_LIBS = @TIRPC_LIBS@
USE_NLS = @USE_NLS@
VERSION = @VERSION@
+WARN_CFLAGS = @WARN_CFLAGS@
XGETTEXT = @XGETTEXT@
XGETTEXT_015 = @XGETTEXT_015@
XGETTEXT_EXTRA_OPTIONS = @XGETTEXT_EXTRA_OPTIONS@
@@ -567,20 +586,21 @@ top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
CLEANFILES = *~
MAINTAINERCLEANFILES = $(MANS) README
-EXTRA_DIST = README $(MANS) $(XMLS) time.conf tst-pam_time
-man_MANS = time.conf.5 pam_time.8
+EXTRA_DIST = $(XMLS)
+@HAVE_DOC_TRUE@dist_man_MANS = time.conf.5 pam_time.8
XMLS = README.xml time.conf.5.xml pam_time.8.xml
-TESTS = tst-pam_time
+dist_check_SCRIPTS = tst-pam_time
+TESTS = $(dist_check_SCRIPTS)
securelibdir = $(SECUREDIR)
secureconfdir = $(SCONFIGDIR)
AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
- -DPAM_TIME_CONF=\"$(SCONFIGDIR)/time.conf\"
+ -DPAM_TIME_CONF=\"$(SCONFIGDIR)/time.conf\" $(WARN_CFLAGS)
AM_LDFLAGS = -no-undefined -avoid-version -module $(am__append_1)
pam_time_la_LIBADD = $(top_builddir)/libpam/libpam.la
securelib_LTLIBRARIES = pam_time.la
-secureconf_DATA = time.conf
-@ENABLE_REGENERATE_MAN_TRUE@noinst_DATA = README
+dist_secureconf_DATA = time.conf
+@ENABLE_REGENERATE_MAN_TRUE@dist_noinst_DATA = README
all: all-am
.SUFFIXES:
@@ -597,14 +617,13 @@ $(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu modules/pam_time/Makefile'; \
$(am__cd) $(top_srcdir) && \
$(AUTOMAKE) --gnu modules/pam_time/Makefile
-.PRECIOUS: Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@case '$?' in \
*config.status*) \
cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
*) \
- echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
- cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
+ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \
+ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \
esac;
$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
@@ -660,21 +679,27 @@ mostlyclean-compile:
distclean-compile:
-rm -f *.tab.c
-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_time.Plo@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pam_time.Plo@am__quote@ # am--include-marker
+
+$(am__depfiles_remade):
+ @$(MKDIR_P) $(@D)
+ @echo '# dummy' >$@-t && $(am__mv) $@-t $@
+
+am--depfiles: $(am__depfiles_remade)
.c.o:
@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c $<
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $<
.c.obj:
@am__fastdepCC_TRUE@ $(AM_V_CC)$(COMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ `$(CYGPATH_W) '$<'`
@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/$*.Tpo $(DEPDIR)/$*.Po
@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
-@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c `$(CYGPATH_W) '$<'`
+@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'`
.c.lo:
@am__fastdepCC_TRUE@ $(AM_V_CC)$(LTCOMPILE) -MT $@ -MD -MP -MF $(DEPDIR)/$*.Tpo -c -o $@ $<
@@ -688,10 +713,10 @@ mostlyclean-libtool:
clean-libtool:
-rm -rf .libs _libs
-install-man5: $(man_MANS)
+install-man5: $(dist_man_MANS)
@$(NORMAL_INSTALL)
@list1=''; \
- list2='$(man_MANS)'; \
+ list2='$(dist_man_MANS)'; \
test -n "$(man5dir)" \
&& test -n "`echo $$list1$$list2`" \
|| exit 0; \
@@ -726,15 +751,15 @@ uninstall-man5:
@$(NORMAL_UNINSTALL)
@list=''; test -n "$(man5dir)" || exit 0; \
files=`{ for i in $$list; do echo "$$i"; done; \
- l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \
+ l2='$(dist_man_MANS)'; for i in $$l2; do echo "$$i"; done | \
sed -n '/\.5[a-z]*$$/p'; \
} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^5][0-9a-z]*$$,5,;x' \
-e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
dir='$(DESTDIR)$(man5dir)'; $(am__uninstall_files_from_dir)
-install-man8: $(man_MANS)
+install-man8: $(dist_man_MANS)
@$(NORMAL_INSTALL)
@list1=''; \
- list2='$(man_MANS)'; \
+ list2='$(dist_man_MANS)'; \
test -n "$(man8dir)" \
&& test -n "`echo $$list1$$list2`" \
|| exit 0; \
@@ -769,14 +794,14 @@ uninstall-man8:
@$(NORMAL_UNINSTALL)
@list=''; test -n "$(man8dir)" || exit 0; \
files=`{ for i in $$list; do echo "$$i"; done; \
- l2='$(man_MANS)'; for i in $$l2; do echo "$$i"; done | \
+ l2='$(dist_man_MANS)'; for i in $$l2; do echo "$$i"; done | \
sed -n '/\.8[a-z]*$$/p'; \
} | sed -e 's,.*/,,;h;s,.*\.,,;s,^[^8][0-9a-z]*$$,8,;x' \
-e 's,\.[0-9a-z]*$$,,;$(transform);G;s,\n,.,'`; \
dir='$(DESTDIR)$(man8dir)'; $(am__uninstall_files_from_dir)
-install-secureconfDATA: $(secureconf_DATA)
+install-dist_secureconfDATA: $(dist_secureconf_DATA)
@$(NORMAL_INSTALL)
- @list='$(secureconf_DATA)'; test -n "$(secureconfdir)" || list=; \
+ @list='$(dist_secureconf_DATA)'; test -n "$(secureconfdir)" || list=; \
if test -n "$$list"; then \
echo " $(MKDIR_P) '$(DESTDIR)$(secureconfdir)'"; \
$(MKDIR_P) "$(DESTDIR)$(secureconfdir)" || exit 1; \
@@ -790,9 +815,9 @@ install-secureconfDATA: $(secureconf_DATA)
$(INSTALL_DATA) $$files "$(DESTDIR)$(secureconfdir)" || exit $$?; \
done
-uninstall-secureconfDATA:
+uninstall-dist_secureconfDATA:
@$(NORMAL_UNINSTALL)
- @list='$(secureconf_DATA)'; test -n "$(secureconfdir)" || list=; \
+ @list='$(dist_secureconf_DATA)'; test -n "$(secureconfdir)" || list=; \
files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
dir='$(DESTDIR)$(secureconfdir)'; $(am__uninstall_files_from_dir)
@@ -878,7 +903,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
if test -n "$$am__remaking_logs"; then \
echo "fatal: making $(TEST_SUITE_LOG): possible infinite" \
"recursion detected" >&2; \
- else \
+ elif test -n "$$redo_logs"; then \
am__remaking_logs=yes $(MAKE) $(AM_MAKEFLAGS) $$redo_logs; \
fi; \
if $(am__make_dryrun); then :; else \
@@ -968,7 +993,7 @@ $(TEST_SUITE_LOG): $(TEST_LOGS)
fi; \
$$success || exit 1
-check-TESTS:
+check-TESTS: $(dist_check_SCRIPTS)
@list='$(RECHECK_LOGS)'; test -z "$$list" || rm -f $$list
@list='$(RECHECK_LOGS:.log=.trs)'; test -z "$$list" || rm -f $$list
@test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
@@ -978,7 +1003,7 @@ check-TESTS:
log_list=`echo $$log_list`; trs_list=`echo $$trs_list`; \
$(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) TEST_LOGS="$$log_list"; \
exit $$?;
-recheck: all
+recheck: all $(dist_check_SCRIPTS)
@test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG)
@set +e; $(am__set_TESTS_bases); \
bases=`for i in $$bases; do echo $$i; done \
@@ -1011,7 +1036,10 @@ tst-pam_time.log: tst-pam_time
@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \
@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT)
-distdir: $(DISTFILES)
+distdir: $(BUILT_SOURCES)
+ $(MAKE) $(AM_MAKEFLAGS) distdir-am
+
+distdir-am: $(DISTFILES)
@srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
list='$(DISTFILES)'; \
@@ -1042,6 +1070,7 @@ distdir: $(DISTFILES)
fi; \
done
check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) $(dist_check_SCRIPTS)
$(MAKE) $(AM_MAKEFLAGS) check-TESTS
check: check-am
all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA)
@@ -1090,7 +1119,7 @@ clean-am: clean-generic clean-libtool clean-securelibLTLIBRARIES \
mostlyclean-am
distclean: distclean-am
- -rm -rf ./$(DEPDIR)
+ -rm -f ./$(DEPDIR)/pam_time.Plo
-rm -f Makefile
distclean-am: clean-am distclean-compile distclean-generic \
distclean-tags
@@ -1107,7 +1136,7 @@ info: info-am
info-am:
-install-data-am: install-man install-secureconfDATA \
+install-data-am: install-dist_secureconfDATA install-man \
install-securelibLTLIBRARIES
install-dvi: install-dvi-am
@@ -1137,7 +1166,7 @@ install-ps-am:
installcheck-am:
maintainer-clean: maintainer-clean-am
- -rm -rf ./$(DEPDIR)
+ -rm -f ./$(DEPDIR)/pam_time.Plo
-rm -f Makefile
maintainer-clean-am: distclean-am maintainer-clean-generic
@@ -1154,32 +1183,33 @@ ps: ps-am
ps-am:
-uninstall-am: uninstall-man uninstall-secureconfDATA \
+uninstall-am: uninstall-dist_secureconfDATA uninstall-man \
uninstall-securelibLTLIBRARIES
uninstall-man: uninstall-man5 uninstall-man8
.MAKE: check-am install-am install-strip
-.PHONY: CTAGS GTAGS TAGS all all-am check check-TESTS check-am clean \
- clean-generic clean-libtool clean-securelibLTLIBRARIES \
- cscopelist-am ctags ctags-am distclean distclean-compile \
- distclean-generic distclean-libtool distclean-tags distdir dvi \
- dvi-am html html-am info info-am install install-am \
- install-data install-data-am install-dvi install-dvi-am \
- install-exec install-exec-am install-html install-html-am \
- install-info install-info-am install-man install-man5 \
- install-man8 install-pdf install-pdf-am install-ps \
- install-ps-am install-secureconfDATA \
- install-securelibLTLIBRARIES install-strip installcheck \
- installcheck-am installdirs maintainer-clean \
- maintainer-clean-generic mostlyclean mostlyclean-compile \
- mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \
- recheck tags tags-am uninstall uninstall-am uninstall-man \
- uninstall-man5 uninstall-man8 uninstall-secureconfDATA \
- uninstall-securelibLTLIBRARIES
+.PHONY: CTAGS GTAGS TAGS all all-am am--depfiles check check-TESTS \
+ check-am clean clean-generic clean-libtool \
+ clean-securelibLTLIBRARIES cscopelist-am ctags ctags-am \
+ distclean distclean-compile distclean-generic \
+ distclean-libtool distclean-tags distdir dvi dvi-am html \
+ html-am info info-am install install-am install-data \
+ install-data-am install-dist_secureconfDATA install-dvi \
+ install-dvi-am install-exec install-exec-am install-html \
+ install-html-am install-info install-info-am install-man \
+ install-man5 install-man8 install-pdf install-pdf-am \
+ install-ps install-ps-am install-securelibLTLIBRARIES \
+ install-strip installcheck installcheck-am installdirs \
+ maintainer-clean maintainer-clean-generic mostlyclean \
+ mostlyclean-compile mostlyclean-generic mostlyclean-libtool \
+ pdf pdf-am ps ps-am recheck tags tags-am uninstall \
+ uninstall-am uninstall-dist_secureconfDATA uninstall-man \
+ uninstall-man5 uninstall-man8 uninstall-securelibLTLIBRARIES
+
+.PRECIOUS: Makefile
-@ENABLE_REGENERATE_MAN_TRUE@README: pam_time.8.xml time.conf.5.xml
@ENABLE_REGENERATE_MAN_TRUE@-include $(top_srcdir)/Make.xml.rules
# Tell versions [3.59,3.63) of GNU make to not export all variables.
diff --git a/modules/pam_time/README b/modules/pam_time/README
index 04d6432b..9b20847c 100644
--- a/modules/pam_time/README
+++ b/modules/pam_time/README
@@ -12,7 +12,7 @@ of day, the day of week, the service they are applying for and their terminal
from which they are making their request.
By default rules for time/port access are taken from config file /etc/security/
-time.conf.
+time.conf. An alternative file can be specified with the conffile option.
If Linux PAM is compiled with audit support the module will report when it
denies access.
diff --git a/modules/pam_time/pam_time.8 b/modules/pam_time/pam_time.8
index 194427d3..0d7eca96 100644
--- a/modules/pam_time/pam_time.8
+++ b/modules/pam_time/pam_time.8
@@ -1,13 +1,13 @@
'\" t
.\" Title: pam_time
.\" Author: [see the "AUTHOR" section]
-.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
-.\" Date: 05/18/2017
+.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
+.\" Date: 06/08/2020
.\" Manual: Linux-PAM Manual
.\" Source: Linux-PAM Manual
.\" Language: English
.\"
-.TH "PAM_TIME" "8" "05/18/2017" "Linux-PAM Manual" "Linux-PAM Manual"
+.TH "PAM_TIME" "8" "06/08/2020" "Linux-PAM Manual" "Linux-PAM Manual"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -31,17 +31,24 @@
pam_time \- PAM module for time control access
.SH "SYNOPSIS"
.HP \w'\fBpam_time\&.so\fR\ 'u
-\fBpam_time\&.so\fR [debug] [noaudit]
+\fBpam_time\&.so\fR [conffile=conf\-file] [debug] [noaudit]
.SH "DESCRIPTION"
.PP
The pam_time PAM module does not authenticate the user, but instead it restricts access to a system and or specific applications at various times of the day and on specific days or over various terminal lines\&. This module can be configured to deny access to (individual) users based on their name, the time of day, the day of week, the service they are applying for and their terminal from which they are making their request\&.
.PP
By default rules for time/port access are taken from config file
-/etc/security/time\&.conf\&.
+/etc/security/time\&.conf\&. An alternative file can be specified with the
+\fIconffile\fR
+option\&.
.PP
If Linux PAM is compiled with audit support the module will report when it denies access\&.
.SH "OPTIONS"
.PP
+\fBconffile=/path/to/time\&.conf\fR
+.RS 4
+Indicate an alternative time\&.conf style configuration file to override the default\&.
+.RE
+.PP
\fBdebug\fR
.RS 4
Some debug information is printed with
diff --git a/modules/pam_time/pam_time.8.xml b/modules/pam_time/pam_time.8.xml
index b673beb5..4708220c 100644
--- a/modules/pam_time/pam_time.8.xml
+++ b/modules/pam_time/pam_time.8.xml
@@ -23,6 +23,9 @@
<cmdsynopsis id="pam_time-cmdsynopsis">
<command>pam_time.so</command>
<arg choice="opt">
+ conffile=conf-file
+ </arg>
+ <arg choice="opt">
debug
</arg>
<arg choice="opt">
@@ -46,6 +49,7 @@
<para>
By default rules for time/port access are taken from config file
<filename>/etc/security/time.conf</filename>.
+ An alternative file can be specified with the <emphasis>conffile</emphasis> option.
</para>
<para>
If Linux PAM is compiled with audit support the module will report
@@ -57,6 +61,17 @@
<title>OPTIONS</title>
<variablelist>
+ <varlistentry>
+ <term>
+ <option>conffile=/path/to/time.conf</option>
+ </term>
+ <listitem>
+ <para>
+ Indicate an alternative time.conf style configuration file to override the default.
+ </para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>
<option>debug</option>
diff --git a/modules/pam_time/pam_time.c b/modules/pam_time/pam_time.c
index 26a374b5..089ae22d 100644
--- a/modules/pam_time/pam_time.c
+++ b/modules/pam_time/pam_time.c
@@ -1,6 +1,6 @@
-/* pam_time module */
-
/*
+ * pam_time module
+ *
* Written by Andrew Morgan <morgan@linux.kernel.org> 1996/6/22
* (File syntax and much other inspiration from the shadow package
* shadow-960129)
@@ -23,6 +23,12 @@
#include <fcntl.h>
#include <netdb.h>
+#include <security/_pam_macros.h>
+#include <security/pam_modules.h>
+#include <security/pam_ext.h>
+#include <security/pam_modutil.h>
+#include "pam_inline.h"
+
#ifdef HAVE_LIBAUDIT
#include <libaudit.h>
#endif
@@ -42,27 +48,15 @@
typedef enum { AND, OR } operator;
-/*
- * here, we make definitions for the externally accessible functions
- * in this file (these definitions are required for static modules
- * but strongly encouraged generally) they are used to instruct the
- * modules include file to define their prototypes.
- */
-
-#define PAM_SM_ACCOUNT
-
-#include <security/_pam_macros.h>
-#include <security/pam_modules.h>
-#include <security/pam_ext.h>
-#include <security/pam_modutil.h>
-
static int
-_pam_parse (const pam_handle_t *pamh, int argc, const char **argv)
+_pam_parse (const pam_handle_t *pamh, int argc, const char **argv, const char **conffile)
{
int ctrl = 0;
+ *conffile = PAM_TIME_CONF;
/* step through arguments */
for (; argc-- > 0; ++argv) {
+ const char *str;
/* generic options */
@@ -70,7 +64,15 @@ _pam_parse (const pam_handle_t *pamh, int argc, const char **argv)
ctrl |= PAM_DEBUG_ARG;
} else if (!strcmp(*argv, "noaudit")) {
ctrl |= PAM_NO_AUDIT;
- } else {
+ } else if ((str = pam_str_skip_prefix(*argv, "conffile=")) != NULL) {
+ if (str[0] == '\0') {
+ pam_syslog(pamh, LOG_ERR,
+ "conffile= specification missing argument - ignored");
+ } else {
+ *conffile = str;
+ D(("new Configuration File: %s", *conffile));
+ }
+ } else {
pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);
}
}
@@ -108,7 +110,7 @@ trim_spaces(char *buf, char *from)
#define STATE_EOF 3 /* end of file or error */
static int
-read_field(const pam_handle_t *pamh, int fd, char **buf, int *from, int *state)
+read_field(const pam_handle_t *pamh, int fd, char **buf, int *from, int *state, const char *file)
{
char *to;
char *src;
@@ -127,9 +129,9 @@ read_field(const pam_handle_t *pamh, int fd, char **buf, int *from, int *state)
}
*from = 0;
*state = STATE_NL;
- fd = open(PAM_TIME_CONF, O_RDONLY);
+ fd = open(file, O_RDONLY);
if (fd < 0) {
- pam_syslog(pamh, LOG_ERR, "error opening %s: %m", PAM_TIME_CONF);
+ pam_syslog(pamh, LOG_ERR, "error opening %s: %m", file);
_pam_drop(*buf);
*state = STATE_EOF;
return -1;
@@ -145,7 +147,7 @@ read_field(const pam_handle_t *pamh, int fd, char **buf, int *from, int *state)
while (fd != -1 && to - *buf < PAM_TIME_BUFLEN) {
i = pam_modutil_read(fd, to, PAM_TIME_BUFLEN - (to - *buf));
if (i < 0) {
- pam_syslog(pamh, LOG_ERR, "error reading %s: %m", PAM_TIME_CONF);
+ pam_syslog(pamh, LOG_ERR, "error reading %s: %m", file);
close(fd);
memset(*buf, 0, PAM_TIME_BUFLEN);
_pam_drop(*buf);
@@ -213,6 +215,7 @@ read_field(const pam_handle_t *pamh, int fd, char **buf, int *from, int *state)
++src; /* skip it */
break;
}
+ /* fallthrough */
default:
*to++ = c;
onspace = 0;
@@ -327,6 +330,7 @@ logic_field(pam_handle_t *pamh, const void *me, const char *x, int rule,
return FALSE;
}
next = VAL;
+ not = FALSE;
}
at += l;
}
@@ -504,7 +508,7 @@ check_time(pam_handle_t *pamh, const void *AT, const char *times,
static int
check_account(pam_handle_t *pamh, const char *service,
- const char *tty, const char *user)
+ const char *tty, const char *user, const char *file)
{
int from=0, state=STATE_NL, fd=-1;
char *buffer=NULL;
@@ -518,7 +522,7 @@ check_account(pam_handle_t *pamh, const char *service,
/* here we get the service name field */
- fd = read_field(pamh, fd, &buffer, &from, &state);
+ fd = read_field(pamh, fd, &buffer, &from, &state, file);
if (!buffer || !buffer[0]) {
/* empty line .. ? */
continue;
@@ -527,7 +531,7 @@ check_account(pam_handle_t *pamh, const char *service,
if (state != STATE_FIELD) {
pam_syslog(pamh, LOG_ERR,
- "%s: malformed rule #%d", PAM_TIME_CONF, count);
+ "%s: malformed rule #%d", file, count);
continue;
}
@@ -536,10 +540,10 @@ check_account(pam_handle_t *pamh, const char *service,
/* here we get the terminal name field */
- fd = read_field(pamh, fd, &buffer, &from, &state);
+ fd = read_field(pamh, fd, &buffer, &from, &state, file);
if (state != STATE_FIELD) {
pam_syslog(pamh, LOG_ERR,
- "%s: malformed rule #%d", PAM_TIME_CONF, count);
+ "%s: malformed rule #%d", file, count);
continue;
}
good &= logic_field(pamh, tty, buffer, count, is_same);
@@ -547,10 +551,10 @@ check_account(pam_handle_t *pamh, const char *service,
/* here we get the username field */
- fd = read_field(pamh, fd, &buffer, &from, &state);
+ fd = read_field(pamh, fd, &buffer, &from, &state, file);
if (state != STATE_FIELD) {
pam_syslog(pamh, LOG_ERR,
- "%s: malformed rule #%d", PAM_TIME_CONF, count);
+ "%s: malformed rule #%d", file, count);
continue;
}
/* If buffer starts with @, we are using netgroups */
@@ -566,10 +570,10 @@ check_account(pam_handle_t *pamh, const char *service,
/* here we get the time field */
- fd = read_field(pamh, fd, &buffer, &from, &state);
+ fd = read_field(pamh, fd, &buffer, &from, &state, file);
if (state == STATE_FIELD) {
pam_syslog(pamh, LOG_ERR,
- "%s: poorly terminated rule #%d", PAM_TIME_CONF, count);
+ "%s: poorly terminated rule #%d", file, count);
continue;
}
@@ -599,10 +603,15 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED,
const void *service=NULL, *void_tty=NULL;
const char *tty;
const char *user=NULL;
+ const char *conf_file = NULL;
int ctrl;
int rv;
- ctrl = _pam_parse(pamh, argc, argv);
+ ctrl = _pam_parse(pamh, argc, argv, &conf_file);
+
+ if (ctrl & PAM_DEBUG_ARG) {
+ pam_syslog(pamh, LOG_DEBUG, "conffile=%s", conf_file);
+ }
/* set service name */
@@ -614,9 +623,8 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED,
/* set username */
- if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || user == NULL
- || *user == '\0') {
- pam_syslog(pamh, LOG_ERR, "can not get the username");
+ if (pam_get_user(pamh, &user, NULL) != PAM_SUCCESS || *user == '\0') {
+ pam_syslog(pamh, LOG_NOTICE, "cannot determine user name");
return PAM_USER_UNKNOWN;
}
@@ -651,7 +659,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED,
D(("user=%s", user));
D(("tty=%s", tty));
- rv = check_account(pamh, service, tty, user);
+ rv = check_account(pamh, service, tty, user, conf_file);
if (rv != PAM_SUCCESS) {
#ifdef HAVE_LIBAUDIT
if (!(ctrl & PAM_NO_AUDIT)) {
diff --git a/modules/pam_time/time.conf.5 b/modules/pam_time/time.conf.5
index f6f16170..f866f9bc 100644
--- a/modules/pam_time/time.conf.5
+++ b/modules/pam_time/time.conf.5
@@ -1,13 +1,13 @@
'\" t
.\" Title: time.conf
.\" Author: [see the "AUTHOR" section]
-.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
-.\" Date: 05/18/2017
+.\" Generator: DocBook XSL Stylesheets v1.79.1 <http://docbook.sf.net/>
+.\" Date: 06/08/2020
.\" Manual: Linux-PAM Manual
.\" Source: Linux-PAM Manual
.\" Language: English
.\"
-.TH "TIME\&.CONF" "5" "05/18/2017" "Linux-PAM Manual" "Linux\-PAM Manual"
+.TH "TIME\&.CONF" "5" "06/08/2020" "Linux-PAM Manual" "Linux\-PAM Manual"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
@@ -55,6 +55,8 @@ The third field, the
\fIusers\fR
field, is a logic list of users or a netgroup of users to whom this rule applies\&.
.PP
+A logic list namely means individual tokens that are optionally prefixed with \*(Aq!\*(Aq (logical not) and separated with \*(Aq&\*(Aq (logical and) and \*(Aq|\*(Aq (logical or)\&.
+.PP
For these items the simple wildcard \*(Aq*\*(Aq may be used only once\&. With netgroups no wildcards or logic operators are allowed\&.
.PP
The
diff --git a/modules/pam_time/time.conf.5.xml b/modules/pam_time/time.conf.5.xml
index 82227ba0..acbe2329 100644
--- a/modules/pam_time/time.conf.5.xml
+++ b/modules/pam_time/time.conf.5.xml
@@ -65,6 +65,12 @@
</para>
<para>
+ A logic list namely means individual tokens that are optionally prefixed
+ with '!' (logical not) and separated with '&amp;' (logical and) and '|'
+ (logical or).
+ </para>
+
+ <para>
For these items the simple wildcard '*' may be used only once.
With netgroups no wildcards or logic operators are allowed.
</para>
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-19 22:25:45 +0000