summaryrefslogtreecommitdiff
path: root/modules/pam_unix/pam_unix_sess.c
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_unix/pam_unix_sess.c')
-rw-r--r--modules/pam_unix/pam_unix_sess.c43
1 files changed, 23 insertions, 20 deletions
diff --git a/modules/pam_unix/pam_unix_sess.c b/modules/pam_unix/pam_unix_sess.c
index 03e7dcd9..3f6a8fb3 100644
--- a/modules/pam_unix/pam_unix_sess.c
+++ b/modules/pam_unix/pam_unix_sess.c
@@ -1,8 +1,8 @@
/*
- * $Id$
+ * pam_unix session management
*
* Copyright Alexander O. Yuriev, 1996. All rights reserved.
- * Copyright Jan Rêkorajski, 1999. All rights reserved.
+ * Copyright Jan Rękorajski, 1999. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -47,10 +47,6 @@
#include <sys/types.h>
#include <sys/stat.h>
-/* indicate the following groups are defined */
-
-#define PAM_SM_SESSION
-
#include <security/_pam_macros.h>
#include <security/pam_modules.h>
#include <security/pam_ext.h>
@@ -67,9 +63,9 @@ int
pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
char *user_name, *service;
- unsigned int ctrl;
+ unsigned long long ctrl;
int retval;
- const char *login_name;
+ const char *login_name;
D(("called."));
@@ -78,24 +74,31 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
retval = pam_get_item(pamh, PAM_USER, (void *) &user_name);
if (user_name == NULL || *user_name == '\0' || retval != PAM_SUCCESS) {
pam_syslog(pamh, LOG_ERR,
- "open_session - error recovering username");
+ "open_session - error recovering username");
return PAM_SESSION_ERR; /* How did we get authenticated with
no username?! */
}
retval = pam_get_item(pamh, PAM_SERVICE, (void *) &service);
if (service == NULL || *service == '\0' || retval != PAM_SUCCESS) {
pam_syslog(pamh, LOG_CRIT,
- "open_session - error recovering service");
+ "open_session - error recovering service");
return PAM_SESSION_ERR;
}
login_name = pam_modutil_getlogin(pamh);
if (login_name == NULL) {
- login_name = "";
+ login_name = "";
+ }
+ if (off (UNIX_QUIET, ctrl)) {
+ char uid[32];
+ struct passwd *pwd = pam_modutil_getpwnam (pamh, user_name);
+ if (pwd == NULL) {
+ snprintf (uid, 32, "getpwnam error");
+ }
+ else {
+ snprintf (uid, 32, "%u", pwd->pw_uid);
+ }
+ pam_syslog(pamh, LOG_INFO, "session opened for user %s(uid=%s) by %s(uid=%lu)", user_name, uid, login_name, (unsigned long)getuid());
}
- if (off (UNIX_QUIET, ctrl))
- pam_syslog(pamh, LOG_INFO, "session opened for user %s by %s(uid=%lu)",
- user_name, login_name, (unsigned long)getuid());
-
return PAM_SUCCESS;
}
@@ -103,7 +106,7 @@ int
pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
char *user_name, *service;
- unsigned int ctrl;
+ unsigned long long ctrl;
int retval;
D(("called."));
@@ -113,19 +116,19 @@ pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
retval = pam_get_item(pamh, PAM_USER, (void *) &user_name);
if (user_name == NULL || *user_name == '\0' || retval != PAM_SUCCESS) {
pam_syslog(pamh, LOG_ERR,
- "close_session - error recovering username");
+ "close_session - error recovering username");
return PAM_SESSION_ERR; /* How did we get authenticated with
no username?! */
}
retval = pam_get_item(pamh, PAM_SERVICE, (void *) &service);
if (service == NULL || *service == '\0' || retval != PAM_SUCCESS) {
pam_syslog(pamh, LOG_CRIT,
- "close_session - error recovering service");
+ "close_session - error recovering service");
return PAM_SESSION_ERR;
}
if (off (UNIX_QUIET, ctrl))
- pam_syslog(pamh, LOG_INFO, "session closed for user %s",
- user_name);
+ pam_syslog(pamh, LOG_INFO, "session closed for user %s",
+ user_name);
return PAM_SUCCESS;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-18 05:25:01 +0000