diff options
Diffstat (limited to 'modules/pam_warn')
| -rw-r--r-- | modules/pam_warn/.cvsignore | 1 | ||||
| -rw-r--r-- | modules/pam_warn/Makefile | 102 | ||||
| -rw-r--r-- | modules/pam_warn/README | 26 | ||||
| -rw-r--r-- | modules/pam_warn/pam_warn.c | 132 |
4 files changed, 261 insertions, 0 deletions
diff --git a/modules/pam_warn/.cvsignore b/modules/pam_warn/.cvsignore new file mode 100644 index 00000000..380a834a --- /dev/null +++ b/modules/pam_warn/.cvsignore @@ -0,0 +1 @@ +dynamic diff --git a/modules/pam_warn/Makefile b/modules/pam_warn/Makefile new file mode 100644 index 00000000..7b48689c --- /dev/null +++ b/modules/pam_warn/Makefile @@ -0,0 +1,102 @@ +# +# $Id$ +# +# This Makefile controls a build process of $(TITLE) module for +# Linux-PAM. You should not modify this Makefile (unless you know +# what you are doing!). +# +# $Log$ +# Revision 1.1 2000/06/20 22:12:10 agmorgan +# Initial revision +# +# Revision 1.1.1.1 1998/07/12 05:17:17 morgan +# Linux PAM sources pre-0.66 +# +# Revision 1.2 1997/04/05 06:20:16 morgan +# fixed fakeroot +# +# Revision 1.1 1996/12/01 03:12:22 morgan +# Initial revision +# +# +# Created by Andrew Morgan <morgan@parc.power.net> 1996/11/14 +# + +TITLE=pam_warn + +# + +LIBSRC = $(TITLE).c +LIBOBJ = $(TITLE).o +LIBOBJD = $(addprefix dynamic/,$(LIBOBJ)) +LIBOBJS = $(addprefix static/,$(LIBOBJ)) + +dynamic/%.o : %.c + $(CC) $(CFLAGS) $(DYNAMIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ + +static/%.o : %.c + $(CC) $(CFLAGS) $(STATIC) $(CPPFLAGS) $(TARGET_ARCH) -c $< -o $@ + + +ifdef DYNAMIC +LIBSHARED = $(TITLE).so +endif + +ifdef STATIC +LIBSTATIC = lib$(TITLE).o +endif + +####################### don't edit below ####################### + +dummy: + + @echo "**** This is not a top-level Makefile " + exit + +all: dirs $(LIBSHARED) $(LIBSTATIC) register + +dirs: +ifdef DYNAMIC + $(MKDIR) ./dynamic +endif +ifdef STATIC + $(MKDIR) ./static +endif + +register: +ifdef STATIC + ( cd .. ; ./register_static $(TITLE) $(TITLE)/$(LIBSTATIC) ) +endif + +ifdef DYNAMIC +$(LIBOBJD): $(LIBSRC) + +$(LIBSHARED): $(LIBOBJD) + $(LD_D) -o $@ $(LIBOBJD) +endif + +ifdef STATIC +$(LIBOBJS): $(LIBSRC) + +$(LIBSTATIC): $(LIBOBJS) + $(LD) -r -o $@ $(LIBOBJS) +endif + +install: all + $(MKDIR) $(FAKEROOT)$(SECUREDIR) +ifdef DYNAMIC + $(INSTALL) -m $(SHLIBMODE) $(LIBSHARED) $(FAKEROOT)$(SECUREDIR) +endif + +remove: + rm -f $(FAKEROOT)$(SECUREDIR)/$(TITLE).so + +clean: + rm -f $(LIBOBJD) $(LIBOBJS) core *~ + +extraclean: clean + rm -f *.a *.o *.so *.bak dynamic/* static/* + +.c.o: + $(CC) $(CFLAGS) -c $< + diff --git a/modules/pam_warn/README b/modules/pam_warn/README new file mode 100644 index 00000000..6d484bdf --- /dev/null +++ b/modules/pam_warn/README @@ -0,0 +1,26 @@ +# $Id$ +# + +This module is an authentication module that does not authenticate. +Instead it always returns PAM_IGNORE, indicating that it does not want +to affect the authentication process. + +Its purpose is to log a message to the syslog indicating the +pam_item's available at the time it was invoked. It is a diagnostic +tool. + +Recognized arguments: + + <none> + +module services provided: + + auth _authenticate and _setcred (blank) + acct _acct_mgmt [mapped to _authenticate] + session _open_session and + _close_session [mapped to _authenticate ] + password _chauthtok [mapped to _authenticate] + + +Andrew Morgan +1996/11/14 diff --git a/modules/pam_warn/pam_warn.c b/modules/pam_warn/pam_warn.c new file mode 100644 index 00000000..2e390ca4 --- /dev/null +++ b/modules/pam_warn/pam_warn.c @@ -0,0 +1,132 @@ +/* pam_warn module */ + +/* + * $Id$ + * + * Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11 + */ + +#define _BSD_SOURCE + +#include <stdio.h> +#include <unistd.h> +#include <syslog.h> +#include <stdarg.h> + +/* + * here, we make a definition for the externally accessible function + * in this file (this definition is required for static a module + * but strongly encouraged generally) it is used to instruct the + * modules include file to define the function prototypes. + */ + +#define PAM_SM_AUTH +#define PAM_SM_PASSWORD + +#include <security/pam_modules.h> + +/* some syslogging */ + +static void _pam_log(int err, const char *format, ...) +{ + va_list args; + + va_start(args, format); + openlog("PAM-warn", LOG_CONS|LOG_PID, LOG_AUTH); + vsyslog(err, format, args); + va_end(args); + closelog(); +} + +/* --- authentication management functions (only) --- */ + +PAM_EXTERN +int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc + , const char **argv) +{ + const char *service=NULL, *user=NULL, *terminal=NULL + , *rhost=NULL, *ruser=NULL; + + (void) pam_get_item(pamh, PAM_SERVICE, (const void **)&service); + (void) pam_get_item(pamh, PAM_TTY, (const void **)&terminal); + _pam_log(LOG_NOTICE, "service: %s [on terminal: %s]" + , service ? service : "<unknown>" + , terminal ? terminal : "<unknown>" + ); + (void) pam_get_user(pamh, &user, "Who are you? "); + (void) pam_get_item(pamh, PAM_RUSER, (const void **)&ruser); + (void) pam_get_item(pamh, PAM_RHOST, (const void **)&rhost); + _pam_log(LOG_NOTICE, "user: (uid=%d) -> %s [remote: %s@%s]" + , getuid() + , user ? user : "<unknown>" + , ruser ? ruser : "?nobody" + , rhost ? rhost : "?nowhere" + ); + + /* we are just a fly on the wall */ + + return PAM_IGNORE; +} + +PAM_EXTERN +int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc + , const char **argv) +{ + return PAM_IGNORE; +} + +/* password updating functions */ + +PAM_EXTERN +int pam_sm_chauthtok(pam_handle_t *pamh,int flags,int argc + , const char **argv) +{ + /* map to the authentication function... */ + + return pam_sm_authenticate(pamh, flags, argc, argv); +} + +PAM_EXTERN int +pam_sm_acct_mgmt (pam_handle_t *pamh, int flags, + int argc, const char **argv) +{ + /* map to the authentication function... */ + + return pam_sm_authenticate(pamh, flags, argc, argv); +} + +PAM_EXTERN int +pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, + const char **argv) +{ + /* map to the authentication function... */ + + return pam_sm_authenticate(pamh, flags, argc, argv); +} + +PAM_EXTERN int +pam_sm_close_session (pam_handle_t *pamh, int flags, int argc, + const char **argv) +{ + /* map to the authentication function... */ + + return pam_sm_authenticate(pamh, flags, argc, argv); +} + +#ifdef PAM_STATIC + +/* static module data */ + +struct pam_module _pam_warn_modstruct = { + "pam_warn", + pam_sm_authenticate, + pam_sm_setcred, + pam_sm_acct_mgmt, + pam_sm_open_session, + pam_sm_close_session, + pam_sm_chauthtok, +}; + +#endif + +/* end of module definition */ |