From 97c9cd159d080814e56508fcc4ad0032f5f8023c Mon Sep 17 00:00:00 2001 From: "Andrew G. Morgan" Date: Sun, 9 Dec 2001 22:39:03 +0000 Subject: Relevant BUGIDs: 486361 Purpose of commit: bugfix Commit summary: --------------- pam_unix is too generic a module to override the PAM_USER_PROMPT item. (More modifications to xsh to help me test this change.) --- CHANGELOG | 3 +++ examples/xsh.c | 12 ++++++++++-- modules/pam_unix/pam_unix_auth.c | 2 +- 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 5b9af1e6..f8ad1ea9 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -55,6 +55,9 @@ bug report - outstanding bugs are listed here: 0.76: please submit patches for this section with actual code/doc patches! +* somehow pam_unix has started forcing the user prompt to be "login: ". + This is entirely inapropriate as it overrides PAM_USER_PROMPT. (Bug + 486361 - agmorgan). * added a static module helper library object includes a few changes to examples/xsh.c for testing purposes, and also modified the pam_rhosts_auth module to use this new library. (Bug 490938 - agmorgan) diff --git a/examples/xsh.c b/examples/xsh.c index dbb2416c..fdbbbfd0 100644 --- a/examples/xsh.c +++ b/examples/xsh.c @@ -49,7 +49,7 @@ int main(int argc, char **argv) if (argc > 3) { fprintf(stderr,"usage: %s [username [service-name]]\n",argv[0]); } - if (argc >= 2) { + if ((argc >= 2) && (argv[1][0] != '-')) { username = argv[1]; } if (argc == 3) { @@ -60,16 +60,18 @@ int main(int argc, char **argv) retcode = pam_start(service, username, &conv, &pamh); bail_out(pamh,1,retcode,"pam_start"); - /* fill in the RUSER and RHOST fields */ + /* fill in the RUSER and RHOST etc. fields */ { char buffer[100]; struct passwd *pw; + const char *tty; pw = getpwuid(getuid()); if (pw != NULL) { retcode = pam_set_item(pamh, PAM_RUSER, pw->pw_name); bail_out(pamh,1,retcode,"pam_set_item(PAM_RUSER)"); } + retcode = gethostname(buffer, sizeof(buffer)-1); if (retcode) { perror("failed to look up hostname"); @@ -78,6 +80,12 @@ int main(int argc, char **argv) } retcode = pam_set_item(pamh, PAM_RHOST, buffer); bail_out(pamh,1,retcode,"pam_set_item(PAM_RHOST)"); + + tty = ttyname(fileno(stdin)); + if (tty) { + retcode = pam_set_item(pamh, PAM_TTY, tty); + bail_out(pamh,1,retcode,"pam_set_item(PAM_RHOST)"); + } } /* to avoid using goto we abuse a loop here */ diff --git a/modules/pam_unix/pam_unix_auth.c b/modules/pam_unix/pam_unix_auth.c index 319f4f05..67497e06 100644 --- a/modules/pam_unix/pam_unix_auth.c +++ b/modules/pam_unix/pam_unix_auth.c @@ -119,7 +119,7 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t * pamh, int flags /* get the user'name' */ - retval = pam_get_user(pamh, &name, "login: "); + retval = pam_get_user(pamh, &name, NULL); if (retval == PAM_SUCCESS) { /* * Various libraries at various times have had bugs related to -- cgit v1.2.3