From 8ae5f5769c4c611ca6918450bbe6e55dfa4e5926 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tm@t8m.info>
Date: Fri, 7 Dec 2007 15:40:01 +0000
Subject: Relevant BUGIDs:

Purpose of commit: new feature and cleanup

Commit summary:
---------------
2007-12-07  Tomas Mraz  <t8m@centrum.cz>

        * libpam/libpam.map: Add LIBPAM_MODUTIL_1.1 version.
        * libpam/pam_audit.c: Add _pam_audit_open() and
        pam_modutil_audit_write().
        (_pam_auditlog): Call _pam_audit_open().
        * libpam/include/security/pam_modutil.h: Add pam_modutil_audit_write().
        * modules/pam_access/pam_access.8.xml: Add noaudit option.
        Document auditing.
        * modules/pam_access/pam_access.c: Move fs, sep, pam_access_debug, and
        only_new_group_syntax variables to struct login_info. Add noaudit
        member.
        (_parse_args): Adjust for the move of variables and add support for
        noaudit option.
        (group_match): Add debug parameter.
        (string_match): Likewise.
        (network_netmask_match): Likewise.
        (login_access): Adjust for the move of variables. Add nonall_match.
        Add call to pam_modutil_audit_write().
        (list_match): Adjust for the move of variables.
        (user_match): Likewise.
        (from_match): Likewise.
        (pam_sm_authenticate): Call _parse_args() earlier.
        * modules/pam_limits/pam_limits.8.xml: Add noaudit option.
        Document auditing.
        * modules/pam_limits/pam_limits.c (_pam_parse): Add noaudit option.
        (setup_limits): Call pam_modutil_audit_write().
        * modules/pam_time/pam_time.8.xml: Add debug and noaudit options.
        Document auditing.
        * modules/pam_time/pam_time.c: Add option parsing (_pam_parse()).
        (check_account): Call _pam_parse(). Call pam_modutil_audit_write()
        and pam_syslog() on login denials.
---
 libpam/include/security/pam_modutil.h | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'libpam/include/security/pam_modutil.h')

diff --git a/libpam/include/security/pam_modutil.h b/libpam/include/security/pam_modutil.h
index efb72436..ffdf5ad0 100644
--- a/libpam/include/security/pam_modutil.h
+++ b/libpam/include/security/pam_modutil.h
@@ -97,6 +97,9 @@ pam_modutil_read(int fd, char *buffer, int count);
 extern int
 pam_modutil_write(int fd, const char *buffer, int count);
 
+extern int PAM_NONNULL((1,3))
+pam_modutil_audit_write(pam_handle_t *pamh, int type,
+			const char *message, int retval);
 #ifdef __cplusplus
 }
 #endif
-- 
cgit v1.2.3