From 1814aec611a5f9e03eceee81237ad3a3f51c954a Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Wed, 26 Oct 2011 23:56:54 +0000 Subject: Fix whitespace issues Cleanup trailing whitespaces, indentation that uses spaces before tabs, and blank lines at EOF. Make the project free of warnings reported by git diff --check 4b825dc642cb6eb9a060e54bf8d69288fbee4904 HEAD --- modules/pam_tally2/pam_tally2.c | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) (limited to 'modules/pam_tally2/pam_tally2.c') diff --git a/modules/pam_tally2/pam_tally2.c b/modules/pam_tally2/pam_tally2.c index e1df6d74..c72d27a0 100644 --- a/modules/pam_tally2/pam_tally2.c +++ b/modules/pam_tally2/pam_tally2.c @@ -159,7 +159,7 @@ static void log_phase_no_auth(pam_handle_t *pamh, int phase, const char *argv) { if ( phase != PHASE_AUTH ) { - pam_syslog(pamh, LOG_ERR, + pam_syslog(pamh, LOG_ERR, "option %s allowed in auth phase only", argv); } } @@ -407,7 +407,7 @@ get_tally(pam_handle_t *pamh, uid_t uid, const char *filename, if ((*tfile = open(filename, O_RDWR)) == -1) { #ifndef MAIN if (errno == EACCES) /* called with insufficient access rights */ - return PAM_IGNORE; + return PAM_IGNORE; #endif pam_syslog(pamh, LOG_ALERT, "Error opening %s for update: %m", filename); @@ -418,7 +418,7 @@ skip_open: if (lseek(*tfile, (off_t)uid*(off_t)sizeof(*tally), SEEK_SET) == (off_t)-1) { pam_syslog(pamh, LOG_ALERT, "lseek failed for %s: %m", filename); if (!preopened) { - close(*tfile); + close(*tfile); *tfile = -1; } return PAM_AUTH_ERR; @@ -536,30 +536,30 @@ tally_check (tally_t oldcnt, time_t oldtime, pam_handle_t *pamh, uid_t uid, if (uid) { /* Unlock time check */ if (opts->unlock_time && oldtime) { - if (opts->unlock_time + oldtime <= time(NULL)) { + if (opts->unlock_time + oldtime <= time(NULL)) { /* ignore deny check after unlock_time elapsed */ #ifdef HAVE_LIBAUDIT snprintf(buf, sizeof(buf), "pam_tally2 uid=%u ", uid); audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_UNLOCK_TIMED, buf, NULL, NULL, NULL, 1); #endif - rv = PAM_SUCCESS; - goto cleanup; - } + rv = PAM_SUCCESS; + goto cleanup; + } } } else { /* Root unlock time check */ if (opts->root_unlock_time && oldtime) { if (opts->root_unlock_time + oldtime <= time(NULL)) { - /* ignore deny check after unlock_time elapsed */ + /* ignore deny check after unlock_time elapsed */ #ifdef HAVE_LIBAUDIT snprintf(buf, sizeof(buf), "pam_tally2 uid=%u ", uid); audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_UNLOCK_TIMED, buf, NULL, NULL, NULL, 1); #endif - rv = PAM_SUCCESS; - goto cleanup; - } + rv = PAM_SUCCESS; + goto cleanup; + } } } @@ -597,7 +597,7 @@ tally_check (tally_t oldcnt, time_t oldtime, pam_handle_t *pamh, uid_t uid, oldtime+opts->lock_time-time(NULL)); } if (!(opts->ctrl & OPT_NOLOGNOTICE)) { - pam_syslog(pamh, LOG_NOTICE, + pam_syslog(pamh, LOG_NOTICE, "user %s (%lu) has time limit [%lds left]" " since last failure.", user, (unsigned long)uid, @@ -605,7 +605,7 @@ tally_check (tally_t oldcnt, time_t oldtime, pam_handle_t *pamh, uid_t uid, } rv = PAM_AUTH_ERR; goto cleanup; - } + } } cleanup: @@ -648,10 +648,10 @@ tally_bump (int inc, time_t *oldtime, pam_handle_t *pamh, (void) pam_get_item(pamh, PAM_RHOST, &remote_host); if (!remote_host) { - (void) pam_get_item(pamh, PAM_TTY, &remote_host); + (void) pam_get_item(pamh, PAM_TTY, &remote_host); if (!remote_host) { - remote_host = "unknown"; - } + remote_host = "unknown"; + } } strncpy(tally.fail_line, remote_host, @@ -1019,14 +1019,14 @@ main( int argc UNUSED, char **argv ) FILE *tfile=fopen(cline_filename, "r"); uid_t uid=0; if (!tfile && cline_reset != 0) { - perror(*argv); - exit(1); + perror(*argv); + exit(1); } for ( ; tfile && !feof(tfile); uid++ ) { if ( !fread(&tally, sizeof(tally), 1, tfile) || !tally.fail_cnt ) { - continue; + continue; } print_one(&tally, uid); } -- cgit v1.2.3 From aff021e14203373248e376b4ca013e58074dc7a9 Mon Sep 17 00:00:00 2001 From: Matveychikov Ilya Date: Tue, 17 Jan 2012 11:16:49 +0400 Subject: Fix compile time errors in --enable-static-modules mode * libpam/pam_static_modules.h (_pam_rhosts_auth_modstruct): Remove obsolete declaration. (static_modules): Remove undefined reference to _pam_rhosts_auth_modstruct. * modules/pam_pwhistory/opasswd.h: Rename {save,check}_old_password to {save,check}_old_pass in order to avoid conflicts with pam_unix. * modules/pam_pwhistory/opasswd.c: Likewise. * modules/pam_pwhistory/pam_pwhistory.c: Likewise. * modules/pam_tally2/pam_tally2.c: Rename _pam_tally_modstruct to _pam_tally2_modstruct. Signed-off-by: Matveychikov Ilya --- modules/pam_tally2/pam_tally2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'modules/pam_tally2/pam_tally2.c') diff --git a/modules/pam_tally2/pam_tally2.c b/modules/pam_tally2/pam_tally2.c index c72d27a0..d3d6779a 100644 --- a/modules/pam_tally2/pam_tally2.c +++ b/modules/pam_tally2/pam_tally2.c @@ -844,7 +844,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED, /* static module data */ -struct pam_module _pam_tally_modstruct = { +struct pam_module _pam_tally2_modstruct = { MODULE_NAME, #ifdef PAM_SM_AUTH pam_sm_authenticate, -- cgit v1.2.3 From 6b2a5b9f5595f39fb919c12c52c7f3c53f33f914 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Thu, 6 Sep 2012 14:58:57 +0200 Subject: pam_selinux, pam_tally2: Add tty and rhost to audit data. modules/pam_selinux/pam_selinux.c (send_audit_message): Obtain tty and rhost from PAM items and pass them to audit. modules/pam_tally2/pam_tally2.c (tally_check): Obtain tty and rhost from PAM items and pass them to audit. (main): Obtain tty name of stdin and pass it to audit. --- modules/pam_tally2/pam_tally2.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'modules/pam_tally2/pam_tally2.c') diff --git a/modules/pam_tally2/pam_tally2.c b/modules/pam_tally2/pam_tally2.c index d3d6779a..09e85855 100644 --- a/modules/pam_tally2/pam_tally2.c +++ b/modules/pam_tally2/pam_tally2.c @@ -509,6 +509,7 @@ tally_check (tally_t oldcnt, time_t oldtime, pam_handle_t *pamh, uid_t uid, #ifdef HAVE_LIBAUDIT char buf[64]; int audit_fd = -1; + const void *rhost = NULL, *tty = NULL; #endif if ((opts->ctrl & OPT_MAGIC_ROOT) && getuid() == 0) { @@ -521,6 +522,8 @@ tally_check (tally_t oldcnt, time_t oldtime, pam_handle_t *pamh, uid_t uid, if ((audit_fd < 0) && !(errno == EINVAL || errno == EPROTONOSUPPORT || errno == EAFNOSUPPORT)) return PAM_SYSTEM_ERR; + (void)pam_get_item(pamh, PAM_TTY, &tty); + (void)pam_get_item(pamh, PAM_RHOST, &rhost); #endif if (opts->deny != 0 && /* deny==0 means no deny */ tally->fail_cnt > opts->deny && /* tally>deny means exceeded */ @@ -530,7 +533,7 @@ tally_check (tally_t oldcnt, time_t oldtime, pam_handle_t *pamh, uid_t uid, /* First say that max number was hit. */ snprintf(buf, sizeof(buf), "pam_tally2 uid=%u ", uid); audit_log_user_message(audit_fd, AUDIT_ANOM_LOGIN_FAILURES, buf, - NULL, NULL, NULL, 1); + rhost, NULL, tty, 1); } #endif if (uid) { @@ -541,7 +544,7 @@ tally_check (tally_t oldcnt, time_t oldtime, pam_handle_t *pamh, uid_t uid, #ifdef HAVE_LIBAUDIT snprintf(buf, sizeof(buf), "pam_tally2 uid=%u ", uid); audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_UNLOCK_TIMED, buf, - NULL, NULL, NULL, 1); + rhost, NULL, tty, 1); #endif rv = PAM_SUCCESS; goto cleanup; @@ -555,7 +558,7 @@ tally_check (tally_t oldcnt, time_t oldtime, pam_handle_t *pamh, uid_t uid, #ifdef HAVE_LIBAUDIT snprintf(buf, sizeof(buf), "pam_tally2 uid=%u ", uid); audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_UNLOCK_TIMED, buf, - NULL, NULL, NULL, 1); + rhost, NULL, tty, 1); #endif rv = PAM_SUCCESS; goto cleanup; @@ -567,7 +570,7 @@ tally_check (tally_t oldcnt, time_t oldtime, pam_handle_t *pamh, uid_t uid, if (tally->fail_cnt == opts->deny+1) { /* First say that max number was hit. */ audit_log_user_message(audit_fd, AUDIT_RESP_ACCT_LOCK, buf, - NULL, NULL, NULL, 1); + rhost, NULL, tty, 1); } #endif @@ -996,7 +999,7 @@ main( int argc UNUSED, char **argv ) int audit_fd = audit_open(); snprintf(buf, sizeof(buf), "pam_tally2 uid=%u reset=%hu", uid, cline_reset); audit_log_user_message(audit_fd, AUDIT_USER_ACCT, - buf, NULL, NULL, NULL, 1); + buf, NULL, NULL, ttyname(STDIN_FILENO), 1); if (audit_fd >=0) close(audit_fd); #endif @@ -1041,7 +1044,7 @@ main( int argc UNUSED, char **argv ) int audit_fd = audit_open(); snprintf(buf, sizeof(buf), "pam_tally2 uid=all reset=0"); audit_log_user_message(audit_fd, AUDIT_USER_ACCT, - buf, NULL, NULL, NULL, 1); + buf, NULL, NULL, ttyname(STDIN_FILENO), 1); if (audit_fd >=0) close(audit_fd); #endif -- cgit v1.2.3