From f3a166bf9590e7b63af888950eb52223ded5b525 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Wed, 8 Nov 2017 23:58:58 +0000 Subject: pam_tally2 --reset: avoid creating a missing tallylog file There is no need for pam_tally2 in --reset=0 mode to create a missing tallylog file because its absence has the same meaning as its existence with the appropriate entry reset. This was not a big deal until useradd(8) from shadow suite release 4.5 started to invoke /sbin/pam_tally2 --reset routinely regardless of PAM configuration. The positive effect of this change is noticeable when using tools like cpio(1) that cannot archive huge sparse files efficiently. * modules/pam_tally2/pam_tally2.c [MAIN] (main) : Stat cline_filename when cline_reset == 0, exit early if the file is missing. --- modules/pam_tally2/pam_tally2.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'modules/pam_tally2/pam_tally2.c') diff --git a/modules/pam_tally2/pam_tally2.c b/modules/pam_tally2/pam_tally2.c index 9f3bebeb..da1c0481 100644 --- a/modules/pam_tally2/pam_tally2.c +++ b/modules/pam_tally2/pam_tally2.c @@ -959,6 +959,18 @@ main( int argc UNUSED, char **argv ) exit(1); } + if (cline_reset == 0) { + struct stat st; + + if (stat(cline_filename, &st) && errno == ENOENT) { + if (!cline_quiet) { + memset(&tally, 0, sizeof(tally)); + print_one(&tally, uid); + } + return 0; /* no file => nothing to reset */ + } + } + i=get_tally(NULL, uid, cline_filename, &tfile, &tally, 0); if ( i != PAM_SUCCESS ) { if (tfile != -1) -- cgit v1.2.3