1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
/* pam_warn module */
/*
* $Id$
*
* Written by Andrew Morgan <morgan@linux.kernel.org> 1996/3/11
*/
#include "config.h"
#include <stdio.h>
#include <unistd.h>
#include <syslog.h>
#include <stdarg.h>
/*
* here, we make a definition for the externally accessible function
* in this file (this definition is required for static a module
* but strongly encouraged generally) it is used to instruct the
* modules include file to define the function prototypes.
*/
#define PAM_SM_AUTH
#define PAM_SM_PASSWORD
#include <security/pam_modules.h>
#include <security/pam_ext.h>
/* some syslogging */
#define OBTAIN(item, value, default_value) do { \
(void) pam_get_item(pamh, item, &value); \
value = value ? value : default_value ; \
} while (0)
static void log_items(pam_handle_t *pamh, const char *function, int flags)
{
const void *service=NULL, *user=NULL, *terminal=NULL,
*rhost=NULL, *ruser=NULL;
OBTAIN(PAM_SERVICE, service, "<unknown>");
OBTAIN(PAM_TTY, terminal, "<unknown>");
OBTAIN(PAM_USER, user, "<unknown>");
OBTAIN(PAM_RUSER, ruser, "<unknown>");
OBTAIN(PAM_RHOST, rhost, "<unknown>");
pam_syslog(pamh, LOG_NOTICE,
"function=[%s] flags=%#x service=[%s] terminal=[%s] user=[%s]"
" ruser=[%s] rhost=[%s]\n", function, flags,
(const char *) service, (const char *) terminal,
(const char *) user, (const char *) ruser,
(const char *) rhost);
}
/* --- authentication management functions (only) --- */
int pam_sm_authenticate(pam_handle_t *pamh, int flags,
int argc UNUSED, const char **argv UNUSED)
{
log_items(pamh, __FUNCTION__, flags);
return PAM_IGNORE;
}
int pam_sm_setcred(pam_handle_t *pamh, int flags,
int argc UNUSED, const char **argv UNUSED)
{
log_items(pamh, __FUNCTION__, flags);
return PAM_IGNORE;
}
/* password updating functions */
int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
int argc UNUSED, const char **argv UNUSED)
{
log_items(pamh, __FUNCTION__, flags);
return PAM_IGNORE;
}
int
pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
int argc UNUSED, const char **argv UNUSED)
{
log_items(pamh, __FUNCTION__, flags);
return PAM_IGNORE;
}
int
pam_sm_open_session(pam_handle_t *pamh, int flags,
int argc UNUSED, const char **argv UNUSED)
{
log_items(pamh, __FUNCTION__, flags);
return PAM_IGNORE;
}
int
pam_sm_close_session(pam_handle_t *pamh, int flags,
int argc UNUSED, const char **argv UNUSED)
{
log_items(pamh, __FUNCTION__, flags);
return PAM_IGNORE;
}
/* end of module definition */
|
