source:
branches/2.4/patches/2.4/pam_pbssimpleauth.patch
@
82
Last change on this file since 82 was 33, checked in by bas, 14 years ago | |
---|---|
File size: 3.9 KB |
-
src/pam/pam_pbssimpleauth.c
old new 35 35 #define PAM_SM_AUTH 36 36 #define PAM_SM_ACCOUNT 37 37 38 /* 39 * HVB: add for pam_syslog 40 */ 41 #include <security/pam_ext.h> 42 38 43 #ifdef HAVE_SECURITY_PAM_APPL_H 39 44 #include <security/pam_appl.h> 40 45 #endif … … 76 81 char jobdirpath[PATH_MAX+1]; 77 82 int debug = 0; 78 83 79 openlog(MODNAME, LOG_PID, LOG_USER);80 84 strcpy(jobdirpath, PBS_SERVER_HOME "/mom_priv/jobs"); 81 85 82 86 /* step through arguments */ … … 88 92 else if (!strcmp(*argv, "jobdir")) 89 93 strncpy(jobdirpath, *argv, PATH_MAX); 90 94 else 91 syslog(LOG_ERR, "unknown option: %s", *argv);95 pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv); 92 96 } 93 97 94 if (debug) syslog(LOG_INFO, "opening %s", jobdirpath);98 if (debug) pam_syslog(pamh, LOG_INFO, "opening %s", jobdirpath); 95 99 96 100 if ((jobdir = opendir(jobdirpath)) == NULL) 97 101 { 98 if (debug) syslog(LOG_INFO, "failed to open jobs dir: %s", strerror(errno));102 if (debug) pam_syslog(pamh, LOG_INFO, "failed to open jobs dir: %s", strerror(errno)); 99 103 100 closelog();101 104 102 105 return PAM_IGNORE; 103 106 } … … 108 111 #if defined(PAM_CONV_AGAIN) && defined(PAM_INCOMPLETE) 109 112 if (retval == PAM_CONV_AGAIN) 110 113 { 111 closelog();112 114 return PAM_INCOMPLETE; 113 115 } 114 116 … … 116 118 117 119 if ((retval != PAM_SUCCESS) || !username) 118 120 { 119 syslog(LOG_ERR, "failed to retrieve username"); 120 closelog(); 121 pam_syslog(pamh, LOG_ERR, "failed to retrieve username"); 121 122 return PAM_SERVICE_ERR; 122 123 } 123 124 … … 125 126 126 127 /* no early returns from this point on because we need to free ubuf */ 127 128 128 if (debug) syslog(LOG_INFO, "username %s, %s", username, user_pwd ? "known" : "unknown");129 if (debug) pam_syslog(pamh, LOG_INFO, "username %s, %s", username, user_pwd ? "known" : "unknown"); 129 130 130 131 if (!user_pwd) 131 132 { … … 133 134 } 134 135 else if (user_pwd->pw_uid == 0) 135 136 { 136 if (debug) syslog(LOG_INFO, "allowing uid 0");137 if (debug) pam_syslog(pamh, LOG_INFO, "allowing uid 0"); 137 138 138 139 retval = PAM_SUCCESS; 139 140 } … … 148 149 149 150 snprintf(jobpath, PATH_MAX - 1, "%s/%s", jobdirpath, jdent->d_name); 150 151 151 if (debug) syslog(LOG_INFO, "opening %s", jobpath);152 if (debug) pam_syslog(pamh, LOG_INFO, "opening %s", jobpath); 152 153 153 154 fp = open(jobpath, O_RDONLY, 0); 154 155 155 156 if (fp < 0) 156 157 { 157 syslog(LOG_ERR, "error opening job file");158 pam_syslog(pamh, LOG_ERR, "error opening job file"); 158 159 continue; 159 160 } 160 161 … … 163 164 if (amt != sizeof(xjob.ji_qs)) 164 165 { 165 166 close(fp); 166 syslog(LOG_ERR, "short read of job file");167 pam_syslog(pamh, LOG_ERR, "short read of job file"); 167 168 continue; 168 169 } 169 170 … … 171 172 { 172 173 /* odd, this really should be JOB_UNION_TYPE_MOM */ 173 174 close(fp); 174 syslog(LOG_ERR, "job file corrupt");175 pam_syslog(pamh, LOG_ERR, "job file corrupt"); 175 176 continue; 176 177 } 177 178 178 if (debug) syslog(LOG_INFO, "state=%d, substate=%d", xjob.ji_qs.ji_state, xjob.ji_qs.ji_substate);179 if (debug) pam_syslog(pamh, LOG_INFO, "state=%d, substate=%d", xjob.ji_qs.ji_state, xjob.ji_qs.ji_substate); 179 180 180 181 if ((xjob.ji_qs.ji_un.ji_momt.ji_exuid == user_pwd->pw_uid) && 181 182 ((xjob.ji_qs.ji_substate == JOB_SUBSTATE_PRERUN) || … … 185 186 /* success! */ 186 187 close(fp); 187 188 188 if (debug) syslog(LOG_INFO, "allowed by %s", jdent->d_name);189 if (debug) pam_syslog(pamh, LOG_INFO, "allowed by %s", jdent->d_name); 189 190 190 191 retval = PAM_SUCCESS; 191 192 … … 202 203 if (ubuf) 203 204 free(ubuf); 204 205 205 if (debug) syslog(LOG_INFO, "returning %s", retval == PAM_SUCCESS ? "success" : "failed");206 if (debug) pam_syslog(pamh, LOG_INFO, "returning %s", retval == PAM_SUCCESS ? "success" : "failed"); 206 207 207 closelog();208 208 209 209 return retval; 210 210 }
Note: See TracBrowser
for help on using the repository browser.