summaryrefslogtreecommitdiffstats
path: root/lib/libpam/modules/pam_securetty/pam_securetty.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libpam/modules/pam_securetty/pam_securetty.c')
-rw-r--r--lib/libpam/modules/pam_securetty/pam_securetty.c43
1 files changed, 25 insertions, 18 deletions
diff --git a/lib/libpam/modules/pam_securetty/pam_securetty.c b/lib/libpam/modules/pam_securetty/pam_securetty.c
index fe04b3c..aecabce 100644
--- a/lib/libpam/modules/pam_securetty/pam_securetty.c
+++ b/lib/libpam/modules/pam_securetty/pam_securetty.c
@@ -41,42 +41,51 @@
PAM_EXTERN int
pam_sm_authenticate(pam_handle_t * pamh, int flags, int argc, const char **argv)
{
- struct ttyent *ttyfileinfo;
- struct passwd *user_pwd;
- int i, options, retval;
- const char *username, *ttyname;
+ struct options options;
+ struct ttyent *ttyfileinfo;
+ struct passwd *user_pwd;
+ int retval;
+ const char *user, *ttyname;
- options = 0;
- for (i = 0; i < argc; i++)
- pam_std_option(&options, argv[i]);
+ pam_std_option(&options, NULL, argc, argv);
- retval = pam_get_user(pamh, &username, NULL);
+ PAM_LOG("Options processed");
+
+ retval = pam_get_user(pamh, &user, NULL);
if (retval != PAM_SUCCESS)
- return retval;
+ PAM_RETURN(retval);
+
+ PAM_LOG("Got user: %s", user);
retval = pam_get_item(pamh, PAM_TTY, (const void **)&ttyname);
if (retval != PAM_SUCCESS)
- return retval;
+ PAM_RETURN(retval);
+
+ PAM_LOG("Got TTY: %s", ttyname);
/* Ignore any "/dev/" on the PAM_TTY item */
if (strncmp(TTY_PREFIX, ttyname, sizeof(TTY_PREFIX) - 1) == 0)
ttyname += sizeof(TTY_PREFIX) - 1;
/* If the user is not root, secure ttys do not apply */
- user_pwd = getpwnam(username);
+ user_pwd = getpwnam(user);
if (user_pwd == NULL)
- return PAM_IGNORE;
+ PAM_RETURN(PAM_IGNORE);
else if (user_pwd->pw_uid != 0)
- return PAM_SUCCESS;
+ PAM_RETURN(PAM_SUCCESS);
+
+ PAM_LOG("User is not root");
ttyfileinfo = getttynam(ttyname);
if (ttyfileinfo == NULL)
- return PAM_SERVICE_ERR;
+ PAM_RETURN(PAM_SERVICE_ERR);
+
+ PAM_LOG("Got ttyfileinfo");
if (ttyfileinfo->ty_status & TTY_SECURE)
- return PAM_SUCCESS;
+ PAM_RETURN(PAM_SUCCESS);
else
- return PAM_PERM_DENIED;
+ PAM_RETURN(PAM_PERM_DENIED);
}
PAM_EXTERN
@@ -86,6 +95,4 @@ pam_sm_setcred(pam_handle_t * pamh, int flags, int argc, const char **argv)
return PAM_SUCCESS;
}
-/* end of module definition */
-
PAM_MODULE_ENTRY("pam_securetty");
OpenPOWER on IntegriCloud