diff options
author | Björn Jacke <bj@sernet.de> | 2009-05-26 15:40:21 +0200 |
---|---|---|
committer | Björn Jacke <bj@sernet.de> | 2009-05-26 16:23:11 +0200 |
commit | caeae66c5bb3a4a600b5c90be97d98a323d1dc2f (patch) | |
tree | fdff8e7b6a21b09ddb03865eb948cea3e5eafeb0 /source3/pam_smbpass/pam_smb_acct.c | |
parent | 6b7bd3757005286c528d3bb0c6790e0d8651eaaf (diff) | |
download | samba-caeae66c5bb3a4a600b5c90be97d98a323d1dc2f.tar.gz samba-caeae66c5bb3a4a600b5c90be97d98a323d1dc2f.tar.bz2 samba-caeae66c5bb3a4a600b5c90be97d98a323d1dc2f.zip |
s3:pam_smbpass: don't call openlog() or closelog() from pam_smbpass
Patch from Steve Langasek with tiny fixes by me to make it apply to master.
Also see Debian bug #434372 and bugzilla #4831.
Calling openlog() or closelog() inside a pam module is not good as these
functions are not stackable and no program won't re-do openlog() just because a
pam module might have called closelog().
Diffstat (limited to 'source3/pam_smbpass/pam_smb_acct.c')
-rw-r--r-- | source3/pam_smbpass/pam_smb_acct.c | 17 |
1 files changed, 8 insertions, 9 deletions
diff --git a/source3/pam_smbpass/pam_smb_acct.c b/source3/pam_smbpass/pam_smb_acct.c index 2a8bd26597..9ad74788f0 100644 --- a/source3/pam_smbpass/pam_smb_acct.c +++ b/source3/pam_smbpass/pam_smb_acct.c @@ -58,26 +58,25 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, /* Samba initialization. */ load_case_tables(); - setup_logging( "pam_smbpass", False ); lp_set_in_client(True); - ctrl = set_ctrl( flags, argc, argv ); + ctrl = set_ctrl(pamh, flags, argc, argv ); /* get the username */ retval = pam_get_user( pamh, &name, "Username: " ); if (retval != PAM_SUCCESS) { if (on( SMB_DEBUG, ctrl )) { - _log_err( LOG_DEBUG, "acct: could not identify user" ); + _log_err(pamh, LOG_DEBUG, "acct: could not identify user" ); } return retval; } if (on( SMB_DEBUG, ctrl )) { - _log_err( LOG_DEBUG, "acct: username [%s] obtained", name ); + _log_err(pamh, LOG_DEBUG, "acct: username [%s] obtained", name ); } if (geteuid() != 0) { - _log_err( LOG_DEBUG, "Cannot access samba password database, not running as root."); + _log_err(pamh, LOG_DEBUG, "Cannot access samba password database, not running as root."); return PAM_AUTHINFO_UNAVAIL; } @@ -85,7 +84,7 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, from a SIGPIPE it's not expecting */ oldsig_handler = CatchSignal(SIGPIPE, SIGNAL_CAST SIG_IGN); if (!initialize_password_db(True, NULL)) { - _log_err( LOG_ALERT, "Cannot access samba password database" ); + _log_err(pamh, LOG_ALERT, "Cannot access samba password database" ); CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); return PAM_AUTHINFO_UNAVAIL; } @@ -99,7 +98,7 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, } if (!pdb_getsampwnam(sampass, name )) { - _log_err( LOG_DEBUG, "acct: could not identify user" ); + _log_err(pamh, LOG_DEBUG, "acct: could not identify user"); CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); return PAM_USER_UNKNOWN; } @@ -112,8 +111,8 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, if (pdb_get_acct_ctrl(sampass) & ACB_DISABLED) { if (on( SMB_DEBUG, ctrl )) { - _log_err( LOG_DEBUG - , "acct: account %s is administratively disabled", name ); + _log_err(pamh, LOG_DEBUG, + "acct: account %s is administratively disabled", name); } make_remark( pamh, ctrl, PAM_ERROR_MSG , "Your account has been disabled; " |