diff options
Diffstat (limited to 'source3/pam_smbpass')
| -rw-r--r-- | source3/pam_smbpass/pam_smb_passwd.c | 21 | ||||
| -rw-r--r-- | source3/pam_smbpass/support.c | 42 |
2 files changed, 35 insertions, 28 deletions
diff --git a/source3/pam_smbpass/pam_smb_passwd.c b/source3/pam_smbpass/pam_smb_passwd.c index 9e75efccf4..8fbef1fbf7 100644 --- a/source3/pam_smbpass/pam_smb_passwd.c +++ b/source3/pam_smbpass/pam_smb_passwd.c @@ -295,14 +295,21 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags, retval = smb_update_db(pamh, ctrl, user, pass_new); if (retval == PAM_SUCCESS) { + uid_t uid; + /* password updated */ - _log_err( LOG_NOTICE, "password for (%s/%d) changed by (%s/%d)" - , user, pdb_get_uid(sampass), uidtoname( getuid() ) - , getuid() ); - } else { - _log_err( LOG_ERR, "password change failed for user %s" - , user ); - } + if (!sid_to_uid(sampass, &uid)) { + _log_err( LOG_NOTICE "Unable to get uid for user %s", + pdb_get_username(sampass)); + _log_err( LOG_NOTICE, "password for (%s) changed by (%s/%d)", + user, uidtoname(getuid()), getuid()); + } else { + _log_err( LOG_NOTICE, "password for (%s/%d) changed by (%s/%d)", + user, uid, uidtoname(getuid()), getuid()); + } + } else { + _log_err( LOG_ERR, "password change failed for user %s", user); + } pass_old = pass_new = NULL; if (sampass) { diff --git a/source3/pam_smbpass/support.c b/source3/pam_smbpass/support.c index 11de306d13..61d9c6a8ab 100644 --- a/source3/pam_smbpass/support.c +++ b/source3/pam_smbpass/support.c @@ -339,11 +339,8 @@ int _smb_verify_password( pam_handle_t * pamh, SAM_ACCOUNT *sampass, const char *service; pam_get_item( pamh, PAM_SERVICE, (const void **)&service ); - _log_err( LOG_NOTICE - , "failed auth request by %s for service %s as %s(%d)" - , uidtoname( getuid() ) - , service ? service : "**unknown**", name - , pdb_get_uid(sampass) ); + _log_err( LOG_NOTICE, "failed auth request by %s for service %s as %s", + uidtoname(getuid()), service ? service : "**unknown**", name); return PAM_AUTH_ERR; } } @@ -378,6 +375,7 @@ int _smb_verify_password( pam_handle_t * pamh, SAM_ACCOUNT *sampass, pam_get_item( pamh, PAM_SERVICE, (const void **)&service ); if (data_name != NULL) { + int type; struct _pam_failed_auth *new = NULL; const struct _pam_failed_auth *old = NULL; @@ -397,32 +395,34 @@ int _smb_verify_password( pam_handle_t * pamh, SAM_ACCOUNT *sampass, retval = PAM_MAXTRIES; } } else { - _log_err( LOG_NOTICE - , "failed auth request by %s for service %s as %s(%d)" - , uidtoname( getuid() ) - , service ? service : "**unknown**", name - , pdb_get_uid(sampass) ); + _log_err(LOG_NOTICE, + "failed auth request by %s for service %s as %s", + uidtoname(getuid()), + service ? service : "**unknown**", name); new->count = 1; } + if (!sid_to_uid(pdb_get_user_sid(sampass, &(new->id), &type))) { + _log_err(LOG_NOTICE, + "failed auth request by %s for service %s as %s", + uidtoname(getuid()), + service ? service : "**unknown**", name); + } new->user = smbpXstrDup( name ); - new->id = pdb_get_uid(sampass); new->agent = smbpXstrDup( uidtoname( getuid() ) ); pam_set_data( pamh, data_name, new, _cleanup_failures ); } else { _log_err( LOG_CRIT, "no memory for failure recorder" ); - _log_err( LOG_NOTICE - , "failed auth request by %s for service %s as %s(%d)" - , uidtoname( getuid() ) - , service ? service : "**unknown**", name - , pdb_get_uid(sampass) ); + _log_err(LOG_NOTICE, + "failed auth request by %s for service %s as %s(%d)", + uidtoname(getuid()), + service ? service : "**unknown**", name); } } else { - _log_err( LOG_NOTICE - , "failed auth request by %s for service %s as %s(%d)" - , uidtoname( getuid() ) - , service ? service : "**unknown**", name - , pdb_get_uid(sampass) ); + _log_err(LOG_NOTICE, + "failed auth request by %s for service %s as %s(%d)", + uidtoname(getuid()), + service ? service : "**unknown**", name); retval = PAM_AUTH_ERR; } } |