The branch, master has been updated via 164d598 tests: Define PATH_MAX for Hurd. via 9023c89 doc/pam_matrix.8: Fix typo 'allows to'. via 7bd24b0 die quickly upon mkdir failure from b223df9 Bump version to 1.1.5
https://git.samba.org/?p=pam_wrapper.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 164d598f34da901cb9eb4fd164475ed38715341a Author: Simon Josefsson <si...@josefsson.org> Date: Tue Aug 22 08:53:30 2023 +0200 tests: Define PATH_MAX for Hurd. Signed-off-by: Simon Josefsson <si...@josefsson.org> Reviewed-by: Andreas Schneider <a...@cryptomilk.org> Reviewed-by: Pavel Filipenský <pfilipen...@samba.org> commit 9023c89459d3ad1fe28d211a0da6b69e6f3f7d64 Author: Simon Josefsson <si...@josefsson.org> Date: Fri Aug 18 11:25:54 2023 +0200 doc/pam_matrix.8: Fix typo 'allows to'. Signed-off-by: Simon Josefsson <si...@josefsson.org> Reviewed-by: Andreas Schneider <a...@cryptomilk.org> Reviewed-by: Pavel Filipenský <pfilipen...@samba.org> commit 7bd24b0e54995da5f333575f97c9f1fa796fe0f1 Author: Jan Kundrát <jan.kund...@cesnet.cz> Date: Mon Nov 6 18:34:58 2023 +0100 die quickly upon mkdir failure We just had this failure in our CI system that's currently running just three PAM-wrapped tests in parallel. Since this is a classic TOCTOU race (albeit in a test code, and therefore with little to no security implications), the `mkdir` can fail, and when that happens it's much better to just die quickly rather than continuing as if nothing happened. Signed-off-by: Jan Kundrát <jan.kund...@cesnet.cz> Reviewed-by: Pavel Filipenský <pfilipen...@samba.org> Reviewed-by: Andreas Schneider <a...@cryptomilk.org> ----------------------------------------------------------------------- Summary of changes: doc/pam_matrix.8 | 2 +- doc/pam_matrix.8.txt | 2 +- src/modules/pam_matrix.c | 4 ++++ src/pam_wrapper.c | 2 ++ 4 files changed, 8 insertions(+), 2 deletions(-) Changeset truncated at 500 lines: diff --git a/doc/pam_matrix.8 b/doc/pam_matrix.8 index 80d5190..23ba1fa 100644 --- a/doc/pam_matrix.8 +++ b/doc/pam_matrix.8 @@ -34,7 +34,7 @@ pam_matrix \- A PAM test module to retrieve module\-specific PAM items pam_matrix\&.so [\&...] .SH "DESCRIPTION" .sp -Testing PAM application often requires to set up an authentication backend with as little effort as possible\&. The \fBpam_matrix\fR module allows to authenticate against a key\-value text file, provided by an option or with an environment variable\&. +Testing PAM application often requires to set up an authentication backend with as little effort as possible\&. The \fBpam_matrix\fR module allows one to authenticate against a key\-value text file, provided by an option or with an environment variable\&. .SH "IMPORTANT" .sp pam_matrix is a \fBtest tool\fR\&. It should be considered completely insecure and never used outside test environments! As you\(cqll see when reading description of the options and actions, many of them don\(cqt make any sense in the real world and were added just to make tests possible\&. diff --git a/doc/pam_matrix.8.txt b/doc/pam_matrix.8.txt index fb54f05..b15b11a 100644 --- a/doc/pam_matrix.8.txt +++ b/doc/pam_matrix.8.txt @@ -14,7 +14,7 @@ pam_matrix.so [...] DESCRIPTION ----------- Testing PAM application often requires to set up an authentication backend with -as little effort as possible. The *pam_matrix* module allows to authenticate +as little effort as possible. The *pam_matrix* module allows one to authenticate against a key-value text file, provided by an option or with an environment variable. diff --git a/src/modules/pam_matrix.c b/src/modules/pam_matrix.c index 6fb6a2f..cc6fbf3 100644 --- a/src/modules/pam_matrix.c +++ b/src/modules/pam_matrix.c @@ -33,6 +33,10 @@ #include <time.h> #include <stdint.h> +#ifndef PATH_MAX +#define PATH_MAX 4096 +#endif + #ifndef discard_const #define discard_const(ptr) ((void *)((uintptr_t)(ptr))) #endif diff --git a/src/pam_wrapper.c b/src/pam_wrapper.c index da2c738..66673f0 100644 --- a/src/pam_wrapper.c +++ b/src/pam_wrapper.c @@ -893,6 +893,7 @@ static void pwrap_init(void) PWRAP_LOG(PWRAP_LOG_ERROR, "Failed to create pam_wrapper config dir: %s - %s", tmp_config_dir, strerror(errno)); + exit(1); } /* Create file with the PID of the the process */ @@ -1121,6 +1122,7 @@ static void pwrap_init(void) PWRAP_LOG(PWRAP_LOG_ERROR, "Failed to create pam_wrapper config dir: %s - %s", tmp_config_dir, strerror(errno)); + exit(1); } /* Create file with the PID of the the process */ -- pam wrapper repository