Tags: patch
Hi there
I patched pam_access to work without a tty. This patch was taken from
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170467
I couldn't get the actual patch from bugzilla (Access Denied,
apparently) but extracted the patch from a fedora core pam srpm and
merged it into the current Debian Unstable pam source.
- Niall
--
Google Ireland Ltd. : Registered in Ireland with company number 368047.
Gordon House, Barrow Street, Dublin 4, Ireland.
--- pam_access.c.orig 2004-11-18 13:40:55.000000000 +0000
+++ pam_access.c 2007-04-03 15:33:33.000000000 +0100
@@ -325,7 +325,7 @@
* if it matches the head of the string.
*/
- if (tok[0] == '@') { /* netgroup */
+ if (string != NULL && tok[0] == '@') { /* netgroup */
return (netgroup_match(tok + 1, string, (char *) 0));
} else if (string_match (pamh, tok, string)) /* ALL or exact match */
return YES;
@@ -333,6 +333,8 @@
if ((str_len = strlen(string)) > (tok_len = strlen(tok))
&& strcasecmp(tok, string + str_len - tok_len) == 0)
return (YES);
+ } else if (string == NULL) {
+ return (NO);
} else if (strcasecmp(tok, "LOCAL") == 0) { /* local: no dots */
if (strchr(string, '.') == 0)
return (YES);
@@ -384,7 +386,7 @@
if (strcasecmp(tok, "ALL") == 0) { /* all: always matches */
return (YES);
- } else if (strcasecmp(tok, string) == 0) { /* try exact match */
+ } else if (string != NULL && strcasecmp(tok, string) == 0) { /* try exact match */
return (YES);
}
return (NO);
@@ -430,17 +432,15 @@
|| from == NULL) {
D(("PAM_TTY not set, probing stdin"));
from = ttyname(STDIN_FILENO);
- if (from == NULL) {
- _log_err("couldn't get the tty name");
- return PAM_ABORT;
- }
- if (pam_set_item(pamh, PAM_TTY, from) != PAM_SUCCESS) {
- _log_err("couldn't set tty name");
- return PAM_ABORT;
- }
- }
+ if (from != NULL) {
+ if (pam_set_item(pamh, PAM_TTY, from) != PAM_SUCCESS) {
+ _log_err("couldn't set tty name");
+ return PAM_ABORT;
+ }
+ }
+ }
- if (from[0] == '/') { /* full path */
+ if (from != NULL && from[0] == '/') { /* full path */
from++;
from = strchr(from, '/');
from++;
