Tags: patch Hi there
I patched pam_access to work without a tty. This patch was taken from http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170467 I couldn't get the actual patch from bugzilla (Access Denied, apparently) but extracted the patch from a fedora core pam srpm and merged it into the current Debian Unstable pam source. - Niall -- Google Ireland Ltd. : Registered in Ireland with company number 368047. Gordon House, Barrow Street, Dublin 4, Ireland.
--- pam_access.c.orig 2004-11-18 13:40:55.000000000 +0000 +++ pam_access.c 2007-04-03 15:33:33.000000000 +0100 @@ -325,7 +325,7 @@ * if it matches the head of the string. */ - if (tok[0] == '@') { /* netgroup */ + if (string != NULL && tok[0] == '@') { /* netgroup */ return (netgroup_match(tok + 1, string, (char *) 0)); } else if (string_match (pamh, tok, string)) /* ALL or exact match */ return YES; @@ -333,6 +333,8 @@ if ((str_len = strlen(string)) > (tok_len = strlen(tok)) && strcasecmp(tok, string + str_len - tok_len) == 0) return (YES); + } else if (string == NULL) { + return (NO); } else if (strcasecmp(tok, "LOCAL") == 0) { /* local: no dots */ if (strchr(string, '.') == 0) return (YES); @@ -384,7 +386,7 @@ if (strcasecmp(tok, "ALL") == 0) { /* all: always matches */ return (YES); - } else if (strcasecmp(tok, string) == 0) { /* try exact match */ + } else if (string != NULL && strcasecmp(tok, string) == 0) { /* try exact match */ return (YES); } return (NO); @@ -430,17 +432,15 @@ || from == NULL) { D(("PAM_TTY not set, probing stdin")); from = ttyname(STDIN_FILENO); - if (from == NULL) { - _log_err("couldn't get the tty name"); - return PAM_ABORT; - } - if (pam_set_item(pamh, PAM_TTY, from) != PAM_SUCCESS) { - _log_err("couldn't set tty name"); - return PAM_ABORT; - } - } + if (from != NULL) { + if (pam_set_item(pamh, PAM_TTY, from) != PAM_SUCCESS) { + _log_err("couldn't set tty name"); + return PAM_ABORT; + } + } + } - if (from[0] == '/') { /* full path */ + if (from != NULL && from[0] == '/') { /* full path */ from++; from = strchr(from, '/'); from++;