pam_auth.c revision 1.1
1 1.1 christos #include "cron.h" 2 1.1 christos 3 1.1 christos #ifdef USE_PAM 4 1.1 christos 5 1.1 christos #include <security/pam_appl.h> 6 1.1 christos 7 1.1 christos static pam_handle_t *pamh = NULL; 8 1.1 christos static const struct pam_conv cron_conv = { 0 }; 9 1.1 christos 10 1.1 christos int 11 1.1 christos cron_pam_start (const char *username) 12 1.1 christos { 13 1.1 christos int retval; 14 1.1 christos 15 1.1 christos if (pamh) 16 1.1 christos return 0; 17 1.1 christos 18 1.1 christos retval = pam_start ("cron", username, &cron_conv, &pamh); 19 1.1 christos log_close (); 20 1.1 christos if (retval != PAM_SUCCESS) 21 1.1 christos { 22 1.1 christos pamh = NULL; 23 1.1 christos log_it ("CRON", getpid (), "pam_start failed", 24 1.1 christos pam_strerror (pamh, retval)); 25 1.1 christos return 0; 26 1.1 christos } 27 1.1 christos retval = pam_authenticate (pamh, PAM_SILENT); 28 1.1 christos log_close (); 29 1.1 christos if (retval != PAM_SUCCESS) 30 1.1 christos { 31 1.1 christos log_it ("CRON", getpid (), "pam_authenticate failed", 32 1.1 christos pam_strerror (pamh, retval)); 33 1.1 christos pam_end (pamh, retval); 34 1.1 christos pamh = NULL; 35 1.1 christos return 0; 36 1.1 christos } 37 1.1 christos retval = pam_acct_mgmt (pamh, PAM_SILENT); 38 1.1 christos log_close (); 39 1.1 christos if (retval != PAM_SUCCESS) 40 1.1 christos { 41 1.1 christos log_it ("CRON", getpid (), "pam_acct_mgmt failed", 42 1.1 christos pam_strerror (pamh, retval)); 43 1.1 christos pam_end (pamh, retval); 44 1.1 christos pamh = NULL; 45 1.1 christos return 0; 46 1.1 christos } 47 1.1 christos retval = pam_open_session (pamh, PAM_SILENT); 48 1.1 christos log_close (); 49 1.1 christos if (retval != PAM_SUCCESS) 50 1.1 christos { 51 1.1 christos log_it ("CRON", getpid (), "pam_open_session failed", 52 1.1 christos pam_strerror (pamh, retval)); 53 1.1 christos pam_end (pamh, retval); 54 1.1 christos pamh = NULL; 55 1.1 christos return 0; 56 1.1 christos } 57 1.1 christos 58 1.1 christos return 1; 59 1.1 christos } 60 1.1 christos 61 1.1 christos int 62 1.1 christos cron_pam_setcred (void) 63 1.1 christos { 64 1.1 christos int retval; 65 1.1 christos 66 1.1 christos if (!pamh) 67 1.1 christos return 0; 68 1.1 christos 69 1.1 christos retval = pam_setcred (pamh, PAM_ESTABLISH_CRED | PAM_SILENT); 70 1.1 christos log_close (); 71 1.1 christos if (retval != PAM_SUCCESS) 72 1.1 christos { 73 1.1 christos log_it ("CRON", getpid (), "pam_setcred failed", 74 1.1 christos pam_strerror (pamh, retval)); 75 1.1 christos pam_end (pamh, retval); 76 1.1 christos pamh = NULL; 77 1.1 christos log_close (); 78 1.1 christos return 0; 79 1.1 christos } 80 1.1 christos 81 1.1 christos return 1; 82 1.1 christos } 83 1.1 christos 84 1.1 christos void 85 1.1 christos cron_pam_finish (void) 86 1.1 christos { 87 1.1 christos if (!pamh) 88 1.1 christos return; 89 1.1 christos 90 1.1 christos pam_close_session (pamh, 0); 91 1.1 christos pam_end (pamh, 0); 92 1.1 christos pamh = NULL; 93 1.1 christos log_close (); 94 1.1 christos } 95 1.1 christos 96 1.1 christos #ifndef PAM_DATA_SILENT 97 1.1 christos #define PAM_DATA_SILENT 0 98 1.1 christos #endif 99 1.1 christos 100 1.1 christos void 101 1.1 christos cron_pam_child_close (void) 102 1.1 christos { 103 1.1 christos pam_end (pamh, PAM_DATA_SILENT); 104 1.1 christos pamh = NULL; 105 1.1 christos log_close (); 106 1.1 christos } 107 1.1 christos 108 1.1 christos char ** 109 1.1 christos cron_pam_getenvlist (char **envp) 110 1.1 christos { 111 1.1 christos if (!pamh || !envp) 112 1.1 christos return 0; 113 1.1 christos 114 1.1 christos for (; *envp; ++envp) 115 1.1 christos if (pam_putenv (pamh, *envp) != PAM_SUCCESS) 116 1.1 christos return 0; 117 1.1 christos 118 1.1 christos return pam_getenvlist (pamh); 119 1.1 christos } 120 1.1 christos 121 1.1 christos #endif /* USE_PAM */ 122
Indexes created Tue May 19 00:24:48 UTC 2026