auth: fix PAM password chatter and add PAM config file

Change-Id: I7238a4db2c32448eb40a76fbc5c79b5486f04f28

diff --git a/data/tlm-login b/data/tlm-login
new file mode 100644 (file)
index 0000000..c921924
--- /dev/null
+++ b/data/tlm-login
@@ -0,0 +1,13 @@
+#%PAM-1.0
+auth            requisite       pam_nologin.so
+auth            [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so
+auth            include         system-auth
+account         required        pam_nologin.so
+account         include         system-auth
+password        include         system-auth
+
+session         include         system-auth
+session         required        pam_systemd.so
+session         required        pam_loginuid.so
+session         required        pam_namespace.so
+session         optional        pam_keyinit.so force revoke

diff --git a/packaging/tlm.changes b/packaging/tlm.changes
index af51dbb..4e7826d 100644 (file)
--- a/packaging/tlm.changes
+++ b/packaging/tlm.changes
@@ -1,3 +1,7 @@
+* Mon May 5 2014 Jussi Laako <jussi.laako@linux.intel.com>
+- Add PAM configuration file
+- Fix omitted password PAM chatter
+
 * Wed Apr 30 2014 Jussi Laako <jussi.laako@linux.intel.com>
 - Update default configurations
 

diff --git a/packaging/tlm.spec b/packaging/tlm.spec
index 1b9785b..4821881 100644 (file)
--- a/packaging/tlm.spec
+++ b/packaging/tlm.spec
@@ -5,7 +5,7 @@
 Name: tlm
 Summary: Login manager for Tizen
 Version: 0.0.2
-Release: 3
+Release: 4
 Group: System/Service
 License: LGPL-2.1+
 Source: %{name}-%{version}.tar.gz
@@ -64,6 +64,8 @@ rm -rf %{buildroot}
 %make_install
 install -m 755 -d %{buildroot}%{_libdir}/systemd/system
 install -m 644 data/tlm.service %{buildroot}%{_libdir}/systemd/system/
+install -m 755 -d %{buildroot}%{_sysconfdir}/pam.d
+install -m 644 data/tlm-login %{buildroot}%{_sysconfdir}/pam.d/
 cp -a %{SOURCE1001} %{buildroot}%{_datadir}/%{name}.manifest
 
 
@@ -83,6 +85,7 @@ cp -a %{SOURCE1001} %{buildroot}%{_datadir}/%{name}.manifest
 %{_libdir}/%{name}/plugins/*.so*
 %{_libdir}/systemd/system/tlm.service
 %config(noreplace) %{_sysconfdir}/tlm.conf
+%config %{_sysconfdir}/pam.d/tlm-login
 
 
 %files devel

diff --git a/src/daemon/tlm-auth-session.c b/src/daemon/tlm-auth-session.c
index efa11a7..dc92f37 100644 (file)
--- a/src/daemon/tlm-auth-session.c
+++ b/src/daemon/tlm-auth-session.c
@@ -295,20 +295,23 @@ _auth_session_pam_conversation_cb (int n_msgs,
         struct pam_response *resp = *resps + i;
         const char *login_prompt = "login";
         const char *pwd_prompt = "Password";
+        const char *luname = auth_session->priv->username ?
+            auth_session->priv->username : "";
+        const char *lpasswd = auth_session->priv->password ?
+            auth_session->priv->password : "";
 
         DBG (" message string : '%s'", msg->msg);
         if (resp) {
             if (msg->msg_style == PAM_PROMPT_ECHO_ON &&
                     strncmp(msg->msg, login_prompt, strlen(login_prompt)) == 0) {
                 DBG ("  login prompt");
-                resp->resp = strndup (auth_session->priv->username,
-                        PAM_MAX_RESP_SIZE - 1);
+                resp->resp = strndup (luname, PAM_MAX_RESP_SIZE - 1);
                 if (resp->resp) resp->resp[PAM_MAX_RESP_SIZE - 1] = '\0';
             }
             else if (msg->msg_style == PAM_PROMPT_ECHO_OFF &&
                     strncmp(msg->msg, pwd_prompt, strlen(pwd_prompt)) == 0) {
                 DBG ("  password prompt");
-                resp->resp = strndup ("", PAM_MAX_RESP_SIZE - 1);
+                resp->resp = strndup (lpasswd, PAM_MAX_RESP_SIZE - 1);
                 if (resp->resp) resp->resp[PAM_MAX_RESP_SIZE - 1] = '\0';
             }
             else {