From dc72779317d22078d06e269ea279915152447d7e Mon Sep 17 00:00:00 2001 From: Jussi Laako Date: Mon, 5 May 2014 16:48:31 +0300 Subject: [PATCH] auth: fix PAM password chatter and add PAM config file Change-Id: I7238a4db2c32448eb40a76fbc5c79b5486f04f28 --- data/tlm-login | 13 +++++++++++++ packaging/tlm.changes | 4 ++++ packaging/tlm.spec | 5 ++++- src/daemon/tlm-auth-session.c | 9 ++++++--- 4 files changed, 27 insertions(+), 4 deletions(-) create mode 100644 data/tlm-login diff --git a/data/tlm-login b/data/tlm-login new file mode 100644 index 0000000..c921924 --- /dev/null +++ b/data/tlm-login @@ -0,0 +1,13 @@ +#%PAM-1.0 +auth requisite pam_nologin.so +auth [user_unknown=ignore success=ok ignore=ignore default=bad] pam_securetty.so +auth include system-auth +account required pam_nologin.so +account include system-auth +password include system-auth + +session include system-auth +session required pam_systemd.so +session required pam_loginuid.so +session required pam_namespace.so +session optional pam_keyinit.so force revoke diff --git a/packaging/tlm.changes b/packaging/tlm.changes index af51dbb..4e7826d 100644 --- a/packaging/tlm.changes +++ b/packaging/tlm.changes @@ -1,3 +1,7 @@ +* Mon May 5 2014 Jussi Laako +- Add PAM configuration file +- Fix omitted password PAM chatter + * Wed Apr 30 2014 Jussi Laako - Update default configurations diff --git a/packaging/tlm.spec b/packaging/tlm.spec index 1b9785b..4821881 100644 --- a/packaging/tlm.spec +++ b/packaging/tlm.spec @@ -5,7 +5,7 @@ Name: tlm Summary: Login manager for Tizen Version: 0.0.2 -Release: 3 +Release: 4 Group: System/Service License: LGPL-2.1+ Source: %{name}-%{version}.tar.gz @@ -64,6 +64,8 @@ rm -rf %{buildroot} %make_install install -m 755 -d %{buildroot}%{_libdir}/systemd/system install -m 644 data/tlm.service %{buildroot}%{_libdir}/systemd/system/ +install -m 755 -d %{buildroot}%{_sysconfdir}/pam.d +install -m 644 data/tlm-login %{buildroot}%{_sysconfdir}/pam.d/ cp -a %{SOURCE1001} %{buildroot}%{_datadir}/%{name}.manifest @@ -83,6 +85,7 @@ cp -a %{SOURCE1001} %{buildroot}%{_datadir}/%{name}.manifest %{_libdir}/%{name}/plugins/*.so* %{_libdir}/systemd/system/tlm.service %config(noreplace) %{_sysconfdir}/tlm.conf +%config %{_sysconfdir}/pam.d/tlm-login %files devel diff --git a/src/daemon/tlm-auth-session.c b/src/daemon/tlm-auth-session.c index efa11a7..dc92f37 100644 --- a/src/daemon/tlm-auth-session.c +++ b/src/daemon/tlm-auth-session.c @@ -295,20 +295,23 @@ _auth_session_pam_conversation_cb (int n_msgs, struct pam_response *resp = *resps + i; const char *login_prompt = "login"; const char *pwd_prompt = "Password"; + const char *luname = auth_session->priv->username ? + auth_session->priv->username : ""; + const char *lpasswd = auth_session->priv->password ? + auth_session->priv->password : ""; DBG (" message string : '%s'", msg->msg); if (resp) { if (msg->msg_style == PAM_PROMPT_ECHO_ON && strncmp(msg->msg, login_prompt, strlen(login_prompt)) == 0) { DBG (" login prompt"); - resp->resp = strndup (auth_session->priv->username, - PAM_MAX_RESP_SIZE - 1); + resp->resp = strndup (luname, PAM_MAX_RESP_SIZE - 1); if (resp->resp) resp->resp[PAM_MAX_RESP_SIZE - 1] = '\0'; } else if (msg->msg_style == PAM_PROMPT_ECHO_OFF && strncmp(msg->msg, pwd_prompt, strlen(pwd_prompt)) == 0) { DBG (" password prompt"); - resp->resp = strndup ("", PAM_MAX_RESP_SIZE - 1); + resp->resp = strndup (lpasswd, PAM_MAX_RESP_SIZE - 1); if (resp->resp) resp->resp[PAM_MAX_RESP_SIZE - 1] = '\0'; } else { -- 2.7.4