8952f5370e
Add /usr/etc/pam.d directory and read from it. OBS-URL: https://build.opensuse.org/request/show/725009 OBS-URL: https://build.opensuse.org/package/show/Linux-PAM/pam?expand=0&rev=192
82 lines
2.7 KiB
Diff
82 lines
2.7 KiB
Diff
--- doc/man/pam.8.xml
|
|
+++ doc/man/pam.8.xml 2019/08/16 13:37:44
|
|
@@ -53,11 +53,13 @@
|
|
|
|
<para>
|
|
Vendor-supplied PAM configuration files might be installed in
|
|
- the system directory <filename>/usr/lib/pam.d/</filename> instead
|
|
+ the system directory <filename>/usr/lib/pam.d/</filename> or
|
|
+ <filename>/usr/etc/pam.d/</filename> instead
|
|
of the machine configuration directory <filename>/etc/pam.d/</filename>.
|
|
If no machine configuration file is found, the vendor-supplied file
|
|
is used. All files in <filename>/etc/pam.d/</filename> override
|
|
- files with the same name in <filename>/usr/lib/pam.d/</filename>.
|
|
+ files with the same name in <filename>/usr/lib/pam.d/</filename>,
|
|
+ which override files with the same name in <filename>/usr/etc/pam.d/</filename>.
|
|
</para>
|
|
|
|
<para>From the point of view of the system administrator, for whom this
|
|
@@ -157,6 +159,16 @@
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
+ <term><filename>/usr/etc/pam.d</filename></term>
|
|
+ <listitem>
|
|
+ <para>
|
|
+ the <emphasis remap='B'>Linux-PAM</emphasis> vendor configuration
|
|
+ directory. Files in <filename>/etc/pam.d</filename> and
|
|
+ <filename>/usr/lib/pam.d</filename> override files with the same
|
|
+ name in this directory.
|
|
+ </para>
|
|
+ </listitem>
|
|
+ </varlistentry>
|
|
</variablelist>
|
|
</refsect1>
|
|
|
|
--- libpam/pam_handlers.c
|
|
+++ libpam/pam_handlers.c 2019/08/16 13:35:31
|
|
@@ -329,6 +329,21 @@
|
|
*file = f;
|
|
return PAM_SUCCESS;
|
|
}
|
|
+
|
|
+ /* System Configuration /usr/etc/pam.d/ */
|
|
+ _pam_drop(p);
|
|
+ if (asprintf (&p, PAM_CONFIG_DIST2_DF, service) < 0) {
|
|
+ pam_syslog(pamh, LOG_CRIT, "asprintf failed");
|
|
+ return PAM_BUF_ERR;
|
|
+ }
|
|
+ D(("opening %s", p));
|
|
+ f = fopen(p, "r");
|
|
+ if (f != NULL) {
|
|
+ *path = p;
|
|
+ *file = f;
|
|
+ return PAM_SUCCESS;
|
|
+ }
|
|
+
|
|
_pam_drop(p);
|
|
|
|
return PAM_ABORT;
|
|
@@ -447,7 +462,8 @@
|
|
|
|
/* Is there a PAM_CONFIG_D directory? */
|
|
if ((stat(PAM_CONFIG_D, &test_d) == 0 && S_ISDIR(test_d.st_mode)) ||
|
|
- (stat(PAM_CONFIG_DIST_D, &test_d) == 0 && S_ISDIR(test_d.st_mode))) {
|
|
+ (stat(PAM_CONFIG_DIST_D, &test_d) == 0 && S_ISDIR(test_d.st_mode)) ||
|
|
+ (stat(PAM_CONFIG_DIST2_D, &test_d) == 0 && S_ISDIR(test_d.st_mode))) {
|
|
char *path = NULL;
|
|
int read_something=0;
|
|
|
|
--- libpam/pam_private.h
|
|
+++ libpam/pam_private.h 2019/08/16 13:33:04
|
|
@@ -29,6 +29,9 @@
|
|
#define PAM_CONFIG_DF "/etc/pam.d/%s"
|
|
#define PAM_CONFIG_DIST_D "/usr/lib/pam.d"
|
|
#define PAM_CONFIG_DIST_DF "/usr/lib/pam.d/%s"
|
|
+#define PAM_CONFIG_DIST2_D "/usr/etc/pam.d"
|
|
+#define PAM_CONFIG_DIST2_DF "/usr/etc/pam.d/%s"
|
|
+
|
|
|
|
#define PAM_DEFAULT_SERVICE "other" /* lower case */
|
|
|