[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Linux-PAM and syslog (POSIX) (fwd)



On Fri, 27 Mar 1998, Theodore Y. Ts'o wrote:

> Also, it might be worth considering whether this interface has a general
> applicability beyond pam, in the long term.  It would be very
> interesting if we could get other free OS's, and professional Unix
> systems for that matter, accepting the new API and integrating it into
> their libc's.  :-)

I happen to be not so thrilled about this solution. We are searching to
make Linux-specific hacks into several programs which is in a
contradiction with what _I_'ve learned from the glibc experience. Two
quick examples, hoping you will understand what I am saying, as per Single
Unix Specs:

a. closing a file descriptor twice or doing a close(NULL) is undefined.
glibc is doing a segfault here, and some programs were broken by this. The
fix is trivial in the glibc's close() function, to test for the argument
that is neither null nor invalid. It's a one liner "fix"; yet I don't
agree with this solution because broken programs shouldn't be spared. So,
guess what, someone comed with a xclose() function, best thing since
sliced bread, a function that will be useful to have and be adopted by
every other system around, because that guy happen not to like the
standard and doesn't like fixing programs. So s/close/xclose is easier.

b. same specs don't say anything about calling syslog() after a call to
closelog(). glibc again seems fubared and we come again with some enhanced
functions that will hopefully be adopted by everybody else, because we as
module writers are too proud to do the lgging under application's facility
and name and we want our module to do the logging as 
"pam_whatever[pid]: message" instead of 
"app_name[pid]: pam_whatever: message". For this thing we design another 
interface and go through all the modules implementing this new interface
just as a proof of concept.

This instead of fixing some other problems with doing syslog calls in pam
modules - as for example totally ignoring PAM_SILENT flag in some cases.
Take the samba server: it will test a user password against a group of of
users to find which user's password was entered (some M$ brain dead
protocol will send a password only for auth purposes, you have to figure
out which user have that password). As a result, in some cases the syslog
is flooded with auth failures from pam modules, which are totally bogus,
because samba will syslog some information if it won't be able to figure
out the user name.

Plesae, someone explain to me why we need to call openlog() and closelog()
in the PAM modules. Why can't we simply call syslog and that's it ?

Best wishes,

Cristian
--
----------------------------------------------------------------------
Cristian Gafton   --   gafton@redhat.com   --   Red Hat Software, Inc.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 UNIX is user friendly. It's just selective about who its friends are.





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []