[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: module writing / compiling problems?



What happens if you change the _pam_log() function to open the "security" log instead of the "PAM-lame" log service? Then use LOG_PID | LOG_NDELAY instead?

Do you get the entries in the logs at that point?

Joe

Jason Gerfen wrote:

Yes, I do have it added to the /etc/pam.d/login file like so:

auth required pam_looser.so

I don't have a test application to test the functionality but if doing a command like so:

%> nm pam_looser.so

It shows that the pam libraries are being utilized... I am fairly new to C and PAM module writting so any tips, if I have over looked something etc. would be greatly appreciated.

I will look into building an app to test with, I am just not sure how...

Joe Lewis wrote:

One more question : Are you running a test application? How about the configuration files? Are you sure the module is even being loaded?

Joe Lewis

Jason Gerfen wrote:

Nope, no errors, nothing... very strange.

Chris Campbell wrote:

What is it doing or not doing? Any error messages in system logs???

----- Original Message -----
From: "Jason Gerfen" <jason gerfen scl utah edu>
To: "Pluggable Authentication Modules" <pam-list redhat com>
Sent: Wednesday, June 09, 2004 5:34 PM
Subject: module writing / compiling problems?




I am doing something wrong as it comes to writting a pam module. If
anyone can tell me what I am doing wrong, it would be greatly appreciated.


This module does one thing, on the pam_sm_authenticate() function it
attempts to call the pam_get_user() function and on success or failure
it logs it to syslog using a _pam_log() function.


Here is the code:  File is named lame.c
[SNIP]
#include <stdio.h>
#include <syslog.h>
#include <stdarg.h>

#define PAM_SM_AUTH

#include <pam_modules.h>

static void _pam_log(int err, const char *format, ...)
{
   va_list  args;

   va_start(args, format);
   openlog("PAM-lame", LOG_CONS | LOG_PID, LOG_AUTHPRIV);
   syslog(err, format, args);
   va_end(args);
   closelog();
}

PAM_EXTERN
int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
           const char **argv)
{
   int retval;
   const char *user;

   if((retval = pam_get_user(pamh, &user, "looser login:") !=
PAM_SUCCESS)) {
   _pam_log(LOG_ERR, "Cannot obtain user name: %s",
        pam_strerror(pamh, retval));
   return(PAM_AUTHINFO_UNAVAIL); }

   if((retval = pam_get_user(pamh, &user, "looser login:") ==
PAM_SUCCESS)) {
       _pam_log(LOG_ERR, "Obtained username: %s",
        pam_strerror(pamh, retval));
       return(PAM_SUCCESS); }

_pam_log(LOG_ERR, "Just checking", pam_strerror(pamh, retval));

return retval;

}

#ifdef PAM_STATIC
struct pam_module _pam_looser_modstruct = {
   "pam_looser",
   pam_sm_authenticate,
   NULL,
   NULL,
   NULL,
   NULL,
   NULL,
};
#endif
[/SNIP]

And I am compiling using a simply Makefile listed below:
[SNIP]
#include <stdio.h>
#include <syslog.h>
#include <stdarg.h>

#define PAM_SM_AUTH

#include <pam_modules.h>

static void _pam_log(int err, const char *format, ...)
{
   va_list  args;

   va_start(args, format);
   openlog("PAM-lame", LOG_CONS | LOG_PID, LOG_AUTHPRIV);
   syslog(err, format, args);
   va_end(args);
   closelog();
}

PAM_EXTERN
int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
           const char **argv)
{
   int retval;
   const char *user;

   if((retval = pam_get_user(pamh, &user, "looser login:") !=
PAM_SUCCESS)) {
   _pam_log(LOG_ERR, "Cannot obtain user name: %s",
        pam_strerror(pamh, retval));
   return(PAM_AUTHINFO_UNAVAIL); }

   if((retval = pam_get_user(pamh, &user, "looser login:") ==
PAM_SUCCESS)) {
       _pam_log(LOG_ERR, "Obtained username: %s",
        pam_strerror(pamh, retval));
       return(PAM_SUCCESS); }

_pam_log(LOG_ERR, "Just checking", pam_strerror(pamh, retval));

return retval;

}

#ifdef PAM_STATIC
struct pam_module _pam_looser_modstruct = {
   "pam_looser",
   pam_sm_authenticate,
   NULL,
   NULL,
   NULL,
   NULL,
   NULL,
};
#endif
[/SNIP]

Any help tips, pointers etc would be greatly appreciated. Also if there



is a "typo" please disregard as on the production box it compiles just fine,
and of couse I do have it added to the /etc/pam.d/login file like so:


auth required pam_looser.so

Thanks in advance,

--
Jason Gerfen

"...Sometimes I just yell at myself. And it
makes me sad, sometimes I make myself cry..."
~ My nephew Dawsyn



_______________________________________________
Pam-list mailing list
Pam-list redhat com
https://www.redhat.com/mailman/listinfo/pam-list












[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]