pam_group and user matching
Thorsten Kukuk
kukuk at suse.de
Fri Sep 28 14:03:35 UTC 2007
On Fri, Sep 28, Thorsten Kukuk wrote:
> On Fri, Sep 28, Matthieu CASTET wrote:
>
> > Hi,
> >
> >
> > we are trying to use pam_group to add group to some users with PAM 0_99_7_1.
> >
> > According to the documentation, if I want add the floppy group to the user "us",
> > we need to add to group.conf :
> > "xsh;tty*&!ttyp*;us;Al0000-2400;floppy".
> >
> > But when we add this line all the "us*" user gets the floppy group.
>
> I can reproduce that ...
>
> > Is that the expected behavior ?
>
> I don't think so.
>
> > Is there a way to fix that ?
>
> Yes, look at the code (that's the advantage of open source)
> and submit a patch ;-)
Quick hack (nearly untested):
diff -u -r1.22 pam_group.c
--- modules/pam_group/pam_group.c 16 Jun 2006 06:35:16 -0000 1.22
+++ modules/pam_group/pam_group.c 28 Sep 2007 13:58:42 -0000
@@ -329,6 +329,13 @@
return FALSE;
}
}
+
+ /* Ok, we know that b is a substring from A and does not contain
+ wildcards, but now the length of both strings must be the same,
+ too. */
+ if (strlen (a) != strlen(b))
+ return FALSE;
+
return ( !len );
}
--
Thorsten Kukuk, Project Manager/Release Manager SLES
SUSE LINUX Products GmbH, Maxfeldstr. 5, D-90409 Nuernberg
GF: Markus Rex, HRB 16746 (AG Nuernberg)
More information about the Pam-list
mailing list