mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 10:07:12 +00:00
Code Issues Releases Wiki Activity

use the appropriate pam_modutil_* wrapper functions if possible

Browse Source
This commit is contained in:
Jesse Michael 2007-03-13 16:29:03 +00:00
parent 30a2252adf
commit 505155a48e
2 changed files with 16 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
changehat/pam_apparmor/pam_apparmor.c
View File

@ -80,13 +80,13 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags,
return PAM_USER_UNKNOWN; return PAM_USER_UNKNOWN;
} }
pw = getpwnam(user); pw = pam_modutil_getpwnam(pamh, user);
if (!pw) { if (!pw) {
pam_syslog(pamh, LOG_ERR, "Can't determine group for user %s\n", user); pam_syslog(pamh, LOG_ERR, "Can't determine group for user %s\n", user);
return PAM_PERM_DENIED; return PAM_PERM_DENIED;
} }
gr = getgrgid(pw->pw_gid); gr = pam_modutil_getgrgid(pamh, pw->pw_gid);
if (!gr || !gr->gr_name) { if (!gr || !gr->gr_name) {
pam_syslog(pamh, LOG_ERR, "Can't read info for group %d\n", pw->pw_gid); pam_syslog(pamh, LOG_ERR, "Can't read info for group %d\n", pw->pw_gid);
return PAM_PERM_DENIED; return PAM_PERM_DENIED;
@ -101,7 +101,9 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags,
/* the magic token needs to be non-zero otherwise, we won't be able /* the magic token needs to be non-zero otherwise, we won't be able
* to probe for hats */ * to probe for hats */
do { do {
retval = read(fd, (void *) &magic_token, sizeof(magic_token)); retval = pam_modutil_read(fd,
(void *)&magic_token,
sizeof(magic_token));
if (retval < 0) { if (retval < 0) {
pam_syslog(pamh, LOG_ERR, "Can't read from /dev/urandom\n"); pam_syslog(pamh, LOG_ERR, "Can't read from /dev/urandom\n");
return PAM_PERM_DENIED; return PAM_PERM_DENIED;

17
changehat/pam_apparmor/pam_apparmor.changes
View File

@ -1,34 +1,39 @@
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Oct 31 12:00:00 UTC 2006 - jmichael@suse Tue Mar 13 10:27:34 PDT 2007 - jmichael@suse.de
- Use pam_modutil_* wrapper functions when possible
-------------------------------------------------------------------
Tue Oct 31 12:00:00 UTC 2006 - jmichael@suse.de
- Add debug option - Add debug option
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Oct 31 12:00:00 UTC 2006 - sbeattie@suse Tue Oct 31 12:00:00 UTC 2006 - sbeattie@suse.de
- Add configuration options to order attempted hat changes - Add configuration options to order attempted hat changes
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Oct 25 12:00:00 UTC 2006 - sbeattie@suse Wed Oct 25 12:00:00 UTC 2006 - sbeattie@suse.de
- remove auto-editing of pam's common-session - remove auto-editing of pam's common-session
- honor RPM's CFLAGS when building - honor RPM's CFLAGS when building
- add license (same as Linux PAM package). - add license (same as Linux PAM package).
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Sep 14 12:00:00 UTC 2006 - jmichael@suse Thu Sep 14 12:00:00 UTC 2006 - jmichael@suse.de
- header comment was incorrect - header comment was incorrect
- use pam_get_user() instead of pam_get_item() - use pam_get_user() instead of pam_get_item()
- fix read from urandom if 0 - fix read from urandom if 0
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Jan 13 12:00:00 UTC 2006 - sbeattie@suse Fri Jan 13 12:00:00 UTC 2006 - sbeattie@suse.de
- Add svn repo number to tarball - Add svn repo number to tarball
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Jan 13 12:00:00 UTC 2006 - jmichael@suse Fri Jan 13 12:00:00 UTC 2006 - jmichael@suse.de
- Make magic tokens harder to guess by pulling them from /dev/urandom - Make magic tokens harder to guess by pulling them from /dev/urandom