aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDuncaen <mail@duncano.de>2016-05-08 19:38:18 +0200
committerDuncaen <mail@duncano.de>2016-05-08 19:38:18 +0200
commitc387f2c31718d4f34c77203dae6bb8c4bc0abc94 (patch)
tree2ccdc043f0194e3502838e981ba89b265609a249
parente246f9e2fee02046072b69a9e8c29767db7f4652 (diff)
downloadopendoas-c387f2c31718d4f34c77203dae6bb8c4bc0abc94.tar.gz
set PAM_USER, PAM_RUSER and PAM_TTY if available
-rw-r--r--doas_pam.c23
1 files changed, 23 insertions, 0 deletions
diff --git a/doas_pam.c b/doas_pam.c
index df6a097..5c6fb28 100644
--- a/doas_pam.c
+++ b/doas_pam.c
@@ -116,6 +116,7 @@ doas_pam(char *name, int interactive, int nopass)
.conv = doas_pam_conv,
.appdata_ptr = NULL,
};
+ const char *ttydev, *tty;
pid_t child;
int ret;
@@ -127,6 +128,28 @@ doas_pam(char *name, int interactive, int nopass)
errx(1, "pam_start(\"%s\", \"%s\", ?, ?): failed\n",
PAM_SERVICE_NAME, name);
+ ret = pam_set_item(pamh, PAM_USER, name);
+ if (ret != PAM_SUCCESS)
+ errx(1, "pam_set_item(?, PAM_USER, \"%s\"): %s\n",
+ name, pam_strerror(pamh, ret));
+
+ ret = pam_set_item(pamh, PAM_RUSER, name);
+ if (ret != PAM_SUCCESS)
+ errx(1, "pam_set_item(?, PAM_RUSER, \"%s\"): %s\n",
+ name, pam_strerror(pamh, ret));
+
+ if (isatty(0) && (ttydev = ttyname(0)) != NULL) {
+ if (strncmp(ttydev, "/dev/", 5))
+ tty = ttydev + 5;
+ else
+ tty = ttydev;
+
+ ret = pam_set_item(pamh, PAM_TTY, tty);
+ if (ret != PAM_SUCCESS)
+ errx(1, "pam_set_item(?, PAM_TTY, \"%s\"): %s\n",
+ tty, pam_strerror(pamh, ret));
+ }
+
if (!nopass) {
if (!interactive)
errx(1, "Authorization required");