PAM, first look
I just gave a shot to compiling PAM for Hurd. It actually went quite
smoothly. It builds (well, cross-builds actually) after some light patching
without major problems. However when I try to build it natively from Hurd, I
get all sorts of weirdness. First suddenly the order of making the `modules'
subdirectory and `libpam_misc' has to be reversed in the Makefile for the
build to continue. Later on in the build several scripts use `ldd' on shared
object files which are linked to other .so files, which are *not* in /lib (and
shouldn't be there util the package is actually installed). I tried setting
LD_LIBRARY_PATH to the appropriate values, but that had no effect. `ldd' not
only reported those libs as missing, but that was the only thing it reported.
The linux ldd in this case lists all the dynamically linked .so files and
singles out the ones that are on found in the libs path. Is this acceptable
behavior or should `ldd' be modified?
The patch attached can be simply put in the `debian/patches' directory after
uncompressing the source package.
Igor
diff -ru Linux-PAM-0.72.orig/modules/pam_filter/pam_filter.c Linux-PAM-0.72/modules/pam_filter/pam_filter.c
--- Linux-PAM-0.72.orig/modules/pam_filter/pam_filter.c Tue Oct 24 23:23:01 2000
+++ Linux-PAM-0.72/modules/pam_filter/pam_filter.c Tue Oct 24 23:28:23 2000
@@ -19,7 +19,11 @@
#include <sys/stat.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
+#ifndef __GNU__ /* Hurd only uses <termios.h> */
#include <termio.h>
+#else
+#include <termios.h>
+#endif
#include <signal.h>
@@ -276,7 +280,7 @@
{
int status=-1;
char terminal[TERMINAL_LEN];
- struct termio stored_mode; /* initial terminal mode settings */
+ struct termios stored_mode; /* initial terminal mode settings */
int fd[2], child=0, child2=0, aterminal;
if (filtername == NULL || *filtername != '/') {
@@ -305,13 +309,13 @@
/* this is termio terminal handling... */
- if (ioctl(STDIN_FILENO, TCGETA, (char *) &stored_mode ) < 0) {
+ if (ioctl(STDIN_FILENO, TIOCGETA, (char *) &stored_mode ) < 0) {
/* in trouble, so close down */
close(fd[0]);
_pam_log(LOG_CRIT, "couldn't copy terminal mode");
return PAM_ABORT;
} else {
- struct termio t_mode = stored_mode;
+ struct termios t_mode = stored_mode;
t_mode.c_iflag = 0; /* no input control */
t_mode.c_oflag &= ~OPOST; /* no ouput post processing */
@@ -324,7 +328,7 @@
t_mode.c_cc[VMIN] = 1; /* number of chars to satisfy a read */
t_mode.c_cc[VTIME] = 0; /* 0/10th second for chars */
- if (ioctl(STDIN_FILENO, TCSETA, (char *) &t_mode) < 0) {
+ if (ioctl(STDIN_FILENO, TIOCSETA, (char *) &t_mode) < 0) {
close(fd[0]);
_pam_log(LOG_WARNING, "couldn't put terminal in RAW mode");
return PAM_ABORT;
@@ -354,7 +358,7 @@
_pam_log(LOG_WARNING,"first fork failed");
if (aterminal) {
- (void) ioctl(STDIN_FILENO, TCSETA, (char *) &stored_mode);
+ (void) ioctl(STDIN_FILENO, TIOCSETA, (char *) &stored_mode);
}
return PAM_AUTH_ERR;
@@ -396,7 +400,7 @@
/* initialize the child's terminal to be the way the
parent's was before we set it into RAW mode */
- if (ioctl(fd[1], TCSETA, (char *) &stored_mode) < 0) {
+ if (ioctl(fd[1], TIOCSETA, (char *) &stored_mode) < 0) {
_pam_log(LOG_WARNING,"cannot set slave terminal mode; %s"
,terminal);
close(fd[1]);
@@ -570,7 +574,7 @@
if (aterminal) {
/* reset to initial terminal mode */
- (void) ioctl(STDIN_FILENO, TCSETA, (char *) &stored_mode);
+ (void) ioctl(STDIN_FILENO, TIOCSETA, (char *) &stored_mode);
}
if (ctrl & FILTER_DEBUG) {
diff -ru Linux-PAM-0.72.orig/modules/pam_limits/pam_limits.c Linux-PAM-0.72/modules/pam_limits/pam_limits.c
--- Linux-PAM-0.72.orig/modules/pam_limits/pam_limits.c Tue Oct 24 23:23:01 2000
+++ Linux-PAM-0.72/modules/pam_limits/pam_limits.c Tue Oct 24 23:31:11 2000
@@ -289,8 +289,10 @@
limit_item = RLIMIT_NOFILE;
else if (strcmp(lim_item, "memlock") == 0)
limit_item = RLIMIT_MEMLOCK;
+#ifndef __GNU__ /* not defined on Hurd */
else if (strcmp(lim_item, "as") == 0)
limit_item = RLIMIT_AS;
+#endif
else if (strcmp(lim_item, "maxlogins") == 0) {
limit_item = LIMIT_LOGIN;
flag_numsyslogins = 0;
@@ -343,7 +345,9 @@
case RLIMIT_CORE:
case RLIMIT_RSS:
case RLIMIT_MEMLOCK:
+#ifndef __GNU__ /* not defined on Hurd */
case RLIMIT_AS:
+#endif
limit_value *= 1024;
break;
}
diff -ru Linux-PAM-0.72.orig/modules/pam_rhosts/pam_rhosts_auth.c Linux-PAM-0.72/modules/pam_rhosts/pam_rhosts_auth.c
--- Linux-PAM-0.72.orig/modules/pam_rhosts/pam_rhosts_auth.c Tue Oct 24 23:23:01 2000
+++ Linux-PAM-0.72/modules/pam_rhosts/pam_rhosts_auth.c Wed Oct 25 00:32:39 2000
@@ -64,14 +64,18 @@
#include <sys/time.h>
#include <arpa/inet.h>
+#ifndef __GNU__ /* MAX* type macros don't make sense on Hurd */
#ifndef MAXDNAME
#define MAXDNAME 256
#endif
+#endif
#include <stdarg.h>
#include <ctype.h>
+#ifndef __GNU__ /* Hurd does not have MAXHOSTNAMELEN */
#include <net/if.h>
+#endif
#ifdef HAVE_SYS_FSUID_H
#include <sys/fsuid.h>
#endif
@@ -359,11 +363,26 @@
register const char *user;
register char *p;
int hcheck, ucheck;
+#ifndef __GNU__
char buf[MAXHOSTNAMELEN + 128]; /* host + login */
+#else
+ char *buf = 0, *old_buf = 0;
+ size_t buf_len = 0;
+#endif
+#ifndef __GNU__
buf[sizeof (buf)-1] = '\0'; /* terminate line */
- while (fgets(buf, sizeof(buf), hostf) != NULL) { /* hostf file line */
+ while (fgets(buf, sizeof(buf), hostf) != NULL) /* hostf file line */
+#else
+ while (getline(&buf, &buf_len, hostf) > 0)
+#endif
+ {
+#ifdef __GNU__
+ if (!buf)
+ free(old_buf);
+ old_buf = buf;
+#endif
p = buf; /* from beginning of file.. */
/* Skip empty or comment lines */
@@ -371,6 +390,7 @@
continue;
}
+#ifndef __GNU__ /* not an issue on Hurd */
/* Skip lines that are too long. */
if (strchr(p, '\n') == NULL) {
int ch = getc(hostf);
@@ -379,6 +399,7 @@
ch = getc(hostf);
continue;
}
+#endif
/*
* If there is a hostname at the start of the line. Set it to
@@ -432,6 +453,9 @@
/* Neither, go on looking for match */
}
}
+#ifdef __GNU__
+ free(buf);
+#endif
return (1);
}
@@ -457,7 +481,11 @@
FILE *hostf;
uid_t uid;
int answer;
+#ifndef __GNU__
char pbuf[MAXPATHLEN]; /* potential buffer overrun */
+#else
+ char *pbuf = 0;
+#endif
if ((!superuser||opts->opt_hosts_equiv_rootok) && !opts->opt_no_hosts_equiv ) {
@@ -491,6 +519,7 @@
return(1);
}
+#ifndef __GNU__
/* check for buffer overrun */
if (strlen(pwd->pw_dir) + sizeof(USER_RHOSTS_FILE) + 2 >= MAXPATHLEN) {
if (opts->opt_debug)
@@ -500,6 +529,15 @@
(void) strcpy(pbuf, pwd->pw_dir);
(void) strcat(pbuf, USER_RHOSTS_FILE);
+#else
+ asprintf(&pbuf, "%s%s", pwd->pw_dir, USER_RHOSTS_FILE);
+ if (!pbuf) {
+ if (opts->opt_debug)
+ _pam_log(LOG_DEBUG,
+ "not enough memory to store home directory for `%s'", luser);
+ return 1;
+ }
+#endif
/*
* Change effective uid while _reading_ .rhosts. (not just
@@ -593,6 +631,9 @@
if (hostf != NULL)
(void) fclose(hostf);
+#ifdef __GNU__
+ free(pbuf);
+#endif
return answer;
}
diff -ru Linux-PAM-0.72.orig/modules/pam_unix/unix_chkpwd.c Linux-PAM-0.72/modules/pam_unix/unix_chkpwd.c
--- Linux-PAM-0.72.orig/modules/pam_unix/unix_chkpwd.c Tue Oct 24 23:23:01 2000
+++ Linux-PAM-0.72/modules/pam_unix/unix_chkpwd.c Wed Oct 25 00:37:59 2000
@@ -51,6 +51,11 @@
static void su_sighandler(int sig)
{
+#ifdef __GNU__
+ /* emulate the behavior of the SA_RESETHAND flag */
+ if (sig == SIGILL || sig == SIGTRAP || sig == SIGBUS || sig == SIGSEGV)
+ signal(sig, SIG_DFL);
+#endif
if (sig > 0) {
_log_err(LOG_NOTICE, "caught signal %d.", sig);
exit(sig);
@@ -66,7 +71,9 @@
*/
(void) memset((void *) &action, 0, sizeof(action));
action.sa_handler = su_sighandler;
+#ifndef __GNU__
action.sa_flags = SA_RESETHAND;
+#endif
(void) sigaction(SIGILL, &action, NULL);
(void) sigaction(SIGTRAP, &action, NULL);
(void) sigaction(SIGBUS, &action, NULL);
@@ -130,9 +137,9 @@
/* Hack off SysVR4 password aging */
{
- char tmp;
+ char *tmp;
- if (tmp == strrchr(p, ',') != NULL) tmp = '\0';
+ if ((tmp = strrchr(p, ',')) != NULL) *tmp = '\0';
}
/* the moment of truth -- do we agree with the password? */
Reply to: