Package: cupsys Version: 1.2.2-1 Severity: wishlist Tags: patch Please add these pam features: 1) pam_set_item(pamh, PAM_TTY, "cups") ----------------------------------- Need by some pam-modules which need the 'tty' variable, like pam_group, pam_access, pam_time, etc. 2) pam_set_item(pamh, PAM_RHOST, con->http.hostname) ------------------------------------------------- Usefull for some pam-modules like pam_access, etc and for the logs, which are created by pam. 3) pam_setcred(pamh, PAM_ESTABLISH_CRED|PAM_SILENT) ------------------------------------------------ Need by some pam-modules like pam_tally, pam_group, etc. The patch is in the attachment and for the original tarball. Thanks. - Markus Nass -- Key fingerprint = DC3C 257C 2B71 8FA4 F609 F7F7 7C14 F806 5665 77FD ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Was nicht fliegen kann, kann auch nicht abstürzen. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff -urN old/cups-1.2.2/scheduler/auth.c new/cups-1.2.2/scheduler/auth.c --- old/cups-1.2.2/scheduler/auth.c 2006-06-07 22:58:29.000000000 +0200 +++ new/cups-1.2.2/scheduler/auth.c 2006-08-28 21:28:59.000000000 +0200 @@ -510,6 +510,28 @@ return; } + pamerr = pam_set_item(pamh, PAM_TTY, "cups"); + if (pamerr != PAM_SUCCESS) + { + cupsdLogMessage(CUPSD_LOG_ERROR, + "cupsdAuthorize: pam_set_item() returned %d " + "(%s)!\n", + pamerr, pam_strerror(pamh, pamerr)); + pam_end(pamh, 0); + return; + } + + pamerr = pam_set_item(pamh, PAM_RHOST, con->http.hostname); + if (pamerr != PAM_SUCCESS) + { + cupsdLogMessage(CUPSD_LOG_ERROR, + "cupsdAuthorize: pam_set_item() returned %d " + "(%s)!\n", + pamerr, pam_strerror(pamh, pamerr)); + pam_end(pamh, 0); + return; + } + pamerr = pam_authenticate(pamh, PAM_SILENT); if (pamerr != PAM_SUCCESS) { @@ -532,6 +554,17 @@ return; } + pamerr = pam_setcred(pamh, PAM_ESTABLISH_CRED|PAM_SILENT); + if (pamerr != PAM_SUCCESS) + { + cupsdLogMessage(CUPSD_LOG_ERROR, + "cupsdAuthorize: pam_setcred() returned %d " + "(%s)!\n", + pamerr, pam_strerror(pamh, pamerr)); + pam_end(pamh, 0); + return; + } + pam_end(pamh, PAM_SUCCESS); #elif defined(HAVE_USERSEC_H)
Attachment:
signature.asc
Description: OpenPGP digital signature