aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@samba.org>2018-09-20 10:08:00 +0200
committerAndreas Schneider <asn@samba.org>2018-09-20 12:07:15 +0200
commit926c10099d43a5f1f1304e9b9c97ade76fdee2e9 (patch)
treee420f57ff79041d227e5125941c5d14b965533c2
parent66d70c8249e0050dcf594d6bf1b8d79c6e5eab11 (diff)
downloadpam_wrapper-926c10099d43a5f1f1304e9b9c97ade76fdee2e9.tar.gz
pam_wrapper-926c10099d43a5f1f1304e9b9c97ade76fdee2e9.tar.xz
pam_wrapper-926c10099d43a5f1f1304e9b9c97ade76fdee2e9.zip
pam_set_items: Add logging
Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Jakub Hrozek <jakub.hrozek@posteo.se>
-rw-r--r--src/modules/pam_set_items.c100
1 files changed, 99 insertions, 1 deletions
diff --git a/src/modules/pam_set_items.c b/src/modules/pam_set_items.c
index 22c2c56..dd09020 100644
--- a/src/modules/pam_set_items.c
+++ b/src/modules/pam_set_items.c
@@ -19,7 +19,9 @@
#include <stdlib.h>
#include <stdio.h>
+#include <stdarg.h>
#include <string.h>
+#include <unistd.h>
#ifdef HAVE_SECURITY_PAM_APPL_H
#include <security/pam_appl.h>
@@ -30,6 +32,89 @@
#include "config.h"
+/* GCC have printf type attribute check. */
+#ifdef HAVE_FUNCTION_ATTRIBUTE_FORMAT
+#define PRINTF_ATTRIBUTE(a,b) __attribute__ ((__format__ (__printf__, a, b)))
+#else
+#define PRINTF_ATTRIBUTE(a,b)
+#endif /* HAVE_FUNCTION_ATTRIBUTE_FORMAT */
+
+/*****************
+ * LOGGING
+ *****************/
+
+enum pwrap_dbglvl_e {
+ PWRAP_LOG_ERROR = 0,
+ PWRAP_LOG_WARN,
+ PWRAP_LOG_DEBUG,
+ PWRAP_LOG_TRACE
+};
+
+static void pwrap_log(enum pwrap_dbglvl_e dbglvl,
+ const char *function,
+ const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
+# define PWRAP_LOG(dbglvl, ...) pwrap_log((dbglvl), __func__, __VA_ARGS__)
+
+static void pwrap_vlog(enum pwrap_dbglvl_e dbglvl,
+ const char *function,
+ const char *format,
+ va_list args) PRINTF_ATTRIBUTE(3, 0);
+
+static void pwrap_vlog(enum pwrap_dbglvl_e dbglvl,
+ const char *function,
+ const char *format,
+ va_list args)
+{
+ char buffer[1024];
+ const char *d;
+ unsigned int lvl = 0;
+ const char *prefix = "PWRAP";
+
+ d = getenv("PAM_WRAPPER_DEBUGLEVEL");
+ if (d != NULL) {
+ lvl = atoi(d);
+ }
+
+ if (lvl < dbglvl) {
+ return;
+ }
+
+ vsnprintf(buffer, sizeof(buffer), format, args);
+
+ switch (dbglvl) {
+ case PWRAP_LOG_ERROR:
+ prefix = "PWRAP_ERROR";
+ break;
+ case PWRAP_LOG_WARN:
+ prefix = "PWRAP_WARN";
+ break;
+ case PWRAP_LOG_DEBUG:
+ prefix = "PWRAP_DEBUG";
+ break;
+ case PWRAP_LOG_TRACE:
+ prefix = "PWRAP_TRACE";
+ break;
+ }
+
+ fprintf(stderr,
+ "%s(%d) - PAM_SET_ITEM %s: %s\n",
+ prefix,
+ (int)getpid(),
+ function,
+ buffer);
+}
+
+static void pwrap_log(enum pwrap_dbglvl_e dbglvl,
+ const char *function,
+ const char *format, ...)
+{
+ va_list va;
+
+ va_start(va, format);
+ pwrap_vlog(dbglvl, function, format, va);
+ va_end(va);
+}
+
#define ITEM_FILE_KEY "item_file="
static const char *envs[] = {
@@ -83,6 +168,8 @@ static void pam_setitem_env(pam_handle_t *pamh)
continue;
}
+ PWRAP_LOG(PWRAP_LOG_TRACE, "%s=%s", envs[i], v);
+
rv = pam_set_item(pamh, items[i], v);
if (rv != PAM_SUCCESS) {
continue;
@@ -98,6 +185,8 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags,
(void) argc; /* unused */
(void) argv; /* unused */
+ PWRAP_LOG(PWRAP_LOG_TRACE, "AUTHENTICATE");
+
pam_setitem_env(pamh);
return PAM_SUCCESS;
}
@@ -110,6 +199,8 @@ pam_sm_setcred(pam_handle_t *pamh, int flags,
(void) argc; /* unused */
(void) argv; /* unused */
+ PWRAP_LOG(PWRAP_LOG_TRACE, "SETCRED");
+
pam_setitem_env(pamh);
return PAM_SUCCESS;
}
@@ -122,6 +213,8 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
(void) argc; /* unused */
(void) argv; /* unused */
+ PWRAP_LOG(PWRAP_LOG_TRACE, "ACCT_MGMT");
+
pam_setitem_env(pamh);
return PAM_SUCCESS;
}
@@ -134,6 +227,8 @@ pam_sm_open_session(pam_handle_t *pamh, int flags,
(void) argc; /* unused */
(void) argv; /* unused */
+ PWRAP_LOG(PWRAP_LOG_TRACE, "OPEN_SESSION");
+
pam_setitem_env(pamh);
return PAM_SUCCESS;
}
@@ -146,6 +241,8 @@ pam_sm_close_session(pam_handle_t *pamh, int flags,
(void) argc; /* unused */
(void) argv; /* unused */
+ PWRAP_LOG(PWRAP_LOG_TRACE, "CLOSE_SESSION");
+
pam_setitem_env(pamh);
return PAM_SUCCESS;
}
@@ -158,7 +255,8 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags,
(void) argc; /* unused */
(void) argv; /* unused */
+ PWRAP_LOG(PWRAP_LOG_TRACE, "CHAUTHTOK");
+
pam_setitem_env(pamh);
return PAM_SUCCESS;
}
-