diff options
author | Andreas Schneider <asn@samba.org> | 2018-09-20 10:08:00 +0200 |
---|---|---|
committer | Andreas Schneider <asn@samba.org> | 2018-09-20 12:07:15 +0200 |
commit | 926c10099d43a5f1f1304e9b9c97ade76fdee2e9 (patch) | |
tree | e420f57ff79041d227e5125941c5d14b965533c2 | |
parent | 66d70c8249e0050dcf594d6bf1b8d79c6e5eab11 (diff) | |
download | pam_wrapper-926c10099d43a5f1f1304e9b9c97ade76fdee2e9.tar.gz pam_wrapper-926c10099d43a5f1f1304e9b9c97ade76fdee2e9.tar.xz pam_wrapper-926c10099d43a5f1f1304e9b9c97ade76fdee2e9.zip |
pam_set_items: Add logging
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jakub Hrozek <jakub.hrozek@posteo.se>
-rw-r--r-- | src/modules/pam_set_items.c | 100 |
1 files changed, 99 insertions, 1 deletions
diff --git a/src/modules/pam_set_items.c b/src/modules/pam_set_items.c index 22c2c56..dd09020 100644 --- a/src/modules/pam_set_items.c +++ b/src/modules/pam_set_items.c @@ -19,7 +19,9 @@ #include <stdlib.h> #include <stdio.h> +#include <stdarg.h> #include <string.h> +#include <unistd.h> #ifdef HAVE_SECURITY_PAM_APPL_H #include <security/pam_appl.h> @@ -30,6 +32,89 @@ #include "config.h" +/* GCC have printf type attribute check. */ +#ifdef HAVE_FUNCTION_ATTRIBUTE_FORMAT +#define PRINTF_ATTRIBUTE(a,b) __attribute__ ((__format__ (__printf__, a, b))) +#else +#define PRINTF_ATTRIBUTE(a,b) +#endif /* HAVE_FUNCTION_ATTRIBUTE_FORMAT */ + +/***************** + * LOGGING + *****************/ + +enum pwrap_dbglvl_e { + PWRAP_LOG_ERROR = 0, + PWRAP_LOG_WARN, + PWRAP_LOG_DEBUG, + PWRAP_LOG_TRACE +}; + +static void pwrap_log(enum pwrap_dbglvl_e dbglvl, + const char *function, + const char *format, ...) PRINTF_ATTRIBUTE(3, 4); +# define PWRAP_LOG(dbglvl, ...) pwrap_log((dbglvl), __func__, __VA_ARGS__) + +static void pwrap_vlog(enum pwrap_dbglvl_e dbglvl, + const char *function, + const char *format, + va_list args) PRINTF_ATTRIBUTE(3, 0); + +static void pwrap_vlog(enum pwrap_dbglvl_e dbglvl, + const char *function, + const char *format, + va_list args) +{ + char buffer[1024]; + const char *d; + unsigned int lvl = 0; + const char *prefix = "PWRAP"; + + d = getenv("PAM_WRAPPER_DEBUGLEVEL"); + if (d != NULL) { + lvl = atoi(d); + } + + if (lvl < dbglvl) { + return; + } + + vsnprintf(buffer, sizeof(buffer), format, args); + + switch (dbglvl) { + case PWRAP_LOG_ERROR: + prefix = "PWRAP_ERROR"; + break; + case PWRAP_LOG_WARN: + prefix = "PWRAP_WARN"; + break; + case PWRAP_LOG_DEBUG: + prefix = "PWRAP_DEBUG"; + break; + case PWRAP_LOG_TRACE: + prefix = "PWRAP_TRACE"; + break; + } + + fprintf(stderr, + "%s(%d) - PAM_SET_ITEM %s: %s\n", + prefix, + (int)getpid(), + function, + buffer); +} + +static void pwrap_log(enum pwrap_dbglvl_e dbglvl, + const char *function, + const char *format, ...) +{ + va_list va; + + va_start(va, format); + pwrap_vlog(dbglvl, function, format, va); + va_end(va); +} + #define ITEM_FILE_KEY "item_file=" static const char *envs[] = { @@ -83,6 +168,8 @@ static void pam_setitem_env(pam_handle_t *pamh) continue; } + PWRAP_LOG(PWRAP_LOG_TRACE, "%s=%s", envs[i], v); + rv = pam_set_item(pamh, items[i], v); if (rv != PAM_SUCCESS) { continue; @@ -98,6 +185,8 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, (void) argc; /* unused */ (void) argv; /* unused */ + PWRAP_LOG(PWRAP_LOG_TRACE, "AUTHENTICATE"); + pam_setitem_env(pamh); return PAM_SUCCESS; } @@ -110,6 +199,8 @@ pam_sm_setcred(pam_handle_t *pamh, int flags, (void) argc; /* unused */ (void) argv; /* unused */ + PWRAP_LOG(PWRAP_LOG_TRACE, "SETCRED"); + pam_setitem_env(pamh); return PAM_SUCCESS; } @@ -122,6 +213,8 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, (void) argc; /* unused */ (void) argv; /* unused */ + PWRAP_LOG(PWRAP_LOG_TRACE, "ACCT_MGMT"); + pam_setitem_env(pamh); return PAM_SUCCESS; } @@ -134,6 +227,8 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, (void) argc; /* unused */ (void) argv; /* unused */ + PWRAP_LOG(PWRAP_LOG_TRACE, "OPEN_SESSION"); + pam_setitem_env(pamh); return PAM_SUCCESS; } @@ -146,6 +241,8 @@ pam_sm_close_session(pam_handle_t *pamh, int flags, (void) argc; /* unused */ (void) argv; /* unused */ + PWRAP_LOG(PWRAP_LOG_TRACE, "CLOSE_SESSION"); + pam_setitem_env(pamh); return PAM_SUCCESS; } @@ -158,7 +255,8 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, (void) argc; /* unused */ (void) argv; /* unused */ + PWRAP_LOG(PWRAP_LOG_TRACE, "CHAUTHTOK"); + pam_setitem_env(pamh); return PAM_SUCCESS; } - |