Date: Wed, 16 Jun 1999 09:16:41 -0300 (EST) From: Paulo Fragoso <paulo@nlink.com.br> To: Kris Kennaway <kkennawa@physics.adelaide.edu.au> Cc: freebsd-stable@freebsd.org Subject: Re: PPPD 2.3.8 in stable? Message-ID: <Pine.BSF.3.96.990616084708.28826G-200000@mirage.nlink.com.br> In-Reply-To: <Pine.OSF.4.10.9906161618320.6517-100000@bragg>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
On Wed, 16 Jun 1999, Kris Kennaway wrote:
> On Mon, 14 Jun 1999, Paulo Fragoso wrote:
>
> > Are there any plans to include pppd-2.3.8 in FreeBSD stable?
>
> I was thinking of looking at this. I mostly got 2.3.7 integrated locally, but
> then got sidetracked and haven't looked at it since. 2.3.8 shouldn't be much
> different.
>
> I'll send you the patches when they're ready to be tested..
Thanks ;-)
>
> > If yes, is it possible work fine with PAM? I'm having some problems with
> > 3.2-RELEASE to make work fine with PAM.
>
> I don't know about this - I don't have any experience with PAM.
I'm using PAM now with pppd-2.3.5. I would like make a sugestion: I think
it should exist one more compile flags like USE_PAM_LOG instead USE_PAM
only. When someone recompile pppd using this flags, pppd logs in utmp,
like pppd without PAM. I think that it's beter solution than NIS and work
similar. This way access server logs normaly and gets authentication
via radius on another machine.
I made modifications in auth.c changing a few places to #ifdef, #else,
#endif, it's work fine now. (it's in attachment)
Is this a good idea?
Paulo.
------
" ... Overall we've found FreeBSD to excel in performace, stability,
technical support, and of course price. Two years after discovering
FreeBSD, we have yet to find a reason why we switch to anything else"
-David Filo, Yahoo!
[-- Attachment #2 --]
diff -u /usr/src/usr.sbin/pppd/auth.c auth.c
--- /usr/src/usr.sbin/pppd/auth.c Sat Jun 20 15:02:08 1998
+++ auth.c Tue Jun 15 10:14:31 1999
@@ -839,6 +839,9 @@
int *msglen;
{
+ char *tty;
+ struct utmp utmp;
+
#ifdef USE_PAM
struct pam_conv pam_conversation;
@@ -867,7 +870,6 @@
*/
pam_error = pam_authenticate (pamh, PAM_SILENT);
if (pam_error == PAM_SUCCESS) {
- pam_error = pam_acct_mgmt (pamh, PAM_SILENT);
/* start a session for this user. Session closed when link ends. */
if (pam_error == PAM_SUCCESS)
@@ -891,9 +893,7 @@
#else /* #ifdef USE_PAM */
struct passwd *pw;
- struct utmp utmp;
struct timeval tp;
- char *tty;
#ifdef HAS_SHADOW
struct spwd *spwd;
@@ -956,6 +956,8 @@
}
}
+#endif /* #ifdef USE_PAM */
+
/* These functions are not enabled for PAM. The reason for this is that */
/* there is not necessarily a "passwd" entry for this user. That is */
/* real purpose of 'PAM' -- to virtualize the account data from the */
@@ -963,6 +965,7 @@
/* the 'session' hook. */
/* Log in wtmp and utmp using login() */
+ /* NOW IN PAM TOO */
tty = devnam;
if (strncmp(tty, "/dev/", 5) == 0)
@@ -971,7 +974,7 @@
if (logout(tty)) /* Already entered (by login?) */
logwtmp(tty, "", "");
-#if defined(_PATH_LASTLOG)
+#if defined(_PATH_LASTLOG) && !defined(USE_PAM)
{
struct lastlog ll;
int fd;
@@ -987,6 +990,7 @@
}
#endif
+
memset((void *)&utmp, 0, sizeof(utmp));
(void)time(&utmp.ut_time);
(void)strncpy(utmp.ut_name, user, sizeof(utmp.ut_name));
@@ -994,7 +998,6 @@
(void)strncpy(utmp.ut_line, tty, sizeof(utmp.ut_line));
login(&utmp); /* This logs us in wtmp too */
-#endif /* #ifdef USE_PAM */
syslog(LOG_INFO, "user %s logged in", user);
logged_in = TRUE;
@@ -1008,6 +1011,7 @@
static void
plogout()
{
+ char *tty;
#ifdef USE_PAM
struct pam_conv pam_conversation;
pam_handle_t *pamh;
@@ -1027,15 +1031,13 @@
(void) pam_end (pamh, PAM_SUCCESS);
}
-#else
- char *tty;
+#endif
tty = devnam;
if (strncmp(tty, "/dev/", 5) == 0)
tty += 5;
logwtmp(tty, "", ""); /* Wipe out wtmp logout entry */
logout(tty); /* Wipe out utmp */
-#endif
logged_in = FALSE;
}
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.990616084708.28826G-200000>