Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 19 Jul 2014 21:04:21 +0000 (UTC)
From:      Dag-Erling Smørgrav <des@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r268890 - head/lib/libpam/modules/pam_group
Message-ID:  <201407192104.s6JL4LkC076754@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: des
Date: Sat Jul 19 21:04:21 2014
New Revision: 268890
URL: http://svnweb.freebsd.org/changeset/base/268890

Log:
  Add support for the "account" facility.
  
  PR:		115164
  MFC after:	1 week

Modified:
  head/lib/libpam/modules/pam_group/pam_group.8
  head/lib/libpam/modules/pam_group/pam_group.c

Modified: head/lib/libpam/modules/pam_group/pam_group.8
==============================================================================
--- head/lib/libpam/modules/pam_group/pam_group.8	Sat Jul 19 20:59:08 2014	(r268889)
+++ head/lib/libpam/modules/pam_group/pam_group.8	Sat Jul 19 21:04:21 2014	(r268890)
@@ -33,7 +33,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd March 9, 2011
+.Dd July 19, 2014
 .Dt PAM_GROUP 8
 .Os
 .Sh NAME
@@ -48,6 +48,11 @@
 .Sh DESCRIPTION
 The group service module for PAM accepts or rejects users based on
 their membership in a particular file group.
+.Nm pam_group
+provides functionality for two PAM categories: authentication and
+account management.
+In terms of the module-type parameter, they are the ``auth'' and
+``account'' features.
 .Pp
 The following options may be passed to the
 .Nm

Modified: head/lib/libpam/modules/pam_group/pam_group.c
==============================================================================
--- head/lib/libpam/modules/pam_group/pam_group.c	Sat Jul 19 20:59:08 2014	(r268889)
+++ head/lib/libpam/modules/pam_group/pam_group.c	Sat Jul 19 21:04:21 2014	(r268890)
@@ -47,15 +47,14 @@ __FBSDID("$FreeBSD$");
 #include <unistd.h>
 
 #define PAM_SM_AUTH
+#define PAM_SM_ACCOUNT
 
 #include <security/pam_appl.h>
 #include <security/pam_modules.h>
 #include <security/openpam.h>
 
-
-PAM_EXTERN int
-pam_sm_authenticate(pam_handle_t *pamh, int flags __unused,
-    int argc __unused, const char *argv[] __unused)
+static int
+pam_group(pam_handle_t *pamh)
 {
 	int local, remote;
 	const char *group, *user;
@@ -121,6 +120,14 @@ pam_sm_authenticate(pam_handle_t *pamh, 
 }
 
 PAM_EXTERN int
+pam_sm_authenticate(pam_handle_t *pamh, int flags __unused,
+    int argc __unused, const char *argv[] __unused)
+{
+
+	return (pam_group(pamh));
+}
+
+PAM_EXTERN int
 pam_sm_setcred(pam_handle_t * pamh __unused, int flags __unused,
     int argc __unused, const char *argv[] __unused)
 {
@@ -128,4 +135,12 @@ pam_sm_setcred(pam_handle_t * pamh __unu
 	return (PAM_SUCCESS);
 }
 
+PAM_EXTERN int
+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags __unused,
+    int argc __unused, const char *argv[] __unused)
+{
+
+	return (pam_group(pamh));
+}
+
 PAM_MODULE_ENTRY("pam_group");

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201407192104.s6JL4LkC076754>