1
Index: Linux-PAM/modules/pam_access/access.conf
2
===================================================================
3
RCS file: /afs/sipb/project/debian/cvs/pam/Linux-PAM/modules/pam_access/access.conf,v
4
retrieving revision 1.3
5
diff -u -r1.3 access.conf
6
--- Linux-PAM/modules/pam_access/access.conf 15 Sep 2002 20:17:59 -0000 1.3
7
+++ Linux-PAM/modules/pam_access/access.conf 15 Sep 2002 21:33:32 -0000
9
# logged-in user. Both the user's primary group is matched, as well as
10
# groups in which users are explicitly listed.
12
+# TTY NAMES: Must be in the form returned by ttyname(3) less the initial
13
+# "/dev/" (e.g. tty1 or vc/1)
15
##############################################################################
18
+# Disallow non-root logins on tty1
20
+#-:ALL EXCEPT root:tty1
22
# Disallow console logins to all but a few accounts.
24
#-:ALL EXCEPT wheel shutdown sync:LOCAL
25
Index: Linux-PAM/modules/pam_access/pam_access.c
26
===================================================================
27
RCS file: /afs/sipb/project/debian/cvs/pam/Linux-PAM/modules/pam_access/pam_access.c,v
28
retrieving revision 1.4
29
diff -u -r1.4 pam_access.c
30
--- Linux-PAM/modules/pam_access/pam_access.c 15 Sep 2002 20:17:59 -0000 1.4
31
+++ Linux-PAM/modules/pam_access/pam_access.c 15 Sep 2002 21:34:39 -0000
33
line[end] = 0; /* strip trailing whitespace */
34
if (line[0] == 0) /* skip blank lines */
36
- if (!(perm = strtok(line, fs))
37
+ /* Allow trailing : in last field for froms */
38
+ if (!(perm = strtok(line, fs))
39
|| !(users = strtok((char *) 0, fs))
40
- || !(froms = strtok((char *) 0, fs))
41
- || strtok((char *) 0, fs)) {
42
+ || !(froms = strtok((char *) 0, fs))) {
43
_log_err("%s: line %d: bad field count",
44
item->config_file, lineno);
48
static int netgroup_match(char *group, char *machine, char *user)
51
static char *mydomain = 0;
54
yp_get_default_domain(&mydomain);
55
return (innetgr(group, machine, user, mydomain));
57
- _log_err("NIS netgroup support not configured");
62
/* user_match - match a username against one token */
67
- if (strncmp("/dev/",from,5) == 0) { /* strip leading /dev/ */
71
+ if (from[0] == '/') { /* full path */
73
+ from = strchr(from, '/');
78
if ((user_pw=getpwnam(user))==NULL) return (PAM_USER_UNKNOWN);