diff --git a/README.md b/README.md index 11c73ab..c929b78 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,7 @@ PAM module to check if the login occurs via a specific tty like a serial console It will return `PAM_SUCCESS` if the first characters of the tty used for login matches one of the strings supplied as value of argument `tty`. +Can be used in `auth` and `session`, in other groups returns `PAM_IGNORE`. Example: `tty=/dev/ttyS` will match all logins via a serial console like `/dev/ttyS0`, `/dev/ttyS1`, etc. @@ -44,7 +45,6 @@ cd pam-tty ```sh make ``` - Or, if you are running a multilib system: ```sh diff --git a/pam_tty.c b/pam_tty.c index 878ba30..9c7cfbd 100644 --- a/pam_tty.c +++ b/pam_tty.c @@ -109,23 +109,8 @@ static char** get_values(char* list, const char* delimiter) { return values; } -/* PAM entry point for session creation */ -int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) { - return(PAM_IGNORE); -} - -/* PAM entry point for session cleanup */ -int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) { - return(PAM_IGNORE); -} - -/* PAM entry point for accounting */ -int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) { - return(PAM_IGNORE); -} - -/* PAM entry point for authentication verification */ -int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) { +/* Returns PAM_SUCCESS if login occurs via a specific tty */ +int pam_tty(pam_handle_t *pamh, int argc, const char **argv) { int pgi_ret, i; unsigned int debug = 0; char *tty; @@ -184,6 +169,26 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar return(PAM_IGNORE); } +/* PAM entry point for session creation */ +int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) { + return(pam_tty(pamh, argc, argv)); +} + +/* PAM entry point for session cleanup */ +int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) { + return(PAM_IGNORE); +} + +/* PAM entry point for accounting */ +int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) { + return(PAM_IGNORE); +} + +/* PAM entry point for authentication verification */ +int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) { + return(pam_tty(pamh, argc, argv)); +} + /* PAM entry point for setting user credentials (that is, to actually establish the authenticated user's credentials to the service provider)