[PATCH] pam_tally2 --reset: avoid creating a missing tallylog file
by Dmitry V. Levin
There is no need for pam_tally2 in --reset=0 mode to create a missing
tallylog file because its absence has the same meaning as its existence
with the appropriate entry reset.
This was not a big deal until useradd(8) from shadow suite release 4.5
started to invoke /sbin/pam_tally2 --reset routinely regardless of PAM
configuration.
The positive effect of this change is noticeable when using tools like
cpio(1) that cannot archive huge sparse files efficiently.
* modules/pam_tally2/pam_tally2.c [MAIN] (main) <cline_user>: Stat
cline_filename when cline_reset == 0, exit early if the file is missing.
---
modules/pam_tally2/pam_tally2.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/modules/pam_tally2/pam_tally2.c b/modules/pam_tally2/pam_tally2.c
index 9f3bebe..da1c048 100644
--- a/modules/pam_tally2/pam_tally2.c
+++ b/modules/pam_tally2/pam_tally2.c
@@ -959,6 +959,18 @@ main( int argc UNUSED, char **argv )
exit(1);
}
+ if (cline_reset == 0) {
+ struct stat st;
+
+ if (stat(cline_filename, &st) && errno == ENOENT) {
+ if (!cline_quiet) {
+ memset(&tally, 0, sizeof(tally));
+ print_one(&tally, uid);
+ }
+ return 0; /* no file => nothing to reset */
+ }
+ }
+
i=get_tally(NULL, uid, cline_filename, &tfile, &tally, 0);
if ( i != PAM_SUCCESS ) {
if (tfile != -1)
--
ldv
6 years, 4 months
Fix pam_mkhomedir not being able to create parent directory in /
by Tomas Mraz
The pam_mkhomedir is currently unable to create a parent directory of
the home directory in /. This regressed with the commit
https://github.com/linux-pam/linux-pam/commit/a1f218877c56b1b0eafcbe223dd...
The attached patch fixes the issue.
OK to commit?
--
Tomáš Mráz
Red Hat
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your
conscience.]
* Google and NSA associates, this message is none of your business.
* Please leave it alone, and consider whether your actions are
* authorized by the contract with Red Hat, or by the US constitution.
* If you feel you're being encouraged to disregard the limits built
* into them, remember Edward Snowden and Wikileaks.
6 years, 4 months