Added logging/debug msgs in pam_unix

7 files changed, 12 insertions, 24 deletions

diff --git a/modules/pam_securetty/pam_securetty.c b/modules/pam_securetty/pam_securetty.c
index bd81ea5..78c4bd5 100644
--- a/modules/pam_securetty/pam_securetty.c
+++ b/modules/pam_securetty/pam_securetty.c
@@ -13,7 +13,6 @@
 
 #define TTY_PREFIX      "/dev/"
 
-
 PAM_EXTERN int
 pam_sm_acct_mgmt(pam_handle_t * pamh, int flags,
 		int argc, const char * argv[]) 
@@ -58,7 +57,6 @@ pam_sm_acct_mgmt(pam_handle_t * pamh, int flags,
 	 * maybe it should be done here as well...
 	 */
 
-
 	if ( tty != NULL && (ttyinfo = getttynam(tty)) != NULL && 
 			(ttyinfo->ty_status & TTY_SECURE) != 0) 
 		return (PAM_SUCCESS);
diff --git a/modules/pam_securetty/pam_securetty.c~ b/modules/pam_securetty/pam_securetty.c~
index d0979de..bd81ea5 100644
--- a/modules/pam_securetty/pam_securetty.c~
+++ b/modules/pam_securetty/pam_securetty.c~
@@ -63,7 +63,7 @@ pam_sm_acct_mgmt(pam_handle_t * pamh, int flags,
 			(ttyinfo->ty_status & TTY_SECURE) != 0) 
 		return (PAM_SUCCESS);
 
-	PAM_ERROR("Access denied: tty%s is not secure", tty);
+	PAM_ERROR("Access denied: tty %s is not secure", tty);
 	return (PAM_AUTH_ERR);
 }
 
diff --git a/modules/pam_securetty/pam_securetty.o b/modules/pam_securetty/pam_securetty.o
deleted file mode 100644
index 442e249..0000000
--- a/modules/pam_securetty/pam_securetty.o
+++ /dev/null
diff --git a/modules/pam_securetty/pam_securetty.so b/modules/pam_securetty/pam_securetty.so
deleted file mode 100755
index 071e877..0000000
--- a/modules/pam_securetty/pam_securetty.so
+++ /dev/null
diff --git a/modules/pam_unix/pam_unix.c b/modules/pam_unix/pam_unix.c
index ea1b75d..8e1351c 100644
--- a/modules/pam_unix/pam_unix.c
+++ b/modules/pam_unix/pam_unix.c
@@ -80,8 +80,6 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags,
 
 	        pwd = getpwnam(user);
 	}
-	puts("authenticating as user:");
-	puts(user);
 	PAM_LOG("Authenticating user: [%s]", user);
 
 	/* get password */
@@ -233,19 +231,14 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
 /*
 	if (pwd->sp_lstchg || pwd->sp_expire) 
 		curtime = time(NULL) / (60 * 60 * 24);
-	puts("before all");
 	if (pwd->sp_expire) {
-		puts(ctime(&(pwd->sp_expire)));
-		puts(ctime(&curtime));
 		if ( (curtime > pwd->sp_expire ) && ( pwd->sp_expire != -1 ) ) {  
 #ifndef __linux__ 		
 			login_close(lc);
 #endif
-			puts("expire 1");
 			PAM_ERROR("Account has expired!");
 			return (PAM_ACCT_EXPIRED);
 		} else if ( ( pwd->sp_expire - curtime < DEFAULT_WARN) ) {
-			puts("expire 2");
 			PAM_ERROR("Warning: your account expires on %s",
 					ctime(&pwd->sp_expire));
 		}
@@ -254,7 +247,6 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
 	if (pwd->sp_lstchg == 0 ) {
 		return (PAM_NEW_AUTHTOK_REQD);
 	}
-	puts("before tcb OK!");	
 	* check all other possibilities (mostly stolen from pam_tcb) *
 	
 	if ((curtime > (pwd->sp_lstchg + pwd->sp_max + pwd->sp_inact)) &&
@@ -263,14 +255,12 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
 		PAM_ERROR("Account has expired!");
 		return (PAM_ACCT_EXPIRED);
 	}
-	puts("after 1");
 	
 	if (((pwd->sp_lstchg + pwd->sp_max) < curtime) &&
 		        (pwd->sp_max != -1)) {
 		PAM_ERROR("Account has expired!");
 		return (PAM_ACCT_EXPIRED);
 	}
-	puts("after 2");
 
 	if ((curtime - pwd->sp_lstchg > pwd->sp_max)
 			&& (curtime - pwd->sp_lstchg > pwd->sp_inact)
@@ -280,7 +270,6 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
 		return (PAM_ACCT_EXPIRED);
 	}
 
-	puts("after 3");
 */	pam_err = (PAM_SUCCESS);
 
 #ifndef __linux__
@@ -365,7 +354,6 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags,
 
 
 	if (flags & PAM_PRELIM_CHECK) {
-		puts("DOING PRELIM");
 		PAM_LOG("Doing preliminary actions.");
 
 		if (getuid() == 0 ) { 
@@ -400,7 +388,6 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags,
 			return (PAM_PERM_DENIED);
 
 	} else if ( flags & PAM_UPDATE_AUTHTOK ) {
-		puts("DOING UPDATE");
 		PAM_LOG("Doing actual update.");
 
 		pam_err= pam_get_authtok(pamh, PAM_OLDAUTHTOK ,&old_pass, NULL);
@@ -476,22 +463,27 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags,
 			pam_err = PAM_SUCCESS;
 		pw_fini();
 		
-		//free(old_pwd);
 #else
 		makesalt(salt);	
 		/* Update shadow/passwd entries for Linux */
-		update_shadow( pamh ,user,crypt(new_pass, salt) );
+		pam_err = update_shadow( pamh ,user,crypt(new_pass, salt));
+	 	if ( pam_err != PAM_SUCCESS) 
+			return (pam_err);
+
+		pam_err = update_passwd( pamh ,user,"x");
 		update_passwd( pamh ,user,"x");
-		puts("done with shadow");
-	
-#endif
+		if ( pam_err != PAM_SUCCESS) 
+			return (pam_err);
 
+#endif
+	
+		PAM_LOG("Password changed for user [%s]", user);
 	} else {
 		pam_err = PAM_ABORT;
 		PAM_ERROR("Unrecognized flags.");
 		return (pam_err);
 	}
-			puts("chauthtok successfull");
+	
 	return (PAM_SUCCESS);
 }
 
@@ -561,7 +553,6 @@ static int update_shadow( pam_handle_t * pamh , const char * user,
 	struct stat filestat;
 
 
-	puts("updating shadow");
 	if ( (pwd = getspnam(user)) == NULL) 
 		return PAM_USER_UNKNOWN;
 
@@ -661,7 +652,6 @@ static int update_passwd( pam_handle_t * pamh, const char * user,
 	struct stat filestat;
 
 
-	puts("updating passwd");
 	if ( (pwd = getpwnam(user)) == NULL) 
 		return PAM_USER_UNKNOWN;
 
diff --git a/modules/pam_unix/pam_unix.o b/modules/pam_unix/pam_unix.o
deleted file mode 100644
index b463d1b..0000000
--- a/modules/pam_unix/pam_unix.o
+++ /dev/null
diff --git a/modules/pam_unix/pam_unix.so b/modules/pam_unix/pam_unix.so
deleted file mode 100755
index a77c352..0000000
--- a/modules/pam_unix/pam_unix.so
+++ /dev/null