www-servers/nginx: http_auth_pam: adjust loglevel for auth failures

Package-Manager: Portage-2.3.52, Repoman-2.3.12
Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

1 files changed, 22 insertions, 0 deletions

diff --git a/www-servers/nginx/files/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch b/www-servers/nginx/files/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch
new file mode 100644
index 000000000000..632dcdee50e2
--- /dev/null
+++ b/www-servers/nginx/files/http_auth_pam-1.5.1-adjust-loglevel-for-authentication-failures.patch
@@ -0,0 +1,22 @@
+https://github.com/sto/ngx_http_auth_pam_module/pull/18
+
+--- a/ngx_http_auth_pam_module.c
++++ b/ngx_http_auth_pam_module.c
+@@ -348,7 +348,7 @@ ngx_http_auth_pam_authenticate(ngx_http_request_t *r,
+     /* try to authenticate user, log error on failure */
+     if ((rc = pam_authenticate(pamh,
+                                PAM_DISALLOW_NULL_AUTHTOK)) != PAM_SUCCESS) {
+-        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++        ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+                       "PAM: user '%s' - not authenticated: %s",
+                       ainfo.username.data, pam_strerror(pamh, rc));
+         pam_end(pamh, PAM_SUCCESS);
+@@ -357,7 +357,7 @@ ngx_http_auth_pam_authenticate(ngx_http_request_t *r,
+ 
+     /* check that the account is healthy */
+     if ((rc = pam_acct_mgmt(pamh, PAM_DISALLOW_NULL_AUTHTOK)) != PAM_SUCCESS) {
+-        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++        ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+                       "PAM: user '%s'  - invalid account: %s",
+                       ainfo.username.data, pam_strerror(pamh, rc));
+         pam_end(pamh, PAM_SUCCESS);