diff options
author | Sami Kerola | 2011-11-13 18:18:33 +0100 |
---|---|---|
committer | Sami Kerola | 2011-11-29 17:57:39 +0100 |
commit | 57b35f3ba7db5d5b7cec04312c7e9055a74b0406 (patch) | |
tree | 8bdc1b74d82337e22db820a40f6892c1150eb1c3 | |
parent | chsh: build bug: do not override config.h definition (diff) | |
download | kernel-qcow2-util-linux-57b35f3ba7db5d5b7cec04312c7e9055a74b0406.tar.gz kernel-qcow2-util-linux-57b35f3ba7db5d5b7cec04312c7e9055a74b0406.tar.xz kernel-qcow2-util-linux-57b35f3ba7db5d5b7cec04312c7e9055a74b0406.zip |
chfn, chsh: new file pamfail.h for error printing
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
-rw-r--r-- | include/Makefile.am | 1 | ||||
-rw-r--r-- | include/pamfail.h | 16 | ||||
-rw-r--r-- | login-utils/chfn.c | 30 | ||||
-rw-r--r-- | login-utils/chsh.c | 30 |
4 files changed, 35 insertions, 42 deletions
diff --git a/include/Makefile.am b/include/Makefile.am index 64a620f8a..237840ab2 100644 --- a/include/Makefile.am +++ b/include/Makefile.am @@ -22,6 +22,7 @@ dist_noinst_HEADERS = \ md5.h \ minix.h \ nls.h \ + pamfail.h \ path.h \ pathnames.h \ procutils.h \ diff --git a/include/pamfail.h b/include/pamfail.h new file mode 100644 index 000000000..8008ce395 --- /dev/null +++ b/include/pamfail.h @@ -0,0 +1,16 @@ +#ifndef UTIL_LINUX_PAMFAIL_H +#include <security/pam_appl.h> +#include <security/pam_misc.h> +#include "c.h" + +static inline int +pam_fail_check(pam_handle_t *pamh, int retcode) +{ + if (retcode == PAM_SUCCESS) + return 0; + warnx("%s", pam_strerror(pamh, retcode)); + pam_end(pamh, retcode); + return 1; +} + +#endif /* UTIL_LINUX_PAMFAIL_H */ diff --git a/login-utils/chfn.c b/login-utils/chfn.c index 1ddd5864b..7e87999d5 100644 --- a/login-utils/chfn.c +++ b/login-utils/chfn.c @@ -34,6 +34,7 @@ #include <getopt.h> #include <stdbool.h> +#include "pamfail.h" #include "islocal.h" #include "setpwnam.h" #include "strutils.h" @@ -48,21 +49,6 @@ #include "selinux_utils.h" #endif -#ifdef REQUIRE_PASSWORD -#include <security/pam_appl.h> -#include <security/pam_misc.h> - -#define PAM_FAIL_CHECK(_ph, _rc) \ - do { \ - if ((_rc) != PAM_SUCCESS) { \ - fprintf(stderr, "\n%s\n", pam_strerror((_ph), (_rc))); \ - pam_end((_ph), (_rc)); \ - exit(EXIT_FAILURE); \ - } \ - } while(0) - -#endif /* REQUIRE_PASSWORD */ - static char buf[1024]; struct finfo { @@ -177,20 +163,22 @@ int main (int argc, char **argv) { int retcode; retcode = pam_start("chfn", oldf.username, &conv, &pamh); - if(retcode != PAM_SUCCESS) - errx(EXIT_FAILURE, _("PAM failure, aborting: %s"), - pam_strerror(pamh, retcode)); + if (pam_fail_check(pamh, retcode)) + exit(EXIT_FAILURE); retcode = pam_authenticate(pamh, 0); - PAM_FAIL_CHECK(pamh, retcode); + if (pam_fail_check(pamh, retcode)) + exit(EXIT_FAILURE); retcode = pam_acct_mgmt(pamh, 0); if (retcode == PAM_NEW_AUTHTOK_REQD) retcode = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK); - PAM_FAIL_CHECK(pamh, retcode); + if (pam_fail_check(pamh, retcode)) + exit(EXIT_FAILURE); retcode = pam_setcred(pamh, 0); - PAM_FAIL_CHECK(pamh, retcode); + if (pam_fail_check(pamh, retcode)) + exit(EXIT_FAILURE); pam_end(pamh, 0); /* no need to establish a session; this isn't a session-oriented diff --git a/login-utils/chsh.c b/login-utils/chsh.c index bca161fb3..f6a5c9fa1 100644 --- a/login-utils/chsh.c +++ b/login-utils/chsh.c @@ -33,6 +33,7 @@ #include <getopt.h> #include <stdbool.h> +#include "pamfail.h" #include "c.h" #include "islocal.h" #include "setpwnam.h" @@ -41,21 +42,6 @@ #include "pathnames.h" #include "xalloc.h" -#ifdef REQUIRE_PASSWORD -#include <security/pam_appl.h> -#include <security/pam_misc.h> - -#define PAM_FAIL_CHECK(_ph, _rc) \ - do { \ - if ((_rc) != PAM_SUCCESS) { \ - fprintf(stderr, "\n%s\n", pam_strerror((_ph), (_rc))); \ - pam_end((_ph), (_rc)); \ - exit(EXIT_FAILURE); \ - } \ - } while(0) - -#endif /* REQUIRE_PASSWORD */ - #ifdef HAVE_LIBSELINUX #include <selinux/selinux.h> #include <selinux/av_permissions.h> @@ -163,20 +149,22 @@ main (int argc, char *argv[]) { int retcode; retcode = pam_start("chsh", pw->pw_name, &conv, &pamh); - if(retcode != PAM_SUCCESS) - errx(EXIT_FAILURE, _("PAM failure, aborting: %s"), - pam_strerror(pamh, retcode)); + if (pam_fail_check(pamh, retcode)) + exit(EXIT_FAILURE); retcode = pam_authenticate(pamh, 0); - PAM_FAIL_CHECK(pamh, retcode); + if (pam_fail_check(pamh, retcode)) + exit(EXIT_FAILURE); retcode = pam_acct_mgmt(pamh, 0); if (retcode == PAM_NEW_AUTHTOK_REQD) retcode = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK); - PAM_FAIL_CHECK(pamh, retcode); + if (pam_fail_check(pamh, retcode)) + exit(EXIT_FAILURE); retcode = pam_setcred(pamh, 0); - PAM_FAIL_CHECK(pamh, retcode); + if (pam_fail_check(pamh, retcode)) + exit(EXIT_FAILURE); pam_end(pamh, 0); /* no need to establish a session; this isn't a session-oriented |