diff options
| author | Guido Guenther <agx@sigxcpu.org> | 2006-02-07 14:44:23 +0000 |
|---|---|---|
| committer | Guido Guenther <agx@sigxcpu.org> | 2006-02-07 14:44:23 +0000 |
| commit | d0393219996e9f32e8adf61497a7d327552b804d (patch) | |
| tree | 34f5d0c18bf51e150365d65e00f6a61840ecda44 | |
| parent | 8aa01436eba535f146f181f1122555159acc7384 (diff) | |
pass-passwd-via-environment
| -rw-r--r-- | pam_exec.c | 18 |
1 files changed, 12 insertions, 6 deletions
@@ -70,9 +70,11 @@ static int do_exec(pam_handle_t *pamh, const char *function, int argc, const cha char *args=NULL; #define ARGS_MAX 9 char **pass_argv; + char **pass_env; pid_t child; pass_argv=calloc(ARGS_MAX, sizeof(char*)); + pass_env=calloc(2, sizeof(char*)); for (i = 0; i < argc; i++) { if (!strncmp (argv[i], "exec=", 5)) @@ -102,11 +104,9 @@ static int do_exec(pam_handle_t *pamh, const char *function, int argc, const cha if((ret=append_arg(pamh, PAM_TTY, "tty", &pass_argv)) != PAM_SUCCESS) { goto out; } -#if 0 /* not good passing this on the commandline, we could put it in the environment */ - if((ret=append_arg(pamh, PAM_AUTHTOK, "passwd", &pass_argv)) != PAM_SUCCESS) { + if((ret=append_arg(pamh, PAM_AUTHTOK, "PASSWD", &pass_env)) != PAM_SUCCESS) { goto out; } -#endif if((ret=append_arg(pamh, PAM_RUSER, "ruser", &pass_argv)) != PAM_SUCCESS) { goto out; } @@ -128,9 +128,11 @@ static int do_exec(pam_handle_t *pamh, const char *function, int argc, const cha goto out; } else { if(!child) { - if(execve(pass_argv[0], pass_argv, NULL) == -1) - _pam_log(LOG_ERR, "Cannot execve: %s", strerror(errno)); - exit(1); + if(execve(pass_argv[0], pass_argv, pass_env) == -1) { + _pam_log(LOG_ERR, "Cannot execve: %s", strerror(errno)); + exit(1); + } else + exit(0); /* we never get here */ } else { int status; if(debug) @@ -156,6 +158,10 @@ out: } free(pass_argv); + if(pass_env[0]) + free(pass_env[0]); + free(pass_env); + if(ret == PAM_SUCCESS) ret=PAM_IGNORE; return ret; |