You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
pam/SOURCES/pam-1.3.1-audit-error.patch

36 lines
1.2 KiB

From b429ea18b1c9c8953df5169c6a453b4255a6f23d Mon Sep 17 00:00:00 2001
From: Iker Pedrosa <ikerpedrosam@gmail.com>
Date: Thu, 27 Feb 2020 11:48:47 +0100
Subject: [PATCH] pam_tty_audit: if kernel audit is disabled return PAM_IGNORE
If kernel audit is disabled the socket open will return
EPROTONOSUPPORT.
Return PAM_IGNORE from pam_tty_audit and log a warning
in this situation so login is not blocked by the module.
---
modules/pam_tty_audit/pam_tty_audit.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/modules/pam_tty_audit/pam_tty_audit.c b/modules/pam_tty_audit/pam_tty_audit.c
index 7dbcada2..589c60a2 100644
--- a/modules/pam_tty_audit/pam_tty_audit.c
+++ b/modules/pam_tty_audit/pam_tty_audit.c
@@ -351,6 +351,14 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char **argv)
fd = nl_open ();
if (fd == -1
+ && errno == EPROTONOSUPPORT)
+ {
+ pam_syslog (pamh, LOG_WARNING, "unable to open audit socket, audit not "
+ "supported; tty_audit skipped");
+ free (old_status);
+ return PAM_IGNORE;
+ }
+ else if (fd == -1
|| nl_send (fd, AUDIT_TTY_GET, 0, NULL, 0) != 0
|| nl_recv (fd, AUDIT_TTY_GET, old_status, sizeof (*old_status)) != 0)
{
--
2.25.2