#include "cron.h" #ifdef USE_PAM #include static pam_handle_t *pamh = NULL; static const struct pam_conv cron_conv; int cron_pam_start (const char *username) { int retval; if (pamh) return 0; retval = pam_start ("cron", username, &cron_conv, &pamh); log_close (); if (retval != PAM_SUCCESS) { pamh = NULL; log_it ("CRON", getpid (), "pam_start failed", pam_strerror (pamh, retval)); return 0; } retval = pam_authenticate (pamh, PAM_SILENT); log_close (); if (retval != PAM_SUCCESS) { log_it ("CRON", getpid (), "pam_authenticate failed", pam_strerror (pamh, retval)); pam_end (pamh, retval); pamh = NULL; return 0; } retval = pam_acct_mgmt (pamh, PAM_SILENT); log_close (); if (retval != PAM_SUCCESS) { log_it ("CRON", getpid (), "pam_acct_mgmt failed", pam_strerror (pamh, retval)); pam_end (pamh, retval); pamh = NULL; return 0; } retval = pam_open_session (pamh, PAM_SILENT); log_close (); if (retval != PAM_SUCCESS) { log_it ("CRON", getpid (), "pam_open_session failed", pam_strerror (pamh, retval)); pam_end (pamh, retval); pamh = NULL; return 0; } return 1; } int cron_pam_setcred (void) { int retval; if (!pamh) return 0; retval = pam_setcred (pamh, PAM_ESTABLISH_CRED | PAM_SILENT); log_close (); if (retval != PAM_SUCCESS) { log_it ("CRON", getpid (), "pam_setcred failed", pam_strerror (pamh, retval)); pam_end (pamh, retval); pamh = NULL; log_close (); return 0; } return 1; } void cron_pam_finish (void) { if (!pamh) return; pam_close_session (pamh, 0); pam_end (pamh, 0); pamh = NULL; log_close (); } #ifndef PAM_DATA_SILENT #define PAM_DATA_SILENT 0 #endif void cron_pam_child_close (void) { pam_end (pamh, PAM_DATA_SILENT); pamh = NULL; log_close (); } char ** cron_pam_getenvlist (char **envp) { if (!pamh || !envp) return 0; for (; *envp; ++envp) if (pam_putenv (pamh, *envp) != PAM_SUCCESS) return 0; return pam_getenvlist (pamh); } #endif /* USE_PAM */