diff options
Diffstat (limited to 'auth.c')
-rw-r--r-- | auth.c | 30 |
1 files changed, 15 insertions, 15 deletions
@@ -102,19 +102,19 @@ allowed_user(struct passwd * pw) | |||
102 | * day after the day specified. | 102 | * day after the day specified. |
103 | */ | 103 | */ |
104 | if (spw->sp_expire != -1 && today > spw->sp_expire) { | 104 | if (spw->sp_expire != -1 && today > spw->sp_expire) { |
105 | log("Account %.100s has expired", pw->pw_name); | 105 | logit("Account %.100s has expired", pw->pw_name); |
106 | return 0; | 106 | return 0; |
107 | } | 107 | } |
108 | 108 | ||
109 | if (spw->sp_lstchg == 0) { | 109 | if (spw->sp_lstchg == 0) { |
110 | log("User %.100s password has expired (root forced)", | 110 | logit("User %.100s password has expired (root forced)", |
111 | pw->pw_name); | 111 | pw->pw_name); |
112 | return 0; | 112 | return 0; |
113 | } | 113 | } |
114 | 114 | ||
115 | if (spw->sp_max != -1 && | 115 | if (spw->sp_max != -1 && |
116 | today > spw->sp_lstchg + spw->sp_max) { | 116 | today > spw->sp_lstchg + spw->sp_max) { |
117 | log("User %.100s password has expired (password aged)", | 117 | logit("User %.100s password has expired (password aged)", |
118 | pw->pw_name); | 118 | pw->pw_name); |
119 | return 0; | 119 | return 0; |
120 | } | 120 | } |
@@ -129,13 +129,13 @@ allowed_user(struct passwd * pw) | |||
129 | 129 | ||
130 | /* deny if shell does not exists or is not executable */ | 130 | /* deny if shell does not exists or is not executable */ |
131 | if (stat(shell, &st) != 0) { | 131 | if (stat(shell, &st) != 0) { |
132 | log("User %.100s not allowed because shell %.100s does not exist", | 132 | logit("User %.100s not allowed because shell %.100s does not exist", |
133 | pw->pw_name, shell); | 133 | pw->pw_name, shell); |
134 | return 0; | 134 | return 0; |
135 | } | 135 | } |
136 | if (S_ISREG(st.st_mode) == 0 || | 136 | if (S_ISREG(st.st_mode) == 0 || |
137 | (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { | 137 | (st.st_mode & (S_IXOTH|S_IXUSR|S_IXGRP)) == 0) { |
138 | log("User %.100s not allowed because shell %.100s is not executable", | 138 | logit("User %.100s not allowed because shell %.100s is not executable", |
139 | pw->pw_name, shell); | 139 | pw->pw_name, shell); |
140 | return 0; | 140 | return 0; |
141 | } | 141 | } |
@@ -150,7 +150,7 @@ allowed_user(struct passwd * pw) | |||
150 | for (i = 0; i < options.num_deny_users; i++) | 150 | for (i = 0; i < options.num_deny_users; i++) |
151 | if (match_user(pw->pw_name, hostname, ipaddr, | 151 | if (match_user(pw->pw_name, hostname, ipaddr, |
152 | options.deny_users[i])) { | 152 | options.deny_users[i])) { |
153 | log("User %.100s not allowed because listed in DenyUsers", | 153 | logit("User %.100s not allowed because listed in DenyUsers", |
154 | pw->pw_name); | 154 | pw->pw_name); |
155 | return 0; | 155 | return 0; |
156 | } | 156 | } |
@@ -163,7 +163,7 @@ allowed_user(struct passwd * pw) | |||
163 | break; | 163 | break; |
164 | /* i < options.num_allow_users iff we break for loop */ | 164 | /* i < options.num_allow_users iff we break for loop */ |
165 | if (i >= options.num_allow_users) { | 165 | if (i >= options.num_allow_users) { |
166 | log("User %.100s not allowed because not listed in AllowUsers", | 166 | logit("User %.100s not allowed because not listed in AllowUsers", |
167 | pw->pw_name); | 167 | pw->pw_name); |
168 | return 0; | 168 | return 0; |
169 | } | 169 | } |
@@ -171,7 +171,7 @@ allowed_user(struct passwd * pw) | |||
171 | if (options.num_deny_groups > 0 || options.num_allow_groups > 0) { | 171 | if (options.num_deny_groups > 0 || options.num_allow_groups > 0) { |
172 | /* Get the user's group access list (primary and supplementary) */ | 172 | /* Get the user's group access list (primary and supplementary) */ |
173 | if (ga_init(pw->pw_name, pw->pw_gid) == 0) { | 173 | if (ga_init(pw->pw_name, pw->pw_gid) == 0) { |
174 | log("User %.100s not allowed because not in any group", | 174 | logit("User %.100s not allowed because not in any group", |
175 | pw->pw_name); | 175 | pw->pw_name); |
176 | return 0; | 176 | return 0; |
177 | } | 177 | } |
@@ -181,7 +181,7 @@ allowed_user(struct passwd * pw) | |||
181 | if (ga_match(options.deny_groups, | 181 | if (ga_match(options.deny_groups, |
182 | options.num_deny_groups)) { | 182 | options.num_deny_groups)) { |
183 | ga_free(); | 183 | ga_free(); |
184 | log("User %.100s not allowed because a group is listed in DenyGroups", | 184 | logit("User %.100s not allowed because a group is listed in DenyGroups", |
185 | pw->pw_name); | 185 | pw->pw_name); |
186 | return 0; | 186 | return 0; |
187 | } | 187 | } |
@@ -193,7 +193,7 @@ allowed_user(struct passwd * pw) | |||
193 | if (!ga_match(options.allow_groups, | 193 | if (!ga_match(options.allow_groups, |
194 | options.num_allow_groups)) { | 194 | options.num_allow_groups)) { |
195 | ga_free(); | 195 | ga_free(); |
196 | log("User %.100s not allowed because none of user's groups are listed in AllowGroups", | 196 | logit("User %.100s not allowed because none of user's groups are listed in AllowGroups", |
197 | pw->pw_name); | 197 | pw->pw_name); |
198 | return 0; | 198 | return 0; |
199 | } | 199 | } |
@@ -219,7 +219,7 @@ allowed_user(struct passwd * pw) | |||
219 | } | 219 | } |
220 | /* Remove trailing newline */ | 220 | /* Remove trailing newline */ |
221 | *--p = '\0'; | 221 | *--p = '\0'; |
222 | log("Login restricted for %s: %.100s", pw->pw_name, | 222 | logit("Login restricted for %s: %.100s", pw->pw_name, |
223 | loginmsg); | 223 | loginmsg); |
224 | } | 224 | } |
225 | /* Don't fail if /etc/nologin set */ | 225 | /* Don't fail if /etc/nologin set */ |
@@ -293,12 +293,12 @@ auth_root_allowed(char *method) | |||
293 | break; | 293 | break; |
294 | case PERMIT_FORCED_ONLY: | 294 | case PERMIT_FORCED_ONLY: |
295 | if (forced_command) { | 295 | if (forced_command) { |
296 | log("Root login accepted for forced command."); | 296 | logit("Root login accepted for forced command."); |
297 | return 1; | 297 | return 1; |
298 | } | 298 | } |
299 | break; | 299 | break; |
300 | } | 300 | } |
301 | log("ROOT LOGIN REFUSED FROM %.200s", get_remote_ipaddr()); | 301 | logit("ROOT LOGIN REFUSED FROM %.200s", get_remote_ipaddr()); |
302 | return 0; | 302 | return 0; |
303 | } | 303 | } |
304 | 304 | ||
@@ -390,7 +390,7 @@ check_key_in_hostfiles(struct passwd *pw, Key *key, const char *host, | |||
390 | (stat(user_hostfile, &st) == 0) && | 390 | (stat(user_hostfile, &st) == 0) && |
391 | ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || | 391 | ((st.st_uid != 0 && st.st_uid != pw->pw_uid) || |
392 | (st.st_mode & 022) != 0)) { | 392 | (st.st_mode & 022) != 0)) { |
393 | log("Authentication refused for %.100s: " | 393 | logit("Authentication refused for %.100s: " |
394 | "bad owner or modes for %.200s", | 394 | "bad owner or modes for %.200s", |
395 | pw->pw_name, user_hostfile); | 395 | pw->pw_name, user_hostfile); |
396 | } else { | 396 | } else { |
@@ -494,7 +494,7 @@ getpwnamallow(const char *user) | |||
494 | 494 | ||
495 | pw = getpwnam(user); | 495 | pw = getpwnam(user); |
496 | if (pw == NULL) { | 496 | if (pw == NULL) { |
497 | log("Illegal user %.100s from %.100s", | 497 | logit("Illegal user %.100s from %.100s", |
498 | user, get_remote_ipaddr()); | 498 | user, get_remote_ipaddr()); |
499 | #ifdef WITH_AIXAUTHENTICATE | 499 | #ifdef WITH_AIXAUTHENTICATE |
500 | loginfailed(user, | 500 | loginfailed(user, |