Allow to use in session

rda0 · Jun 27, 2024 · e3229ab · e3229ab
1 parent 79833dd
commit e3229ab
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 18 deletions.
diff --git a/README.md b/README.md
@@ -5,6 +5,7 @@ PAM module to check if the login occurs via a specific tty like a serial console
 It will return `PAM_SUCCESS` if the first characters of the
 tty used for login matches one of the strings supplied as
 value of argument `tty`.
+Can be used in `auth` and `session`, in other groups returns `PAM_IGNORE`.
 
 Example: `tty=/dev/ttyS` will match all logins via a serial
 console like `/dev/ttyS0`, `/dev/ttyS1`, etc.
@@ -44,7 +45,6 @@ cd pam-tty
 ```sh
 make
 ```
-
 Or, if you are running a multilib system:
 
 ```sh

diff --git a/pam_tty.c b/pam_tty.c
@@ -109,23 +109,8 @@ static char** get_values(char* list, const char* delimiter) {
     return values;
 }
 
-/* PAM entry point for session creation */
-int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) {
-    return(PAM_IGNORE);
-}
-
-/* PAM entry point for session cleanup */
-int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) {
-    return(PAM_IGNORE);
-}
-
-/* PAM entry point for accounting */
-int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) {
-    return(PAM_IGNORE);
-}
-
-/* PAM entry point for authentication verification */
-int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) {
+/* Returns PAM_SUCCESS if login occurs via a specific tty */
+int pam_tty(pam_handle_t *pamh, int argc, const char **argv) {
     int pgi_ret, i;
     unsigned int debug = 0;
     char *tty;
@@ -184,6 +169,26 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **ar
     return(PAM_IGNORE);
 }
 
+/* PAM entry point for session creation */
+int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) {
+    return(pam_tty(pamh, argc, argv));
+}
+
+/* PAM entry point for session cleanup */
+int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) {
+    return(PAM_IGNORE);
+}
+
+/* PAM entry point for accounting */
+int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) {
+    return(PAM_IGNORE);
+}
+
+/* PAM entry point for authentication verification */
+int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) {
+    return(pam_tty(pamh, argc, argv));
+}
+
 /*
    PAM entry point for setting user credentials (that is, to actually
    establish the authenticated user's credentials to the service provider)