md5.h \
minix.h \
nls.h \
+ pamfail.h \
path.h \
pathnames.h \
procutils.h \
--- /dev/null
+#ifndef UTIL_LINUX_PAMFAIL_H
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+#include "c.h"
+
+static inline int
+pam_fail_check(pam_handle_t *pamh, int retcode)
+{
+ if (retcode == PAM_SUCCESS)
+ return 0;
+ warnx("%s", pam_strerror(pamh, retcode));
+ pam_end(pamh, retcode);
+ return 1;
+}
+
+#endif /* UTIL_LINUX_PAMFAIL_H */
#include <getopt.h>
#include <stdbool.h>
+#include "pamfail.h"
#include "islocal.h"
#include "setpwnam.h"
#include "strutils.h"
#include "selinux_utils.h"
#endif
-#ifdef REQUIRE_PASSWORD
-#include <security/pam_appl.h>
-#include <security/pam_misc.h>
-
-#define PAM_FAIL_CHECK(_ph, _rc) \
- do { \
- if ((_rc) != PAM_SUCCESS) { \
- fprintf(stderr, "\n%s\n", pam_strerror((_ph), (_rc))); \
- pam_end((_ph), (_rc)); \
- exit(EXIT_FAILURE); \
- } \
- } while(0)
-
-#endif /* REQUIRE_PASSWORD */
-
static char buf[1024];
struct finfo {
int retcode;
retcode = pam_start("chfn", oldf.username, &conv, &pamh);
- if(retcode != PAM_SUCCESS)
- errx(EXIT_FAILURE, _("PAM failure, aborting: %s"),
- pam_strerror(pamh, retcode));
+ if (pam_fail_check(pamh, retcode))
+ exit(EXIT_FAILURE);
retcode = pam_authenticate(pamh, 0);
- PAM_FAIL_CHECK(pamh, retcode);
+ if (pam_fail_check(pamh, retcode))
+ exit(EXIT_FAILURE);
retcode = pam_acct_mgmt(pamh, 0);
if (retcode == PAM_NEW_AUTHTOK_REQD)
retcode = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
- PAM_FAIL_CHECK(pamh, retcode);
+ if (pam_fail_check(pamh, retcode))
+ exit(EXIT_FAILURE);
retcode = pam_setcred(pamh, 0);
- PAM_FAIL_CHECK(pamh, retcode);
+ if (pam_fail_check(pamh, retcode))
+ exit(EXIT_FAILURE);
pam_end(pamh, 0);
/* no need to establish a session; this isn't a session-oriented
#include <getopt.h>
#include <stdbool.h>
+#include "pamfail.h"
#include "c.h"
#include "islocal.h"
#include "setpwnam.h"
#include "pathnames.h"
#include "xalloc.h"
-#ifdef REQUIRE_PASSWORD
-#include <security/pam_appl.h>
-#include <security/pam_misc.h>
-
-#define PAM_FAIL_CHECK(_ph, _rc) \
- do { \
- if ((_rc) != PAM_SUCCESS) { \
- fprintf(stderr, "\n%s\n", pam_strerror((_ph), (_rc))); \
- pam_end((_ph), (_rc)); \
- exit(EXIT_FAILURE); \
- } \
- } while(0)
-
-#endif /* REQUIRE_PASSWORD */
-
#ifdef HAVE_LIBSELINUX
#include <selinux/selinux.h>
#include <selinux/av_permissions.h>
int retcode;
retcode = pam_start("chsh", pw->pw_name, &conv, &pamh);
- if(retcode != PAM_SUCCESS)
- errx(EXIT_FAILURE, _("PAM failure, aborting: %s"),
- pam_strerror(pamh, retcode));
+ if (pam_fail_check(pamh, retcode))
+ exit(EXIT_FAILURE);
retcode = pam_authenticate(pamh, 0);
- PAM_FAIL_CHECK(pamh, retcode);
+ if (pam_fail_check(pamh, retcode))
+ exit(EXIT_FAILURE);
retcode = pam_acct_mgmt(pamh, 0);
if (retcode == PAM_NEW_AUTHTOK_REQD)
retcode = pam_chauthtok(pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
- PAM_FAIL_CHECK(pamh, retcode);
+ if (pam_fail_check(pamh, retcode))
+ exit(EXIT_FAILURE);
retcode = pam_setcred(pamh, 0);
- PAM_FAIL_CHECK(pamh, retcode);
+ if (pam_fail_check(pamh, retcode))
+ exit(EXIT_FAILURE);
pam_end(pamh, 0);
/* no need to establish a session; this isn't a session-oriented
projects / thirdparty / util-linux.git / commitdiff
