On Wed, Sep 03, 2014 at 03:33:57PM +0200, Tomas Mraz wrote: [...]
Well at least the pam module name cannot be /.so but grantor=/ could be confusing as well. I'll stick with the original grantor=? as supporting module named ?.so is something we do not really have to :).
Well, I've never had a module named ?.so before, but I have it now, and it works perfectly well. :)
So, I'll rather change the patch so there is no possibility of the message not having the grantor field than remove the grantor=? case completely.
OK, maybe call it "/?", so that the name will be distinguishable from supported module names?
The attached patch should contain this change and all the other minor corrections.
[...]
- if (asprintf(&buf, "PAM:%s%s%s", message, grantors?" grantors=":"", grantors?grantors:"") >= 0) {
Could you kindly make this expression more readable, please?
[...]
- if (_pam_audit_writelog(pamh, audit_fd, type, message, grantors?grantors:"?", retval) < 0)
And this one, too.