Add a no_fail option.

Sponsored by: DARPA, NAI Labs
2002-05-08 00:31:45 +00:00 · 2002-05-08 00:31:45 +00:00 · 89136eab16
commit 89136eab16
parent 2256d3698a
2 changed files with 20 additions and 6 deletions
--- a/lib/libpam/modules/pam_lastlog/pam_lastlog.8
+++ b/lib/libpam/modules/pam_lastlog/pam_lastlog.8
@ -74,6 +74,19 @@ databases.
 The
 .Fn pam_sm_close_session
 function does nothing.
+.Pp
+The following options may be passed to the authentication module:
+.Bl -tag -width ".Cm no_warn"
+.It Cm debug
+.Xr syslog 3
+debugging information at
+.Dv LOG_DEBUG
+level.
+.It Cm no_warn
+suppress warning messages to the user.
+.It Cm no_fail
+Ignore I/O failures.
+.El
 .Sh SEE ALSO
 .Xr last 1 ,
 .Xr lastlogin 1 ,
--- a/lib/libpam/modules/pam_lastlog/pam_lastlog.c
+++ b/lib/libpam/modules/pam_lastlog/pam_lastlog.c
@ -97,10 +97,8 @@ pam_sm_open_session(pam_handle_t *pamh, int flags,
 		return (PAM_SERVICE_ERR);

 	fd = open(_PATH_LASTLOG, O_RDWR|O_CREAT, 0644);
-	if (fd == -1) {
-		syslog(LOG_ERR, "cannot open %s: %m", _PATH_LASTLOG);
-		return (PAM_SERVICE_ERR);
-	}
+	if (fd == -1)
+		goto file_err;

 	/*
 	 * Record session in lastlog(5).
@ -149,11 +147,14 @@ pam_sm_open_session(pam_handle_t *pamh, int flags,
 	(void)strncpy(utmp.ut_line, tty, sizeof(utmp.ut_line));
 	login(&utmp);

-	return (PAM_IGNORE);
+	return (PAM_SUCCESS);

 file_err:
 	syslog(LOG_ERR, "%s: %m", _PATH_LASTLOG);
-	close(fd);
+	if (fd != -1)
+		close(fd);
+	if (openpam_get_option(pamh, "no_fail"))
+		return (PAM_SUCCESS);
 	return (PAM_SERVICE_ERR);
 }