17require_once(
"auth-functions.php");
39 if(!file_exists($config)) {
40 $c->messages[] = sprintf(i18n(
'drivers_pwauth_pam : Unable to find %s file'), $config);
51function PWAUTH_PAM_check($username, $password) {
53 $program = $c->authenticate_hook[
'config'][
'path'];
54 $email_base = $c->authenticate_hook[
'config'][
'email_base'];
56 $pipe = popen(escapeshellarg($program),
'w');
57 $authinfo = sprintf(
"%s\n%s\n", $username, $password);
58 $written = fwrite($pipe, $authinfo);
59 dbg_error_log(
'PAM',
'Bytes written: %d of %d', $written, strlen($authinfo));
60 $return_status = pclose($pipe);
62 switch($return_status) {
65 dbg_error_log(
'PAM',
'User %s successfully authenticated', $username);
66 $principal =
new Principal(
'username',$username);
67 if ( !$principal->Exists() ) {
68 dbg_error_log(
'PAM',
'User %s does not exist in local db, creating', $username);
69 $pwent = posix_getpwnam($username);
70 $gecos = explode(
',',$pwent[
'gecos']);
71 $fullname = $gecos[0];
72 $principal->Create( array(
73 'username' => $username,
75 'email' => sprintf(
'%s@%s', $username, $email_base),
76 'fullname' => $fullname
78 if ( ! $principal->Exists() ) {
79 dbg_error_log(
"PAM",
"Unable to create local principal for '%s'", $username );
82 CreateHomeCollections($username);
83 CreateDefaultRelationships($username);
97 dbg_error_log(
'PAM',
'Invalid username or password (username: %s)', $username);
102 dbg_error_log(
'PAM',
'UID for username %s is < pwauth MIN_UNIX_UID', $username);
107 dbg_error_log(
'PAM',
'The account for %s has expired', $username);
112 dbg_error_log(
'PAM',
'The account password for user %s has expired', $username);
117 dbg_error_log(
'PAM',
'Logins administratively disabled (%s)', $username);
122 dbg_error_log(
'PAM',
'Login rejected for %s, too many failures', $username);
127 dbg_error_log(
'PAM',
'config error: see pwauth man page (%s)',
'STATUS_INT_USER');
132 dbg_error_log(
'PAM',
'error: pwauth received no username/password');
137 dbg_error_log(
'PAM',
'error: see pwauth man page (%s)',
'STATUS_INT_ERR');
142 dbg_error_log(
'PAM',
'config error: cannot read password database (%s)',
'STATUS_INT_NOROOT');
147 dbg_error_log(
'PAM',
'An unknown error (%d) has occurred', $return_status);