Changed path and added debugging to log file

1 files changed, 4 insertions, 4 deletions

diff --git a/plugins/plugin_pam_phase1 b/plugins/plugin_pam_phase1
index f271460a..5222111e 100644
--- a/plugins/plugin_pam_phase1
+++ b/plugins/plugin_pam_phase1
@@ -15,7 +15,7 @@
 #-----------------------------------------------------
 #########################################################################
 #
-    PAM_DIRECTORY="/root/pam.d"
+    PAM_DIRECTORY="/etc/pam.d"
     # Test        : PLGN-0010
     # Description : Check PAM configuration
     if [ -f /etc/pam.conf -o -d /etc/pam.d ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
@@ -30,7 +30,7 @@
                 #if [ -f /etc/pam.conf ]; then FIND="/etc/pam.conf ${FIND}"; fi
                 for PAM_FILE in ${FIND_FILES}; do
                     #echo ""
-                    #echo "* ${PAM_FILE}"
+                    logtext "Now checking PAM file ${PAM_FILE}"
                     while read line; do
                         # Strip empty lines, commented lines, tabs, line breaks (\), then finally remove all double spaces
                         LINE=`echo $line | grep -v "^#" | grep -v "^$" | tr '\011' ' ' | sed 's/\\\n/ /' | sed 's/  / /g'`
@@ -285,7 +285,7 @@ report "authentication_two_factor_enabled=${PAM_2F_AUTH_ENABLED}"
 logtext "[PAM] PAM 2F authentication required: ${PAM_2F_AUTH_REQUIRED}"
 report "authentication_two_factor_required=${PAM_2F_AUTH_ENABLED}"
 
-if [ ! "${AUTH_UNLOCK_TIME}" = "" ]; then
+if [ ! "${AUTH_UNLOCK_TIME}" = "-1" ]; then
     logtext "[PAM] Authentication unlock time: ${AUTH_UNLOCK_TIME}"
     report "authentication_unlock_time=${AUTH_UNLOCK_TIME}"
   else
@@ -304,7 +304,7 @@ if [ ${PAM_AUTH_BRUTE_FORCE_PROTECTION} -eq 1 ]; then
     report "authentication_brute_force_protection=1"
 fi
 
-if [ ! "${MIN_PASSWORD_LENGTH}" = "" ]; then
+if [ ! "${MIN_PASSWORD_LENGTH}" = "-1" ]; then
     logtext "[PAM] Minimum password length: ${MIN_PASSWORD_LENGTH}"
     report "minimum_password_length=${MIN_PASSWORD_LENGTH}"
   else