From 8c5f67f62442640c435241a9a099282252d6d2cf Mon Sep 17 00:00:00 2001 From: mboelen Date: Thu, 15 Oct 2015 20:10:21 +0200 Subject: Added debugging and several fixes --- plugins/plugin_pam_phase1 | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) (limited to 'plugins') diff --git a/plugins/plugin_pam_phase1 b/plugins/plugin_pam_phase1 index 5222111e..a762a6cd 100644 --- a/plugins/plugin_pam_phase1 +++ b/plugins/plugin_pam_phase1 @@ -160,8 +160,8 @@ logtext "Result: found ${PAM_MODULE} module (generic)" if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then for I in ${PAM_MODULE_OPTIONS}; do - OPTION=`echo ${PAM_FILE} | awk -F= '{ print $1 }'` - VALUE=`echo ${PAM_FILE} | awk -F= '{ print $2 }'` + OPTION=`echo ${I} | awk -F= '{ print $1 }'` + VALUE=`echo ${I} | awk -F= '{ print $2 }'` CREDITS_CONFIGURED=0 case ${OPTION} in # pam_pwhistory / pam_unix @@ -185,11 +185,14 @@ # Password strength testing pam_cracklib | pam_pwquality) logtext "Result: found module ${PAM_MODULE} for password strength testing" + Debug "FOUND" PAM_MODULE_PASSWORD_STRENGTH_TESTED=1 if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then + Debug "Module options configured" for I in ${PAM_MODULE_OPTIONS}; do - OPTION=`echo ${PAM_FILE} | awk -F= '{ print $1 }'` - VALUE=`echo ${PAM_FILE} | awk -F= '{ print $2 }'` + OPTION=`echo ${I} | awk -F= '{ print $1 }'` + Debug ${OPTION} + VALUE=`echo ${I} | awk -F= '{ print $2 }'` CREDITS_CONFIGURED=0 case ${OPTION} in minlen) @@ -222,6 +225,9 @@ # Uppercase characters if [ ${VALUE} -gt 0 ]; then CREDITS_CONFIGURED=1; fi ;; + *) + logtext "Result: unknown option found: ${OPTION} with value ${VALUE}" + ;; esac if [ ${CREDITS_CONFIGURED} -eq 1 ]; then logtext "Result: Credits are configured, password length minus 1" @@ -239,8 +245,8 @@ fi if [ ! "${PAM_MODULE_OPTIONS}" = "" ]; then for I in ${PAM_MODULE_OPTIONS}; do - OPTION=`echo ${PAM_FILE} | awk -F= '{ print $1 }'` - VALUE=`echo ${PAM_FILE} | awk -F= '{ print $2 }'` + OPTION=`echo ${I} | awk -F= '{ print $1 }'` + VALUE=`echo ${I} | awk -F= '{ print $2 }'` case ${OPTION} in deny) AUTH_BLOCK_BAD_LOGIN_ATTEMPTS="${VALUE}" @@ -257,12 +263,12 @@ ;; esac fi - Debug "Service: ${PAM_SERVICE}" - Debug "Type: ${PAM_TYPE}" - Debug "Control: ${PAM_CONTROL_FLAG}" - Debug "Control options: ${PAM_CONTROL_OPTIONS}" - Debug "Module: ${PAM_MODULE_NAME}" - Debug "Module options: ${PAM_MODULE_OPTIONS}" + #Debug "Service: ${PAM_SERVICE}" + #Debug "Type: ${PAM_TYPE}" + #Debug "Control: ${PAM_CONTROL_FLAG}" + #Debug "Control options: ${PAM_CONTROL_OPTIONS}" + #Debug "Module: ${PAM_MODULE_NAME}" + #Debug "Module options: ${PAM_MODULE_OPTIONS}" fi done < ${PAM_FILE} #ParsePAMLine ${J} -- cgit v1.2.3