2 * Redistribution and use in source and binary forms, with or without
3 * modification, are permitted provided that the following conditions
5 * 1. Redistributions of source code must retain the above copyright
6 * notice, and the entire permission notice in its entirety,
7 * including the disclaimer of warranties.
8 * 2. Redistributions in binary form must reproduce the above copyright
9 * notice, this list of conditions and the following disclaimer in the
10 * documentation and/or other materials provided with the distribution.
11 * 3. The name of the author may not be used to endorse or promote
12 * products derived from this software without specific prior
15 * ALTERNATIVELY, this product may be distributed under the terms of
16 * the GNU Public License, in which case the provisions of the GPL are
17 * required INSTEAD OF the above restrictions. (This clause is
18 * necessary due to a potential bad interaction between the GPL and
19 * the restrictions contained in a BSD-style copyright.)
21 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
22 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
23 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
24 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
25 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
26 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
29 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
31 * OF THE POSSIBILITY OF SUCH DAMAGE.
37 Check the following line in group.conf:
39 tst-pam_group1;*;tstpamgrp;Al0000-2400;tstpamgrp
42 pam_group should add group tstpamgrp to user tstpamgrp, but not
54 #include <sys/types.h>
55 #include <security/pam_appl.h>
58 #define blk_size(len) (((len-1 + GROUP_BLK)/GROUP_BLK)*GROUP_BLK)
60 /* A conversation function which uses an internally-stored value for
63 fake_conv (int num_msg, const struct pam_message **msgm UNUSED,
64 struct pam_response **response, void *appdata_ptr UNUSED)
66 struct pam_response *reply;
73 /* Allocate memory for the responses. */
74 reply = calloc (num_msg, sizeof (struct pam_response));
78 /* Each prompt elicits the same response. */
79 for (count = 0; count < num_msg; ++count)
81 reply[count].resp_retcode = 0;
82 reply[count].resp = strdup ("!!");
85 /* Set the pointers in the response structure and return. */
90 static struct pam_conv conv = {
98 run_test (const char *user, gid_t groupid, int needit)
100 pam_handle_t *pamh = NULL;
103 retval = pam_start("tst-pam_group1", user, &conv, &pamh);
104 if (retval != PAM_SUCCESS)
107 fprintf (stderr, "pam_group1: pam_start returned %d\n", retval);
111 retval = pam_set_item (pamh, PAM_TTY, "/dev/tty1");
112 if (retval != PAM_SUCCESS)
116 "pam_group1: pam_set_item(PAM_TTY) returned %d\n",
121 retval = pam_authenticate (pamh, 0);
122 if (retval != PAM_SUCCESS)
125 fprintf (stderr, "pam_group1: pam_authenticate returned %d\n", retval);
129 retval = pam_setcred (pamh, PAM_ESTABLISH_CRED);
130 if (retval != PAM_SUCCESS)
133 fprintf (stderr, "pam_group1: pam_setcred returned %d\n", retval);
138 int no_grps = getgroups(0, NULL); /* find the current number of groups */
142 gid_t *grps = calloc (blk_size (no_grps), sizeof(gid_t));
144 if (getgroups(no_grps, grps) < 0)
147 fprintf (stderr, "pam_group1: getroups returned error: %m\n");
148 pam_end (pamh, PAM_SYSTEM_ERR);
153 for (i = 0; i < no_grps; ++i)
157 fprintf (stderr, "gid[%d]=%d\n", i, grps[i]);
159 if (grps[i] == groupid)
162 if ((needit && found) || (!needit && !found))
164 /* everything is ok */
168 pam_end (pamh, PAM_SYSTEM_ERR);
171 "pam_group1: unexpected result for %s: needit=%d, found=%d\n",
172 user, needit, found);
177 retval = pam_end (pamh,retval);
178 if (retval != PAM_SUCCESS)
181 fprintf (stderr, "pam_group1: pam_end returned %d\n", retval);
188 main(int argc, char *argv[])
193 if (argc > 1 && strcmp (argv[1], "-d") == 0)
196 grp = getgrnam ("tstpamgrp");
201 if (run_test ("root", grpid, 0) != 0 ||
202 run_test ("tstpamgrp2", grpid, 0) != 0 ||
203 run_test ("tstpamgrp", grpid, 1) != 0)