Set mailfrom to the user account, better PAM logging.

diff --git a/src/do_command.c b/src/do_command.c
index e664d4c41b1331725dd6110faed7dd7f401b5d4d..e1f54017c97369a7f64f27068af6ce773cd7eb2e 100644 (file)
--- a/src/do_command.c
+++ b/src/do_command.c
@@ -382,14 +382,10 @@ static int child_process(entry * e, user * u, char **jobenv) {
                        }
 
                        /* get sender address.  this is MAILFROM if set (and safe),
-                        * root otherwise.
-                        * mailfrom is not freed because it lives only in this short
-                        * child process. Freeing could lead to segfaul, when mailfrom
-                        * is acquired from env_get function.
+                        * the user account name otherwise.
                         */
                        if (!mailfrom || !*mailfrom || !safe_p(usernm, mailfrom)) {
-                               mailfrom = calloc(5, sizeof (char));
-                               strcpy(mailfrom, "root");
+                               mailfrom = e->pwd->pw_name;
                        }
 
                        /* if we are supposed to be mailing, MAILTO will

diff --git a/src/security.c b/src/security.c
index 581620524380fd8fd2ddabaac351864448ba2bee..f6940a5336a4da50e1a83739f4f5bb5ad42fcba6 100644 (file)
--- a/src/security.c
+++ b/src/security.c
@@ -65,7 +65,7 @@ static const struct pam_conv conv = {
 static int cron_open_pam_session(struct passwd *pw);
 
 # define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \
-       fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \
+       log_it(pw->pw_name, getpid(), "PAM ERROR", pam_strerror(pamh, retcode), 0); \
        if (pamh != NULL) { \
                if (pam_session_opened != 0) \
                        pam_close_session(pamh, PAM_SILENT); \