From 3d038d2e0dc7af04ec2f7c85ae325accb39f6237 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Mon, 27 Aug 2012 08:23:57 +0200 Subject: Check if the SELinux login directory exists https://fedorahosted.org/sssd/ticket/1492 --- configure.ac | 1 + src/external/selinux.m4 | 9 +++++++++ src/responder/pam/pamsrv_cmd.c | 6 +++--- 3 files changed, 13 insertions(+), 3 deletions(-) diff --git a/configure.ac b/configure.ac index 5cd8c723f..aabf375ce 100644 --- a/configure.ac +++ b/configure.ac @@ -214,6 +214,7 @@ fi if test x$HAVE_SELINUX != x; then AM_CHECK_SELINUX + AM_CHECK_SELINUX_LOGIN_DIR fi if test x$HAVE_SEMANAGE != x -a x$HAVE_SELINUX != x; then diff --git a/src/external/selinux.m4 b/src/external/selinux.m4 index d1b961a49..1f41b3128 100644 --- a/src/external/selinux.m4 +++ b/src/external/selinux.m4 @@ -23,3 +23,12 @@ AC_DEFUN([AM_CHECK_SEMANAGE], [AC_MSG_ERROR([libsemanage is missing])]) AC_SUBST(SEMANAGE_LIBS) ]) + +dnl Check if the SELinux login directory exists +AC_DEFUN([AM_CHECK_SELINUX_LOGIN_DIR], +[ + AC_CHECK_FILE(/etc/selinux/targeted/logins/, + [AC_DEFINE([HAVE_SELINUX_LOGIN_DIR], [1], + [The directory to store SELinux user login is available])], + [AC_MSG_WARN([SELinux login directory is not available])]) +]) diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index 238b4fa7f..4c0356832 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -33,7 +33,7 @@ #include "responder/pam/pam_helpers.h" #include "db/sysdb.h" #include "db/sysdb_selinux.h" -#ifdef HAVE_SELINUX +#ifdef HAVE_SELINUX_LOGIN_DIR #include #endif @@ -356,7 +356,7 @@ fail: return ret; } -#ifdef HAVE_SELINUX +#ifdef HAVE_SELINUX_LOGIN_DIR #define ALL_SERVICES "*" #define selogin_path(mem_ctx, username) \ @@ -829,7 +829,7 @@ static void pam_reply(struct pam_auth_req *preq) return; } -#ifdef HAVE_SELINUX +#ifdef HAVE_SELINUX_LOGIN_DIR if (pd->cmd == SSS_PAM_ACCT_MGMT && pd->pam_status == PAM_SUCCESS) { /* Try to fetch data from sysdb -- cgit