From 83bf46f4066e3d5e838a32357c201de9bd6ecdfd Mon Sep 17 00:00:00 2001 From: Nikolai Kondrashov Date: Wed, 12 Feb 2014 10:12:59 -0500 Subject: Update DEBUG* invocations to use new levels Use a script to update DEBUG* macro invocations, which use literal numbers for levels, to use bitmask macros instead: grep -rl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e 'use strict; use File::Slurp; my @map=qw" SSSDBG_FATAL_FAILURE SSSDBG_CRIT_FAILURE SSSDBG_OP_FAILURE SSSDBG_MINOR_FAILURE SSSDBG_CONF_SETTINGS SSSDBG_FUNC_DATA SSSDBG_TRACE_FUNC SSSDBG_TRACE_LIBS SSSDBG_TRACE_INTERNAL SSSDBG_TRACE_ALL "; my $text=read_file(\*STDIN); my $repl; $text=~s/ ^ ( .* \b (DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM) \s* \(\s* )( [0-9] )( \s*, ) ( \s* ) ( .* ) $ / $repl = $1.$map[$3].$4.$5.$6, length($repl) <= 80 ? $repl : $1.$map[$3].$4."\n".(" " x length($1)).$6 /xmge; print $text; ' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek Reviewed-by: Stephen Gallagher Reviewed-by: Simo Sorce --- src/responder/pam/pam_LOCAL_domain.c | 37 +++++++----- src/responder/pam/pamsrv.c | 13 +++-- src/responder/pam/pamsrv_cmd.c | 105 ++++++++++++++++++++--------------- src/responder/pam/pamsrv_dp.c | 20 ++++--- 4 files changed, 102 insertions(+), 73 deletions(-) (limited to 'src/responder/pam') diff --git a/src/responder/pam/pam_LOCAL_domain.c b/src/responder/pam/pam_LOCAL_domain.c index b602259ee..4b076146c 100644 --- a/src/responder/pam/pam_LOCAL_domain.c +++ b/src/responder/pam/pam_LOCAL_domain.c @@ -31,7 +31,7 @@ #define NULL_CHECK_OR_JUMP(var, msg, ret, err, label) do { \ if (var == NULL) { \ - DEBUG(1, msg); \ + DEBUG(SSSDBG_CRIT_FAILURE, msg); \ ret = (err); \ goto label; \ } \ @@ -39,7 +39,7 @@ #define NEQ_CHECK_OR_JUMP(var, val, msg, ret, err, label) do { \ if (var != (val)) { \ - DEBUG(1, msg); \ + DEBUG(SSSDBG_CRIT_FAILURE, msg); \ ret = (err); \ goto label; \ } \ @@ -168,7 +168,7 @@ static void do_pam_chauthtok(struct LOCAL_request *lreq) if (ret) { /* TODO: should we allow null passwords via a config option ? */ if (ret == ENOENT) { - DEBUG(1, "Empty passwords are not allowed!\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Empty passwords are not allowed!\n"); } lreq->error = EINVAL; goto done; @@ -177,12 +177,12 @@ static void do_pam_chauthtok(struct LOCAL_request *lreq) ret = s3crypt_gen_salt(lreq, &salt); NEQ_CHECK_OR_JUMP(ret, EOK, ("Salt generation failed.\n"), lreq->error, ret, done); - DEBUG(4, "Using salt [%s]\n", salt); + DEBUG(SSSDBG_CONF_SETTINGS, "Using salt [%s]\n", salt); ret = s3crypt_sha512(lreq, password, salt, &new_hash); NEQ_CHECK_OR_JUMP(ret, EOK, ("Hash generation failed.\n"), lreq->error, ret, done); - DEBUG(4, "New hash [%s]\n", new_hash); + DEBUG(SSSDBG_CONF_SETTINGS, "New hash [%s]\n", new_hash); lreq->mod_attrs = sysdb_new_attrs(lreq); NULL_CHECK_OR_JUMP(lreq->mod_attrs, ("sysdb_new_attrs failed.\n"), @@ -229,7 +229,7 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) struct pam_data *pd = preq->pd; int ret; - DEBUG(4, "LOCAL pam handler.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "LOCAL pam handler.\n"); lreq = talloc_zero(preq, struct LOCAL_request); if (!lreq) { @@ -238,7 +238,8 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) lreq->dbctx = preq->domain->sysdb; if (lreq->dbctx == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for this domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for this domain!\n"); talloc_free(lreq); return ENOENT; } @@ -251,18 +252,20 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) ret = sysdb_get_user_attr(lreq, preq->domain, preq->pd->user, attrs, &res); if (ret != EOK) { - DEBUG(1, "sysdb_get_user_attr failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_get_user_attr failed.\n"); talloc_free(lreq); return ret; } if (res->count < 1) { - DEBUG(4, "No user found with filter ["SYSDB_PWNAM_FILTER"]\n", + DEBUG(SSSDBG_CONF_SETTINGS, + "No user found with filter ["SYSDB_PWNAM_FILTER"]\n", pd->user, pd->user, pd->user); pd->pam_status = PAM_USER_UNKNOWN; goto done; } else if (res->count > 1) { - DEBUG(4, "More than one object found with filter ["SYSDB_PWNAM_FILTER"]\n", + DEBUG(SSSDBG_CONF_SETTINGS, + "More than one object found with filter ["SYSDB_PWNAM_FILTER"]\n", pd->user, pd->user, pd->user); lreq->error = EFAULT; goto done; @@ -270,7 +273,8 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) username = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_NAME, NULL); if (strcmp(username, pd->user) != 0) { - DEBUG(1, "Expected username [%s] get [%s].\n", pd->user, username); + DEBUG(SSSDBG_CRIT_FAILURE, + "Expected username [%s] get [%s].\n", pd->user, username); lreq->error = EINVAL; goto done; } @@ -285,7 +289,8 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM) && lreq->preq->cctx->priv == 1) { /* TODO: maybe this is a candiate for an explicit audit message. */ - DEBUG(4, "allowing root to reset a password.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, + "allowing root to reset a password.\n"); break; } ret = sss_authtok_get_password(pd->authtok, &password, NULL); @@ -295,16 +300,18 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) pwdhash = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_PWD, NULL); NULL_CHECK_OR_JUMP(pwdhash, ("No password stored.\n"), lreq->error, LDB_ERR_NO_SUCH_ATTRIBUTE, done); - DEBUG(4, "user: [%s], password hash: [%s]\n", username, pwdhash); + DEBUG(SSSDBG_CONF_SETTINGS, + "user: [%s], password hash: [%s]\n", username, pwdhash); ret = s3crypt_sha512(lreq, password, pwdhash, &new_hash); NEQ_CHECK_OR_JUMP(ret, EOK, ("nss_sha512_crypt failed.\n"), lreq->error, ret, done); - DEBUG(4, "user: [%s], new hash: [%s]\n", username, new_hash); + DEBUG(SSSDBG_CONF_SETTINGS, + "user: [%s], new hash: [%s]\n", username, new_hash); if (strcmp(new_hash, pwdhash) != 0) { - DEBUG(1, "Passwords do not match.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Passwords do not match.\n"); do_failed_login(lreq); goto done; } diff --git a/src/responder/pam/pamsrv.c b/src/responder/pam/pamsrv.c index 3806d763e..5f9844ebc 100644 --- a/src/responder/pam/pamsrv.c +++ b/src/responder/pam/pamsrv.c @@ -82,7 +82,7 @@ static void pam_dp_reconnect_init(struct sbus_connection *conn, int status, void /* Did we reconnect successfully? */ if (status == SBUS_RECONNECT_SUCCESS) { - DEBUG(1, "Reconnected to the Data Provider.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Reconnected to the Data Provider.\n"); /* Identify ourselves to the data provider */ ret = dp_common_send_id(be_conn->conn, @@ -96,7 +96,7 @@ static void pam_dp_reconnect_init(struct sbus_connection *conn, int status, void } /* Handle failure */ - DEBUG(0, "Could not reconnect to %s provider.\n", + DEBUG(SSSDBG_FATAL_FAILURE, "Could not reconnect to %s provider.\n", be_conn->domain->name); /* FIXME: kill the frontend and let the monitor restart it ? */ @@ -147,7 +147,8 @@ static int pam_process_init(TALLOC_CTX *mem_ctx, ret = confdb_get_int(pctx->rctx->cdb, CONFDB_PAM_CONF_ENTRY, CONFDB_SERVICE_RECON_RETRIES, 3, &max_retries); if (ret != EOK) { - DEBUG(0, "Failed to set up automatic reconnection\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Failed to set up automatic reconnection\n"); goto done; } @@ -172,7 +173,8 @@ static int pam_process_init(TALLOC_CTX *mem_ctx, ret = sss_ncache_init(pctx, &pctx->ncache); if (ret != EOK) { - DEBUG(0, "fatal error initializing negative cache\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "fatal error initializing negative cache\n"); goto done; } @@ -258,7 +260,8 @@ int main(int argc, const char *argv[]) ret = die_if_parent_died(); if (ret != EOK) { /* This is not fatal, don't return */ - DEBUG(2, "Could not set up to exit when parent process does\n"); + DEBUG(SSSDBG_OP_FAILURE, + "Could not set up to exit when parent process does\n"); } ret = pam_process_init(main_ctx, diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index f3ceea49d..140d541ad 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -172,7 +172,7 @@ static int pam_parse_in_data_v2(struct sss_domain_info *domains, /* the uint32_t end maker SSS_END_OF_PAM_REQUEST does not count to * the remaining buffer */ if (size > (blen - c - sizeof(uint32_t))) { - DEBUG(1, "Invalid data size.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Invalid data size.\n"); return EINVAL; } @@ -218,7 +218,8 @@ static int pam_parse_in_data_v2(struct sss_domain_info *domains, if (ret != EOK) return ret; break; default: - DEBUG(1,"Ignoring unknown data type [%d].\n", type); + DEBUG(SSSDBG_CRIT_FAILURE, + "Ignoring unknown data type [%d].\n", type); c += size; } } @@ -227,7 +228,7 @@ static int pam_parse_in_data_v2(struct sss_domain_info *domains, if (pd->user == NULL || *pd->user == '\0') return EINVAL; - DEBUG_PAM_DATA(4, pd); + DEBUG_PAM_DATA(SSSDBG_CONF_SETTINGS, pd); return EOK; @@ -242,12 +243,12 @@ static int pam_parse_in_data_v3(struct sss_domain_info *domains, ret = pam_parse_in_data_v2(domains, default_domain, pd, body, blen); if (ret != EOK) { - DEBUG(1, "pam_parse_in_data_v2 failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "pam_parse_in_data_v2 failed.\n"); return ret; } if (pd->cli_pid == 0) { - DEBUG(1, "Missing client PID.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Missing client PID.\n"); return EINVAL; } @@ -322,16 +323,16 @@ static int pam_parse_in_data(struct sss_domain_info *domains, ret = extract_authtok_v1(pd->authtok, body, blen, &end); if (ret) { - DEBUG(1, "Invalid auth token\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Invalid auth token\n"); return ret; } ret = extract_authtok_v1(pd->newauthtok, body, blen, &end); if (ret) { - DEBUG(1, "Invalid new auth token\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Invalid new auth token\n"); return ret; } - DEBUG_PAM_DATA(4, pd); + DEBUG_PAM_DATA(SSSDBG_CONF_SETTINGS, pd); return EOK; } @@ -362,7 +363,7 @@ static errno_t set_last_login(struct pam_auth_req *preq) ret = sysdb_set_user_attr(preq->domain, preq->pd->user, attrs, SYSDB_MOD_REP); if (ret != EOK) { - DEBUG(2, "set_last_login failed.\n"); + DEBUG(SSSDBG_OP_FAILURE, "set_last_login failed.\n"); preq->pd->pam_status = PAM_SYSTEM_ERR; goto fail; } else { @@ -389,7 +390,8 @@ static errno_t filter_responses(struct confdb_ctx *cdb, CONFDB_PAM_VERBOSITY, DEFAULT_PAM_VERBOSITY, &pam_verbosity); if (ret != EOK) { - DEBUG(1, "Failed to read PAM verbosity, not fatal.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to read PAM verbosity, not fatal.\n"); pam_verbosity = DEFAULT_PAM_VERBOSITY; } @@ -397,7 +399,7 @@ static errno_t filter_responses(struct confdb_ctx *cdb, while(resp != NULL) { if (resp->type == SSS_PAM_USER_INFO) { if (resp->len < sizeof(uint32_t)) { - DEBUG(1, "User info entry is too short.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "User info entry is too short.\n"); return EINVAL; } @@ -413,7 +415,8 @@ static errno_t filter_responses(struct confdb_ctx *cdb, switch (user_info_type) { case SSS_PAM_USER_INFO_OFFLINE_AUTH: if (resp->len != sizeof(uint32_t) + sizeof(int64_t)) { - DEBUG(1, "User info offline auth entry is " + DEBUG(SSSDBG_CRIT_FAILURE, + "User info offline auth entry is " "too short.\n"); return EINVAL; } @@ -447,7 +450,7 @@ static void pam_reply_delay(struct tevent_context *ev, struct tevent_timer *te, { struct pam_auth_req *preq; - DEBUG(4, "pam_reply_delay get called.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "pam_reply_delay get called.\n"); preq = talloc_get_type(pvt, struct pam_auth_req); @@ -496,14 +499,15 @@ static void pam_reply(struct pam_auth_req *preq) pd->offline_auth = true; if (preq->domain->sysdb == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for domain" + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for domain" " [%s]!\n", preq->domain->name); goto done; } ret = sss_authtok_get_password(pd->authtok, &password, NULL); if (ret) { - DEBUG(0, "Failed to get password.\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to get password.\n"); goto done; } @@ -518,13 +522,14 @@ static void pam_reply(struct pam_auth_req *preq) break; case SSS_PAM_CHAUTHTOK_PRELIM: case SSS_PAM_CHAUTHTOK: - DEBUG(5, "Password change not possible while offline.\n"); + DEBUG(SSSDBG_FUNC_DATA, + "Password change not possible while offline.\n"); pd->pam_status = PAM_AUTHTOK_ERR; user_info_type = SSS_PAM_USER_INFO_OFFLINE_CHPASS; ret = pam_add_response(pd, SSS_PAM_USER_INFO, sizeof(uint32_t), (const uint8_t *) &user_info_type); if (ret != EOK) { - DEBUG(1, "pam_add_response failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "pam_add_response failed.\n"); goto done; } break; @@ -534,12 +539,13 @@ static void pam_reply(struct pam_auth_req *preq) case SSS_PAM_ACCT_MGMT: case SSS_PAM_OPEN_SESSION: case SSS_PAM_CLOSE_SESSION: - DEBUG(2, "Assuming offline authentication setting status for " + DEBUG(SSSDBG_OP_FAILURE, + "Assuming offline authentication setting status for " "pam call %d to PAM_SUCCESS.\n", pd->cmd); pd->pam_status = PAM_SUCCESS; break; default: - DEBUG(1, "Unknown PAM call [%d].\n", pd->cmd); + DEBUG(SSSDBG_CRIT_FAILURE, "Unknown PAM call [%d].\n", pd->cmd); pd->pam_status = PAM_MODULE_UNKNOWN; } } @@ -547,7 +553,7 @@ static void pam_reply(struct pam_auth_req *preq) if (pd->response_delay > 0) { ret = gettimeofday(&tv, NULL); if (ret != EOK) { - DEBUG(1, "gettimeofday failed [%d][%s].\n", + DEBUG(SSSDBG_CRIT_FAILURE, "gettimeofday failed [%d][%s].\n", errno, strerror(errno)); goto done; } @@ -557,7 +563,8 @@ static void pam_reply(struct pam_auth_req *preq) te = tevent_add_timer(cctx->ev, cctx, tv, pam_reply_delay, preq); if (te == NULL) { - DEBUG(1, "Failed to add event pam_reply_delay.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to add event pam_reply_delay.\n"); goto done; } @@ -586,14 +593,14 @@ static void pam_reply(struct pam_auth_req *preq) ret = filter_responses(pctx->rctx->cdb, pd->resp_list); if (ret != EOK) { - DEBUG(1, "filter_responses failed, not fatal.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "filter_responses failed, not fatal.\n"); } if (pd->domain != NULL) { ret = pam_add_response(pd, SSS_PAM_DOMAIN_NAME, strlen(pd->domain)+1, (uint8_t *) pd->domain); if (ret != EOK) { - DEBUG(1, "pam_add_response failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "pam_add_response failed.\n"); goto done; } } @@ -661,7 +668,8 @@ static void pam_handle_cached_login(struct pam_auth_req *preq, int ret, resp_len = sizeof(uint32_t) + sizeof(int64_t); resp = talloc_size(preq->pd, resp_len); if (resp == NULL) { - DEBUG(1, "talloc_size failed, cannot prepare user info.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "talloc_size failed, cannot prepare user info.\n"); } else { memcpy(resp, &resp_type, sizeof(uint32_t)); dummy = (int64_t) expire_date; @@ -669,7 +677,7 @@ static void pam_handle_cached_login(struct pam_auth_req *preq, int ret, ret = pam_add_response(preq->pd, SSS_PAM_USER_INFO, resp_len, (const uint8_t *) resp); if (ret != EOK) { - DEBUG(1, "pam_add_response failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "pam_add_response failed.\n"); } } break; @@ -679,7 +687,8 @@ static void pam_handle_cached_login(struct pam_auth_req *preq, int ret, resp_len = sizeof(uint32_t) + sizeof(int64_t); resp = talloc_size(preq->pd, resp_len); if (resp == NULL) { - DEBUG(1, "talloc_size failed, cannot prepare user info.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "talloc_size failed, cannot prepare user info.\n"); } else { memcpy(resp, &resp_type, sizeof(uint32_t)); dummy = (int64_t) delayed_until; @@ -687,7 +696,8 @@ static void pam_handle_cached_login(struct pam_auth_req *preq, int ret, ret = pam_add_response(preq->pd, SSS_PAM_USER_INFO, resp_len, (const uint8_t *) resp); if (ret != EOK) { - DEBUG(1, "pam_add_response failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "pam_add_response failed.\n"); } } } @@ -748,7 +758,7 @@ errno_t pam_forwarder_parse_data(struct cli_ctx *cctx, struct pam_data *pd) body, blen); break; default: - DEBUG(1, "Illegal protocol version [%d].\n", + DEBUG(SSSDBG_CRIT_FAILURE, "Illegal protocol version [%d].\n", cctx->cli_protocol_version->version); ret = EINVAL; } @@ -854,7 +864,8 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) } if (preq->domain->provider == NULL) { - DEBUG(1, "Domain [%s] has no auth provider.\n", preq->domain->name); + DEBUG(SSSDBG_CRIT_FAILURE, + "Domain [%s] has no auth provider.\n", preq->domain->name); ret = EINVAL; goto done; } @@ -965,22 +976,26 @@ static int pam_check_user_search(struct pam_auth_req *preq) /* Entry is still valid, get it from the sysdb */ } - DEBUG(4, "Requesting info for [%s@%s]\n", name, dom->name); + DEBUG(SSSDBG_CONF_SETTINGS, + "Requesting info for [%s@%s]\n", name, dom->name); if (dom->sysdb == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for this domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for this domain!\n"); preq->pd->pam_status = PAM_SYSTEM_ERR; return EFAULT; } ret = sysdb_getpwnam(preq, dom, name, &preq->res); if (ret != EOK) { - DEBUG(1, "Failed to make request to our cache!\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to make request to our cache!\n"); return EIO; } if (preq->res->count > 1) { - DEBUG(0, "getpwnam call returned more than one result !?!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "getpwnam call returned more than one result !?!\n"); return ENOENT; } @@ -1002,7 +1017,7 @@ static int pam_check_user_search(struct pam_auth_req *preq) continue; } - DEBUG(2, "No results for getpwnam call\n"); + DEBUG(SSSDBG_OP_FAILURE, "No results for getpwnam call\n"); /* TODO: store negative cache ? */ @@ -1020,7 +1035,8 @@ static int pam_check_user_search(struct pam_auth_req *preq) } } - DEBUG(6, "Returning info for user [%s@%s]\n", name, dom->name); + DEBUG(SSSDBG_TRACE_FUNC, + "Returning info for user [%s@%s]\n", name, dom->name); /* We might have searched by alias. Pass on the primary name */ ret = pd_set_primary_name(preq->res->msgs[0], preq->pd); @@ -1133,7 +1149,8 @@ static void pam_check_user_dp_callback(uint16_t err_maj, uint32_t err_min, char *name; if (err_maj) { - DEBUG(2, "Unable to get information from Data Provider\n" + DEBUG(SSSDBG_OP_FAILURE, + "Unable to get information from Data Provider\n" "Error: %u, %u, %s\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg); } @@ -1188,7 +1205,7 @@ static void pam_dom_forwarder(struct pam_auth_req *preq) else { preq->callback = pam_reply; ret = pam_dp_send_req(preq, SSS_CLI_SOCKET_TIMEOUT/2); - DEBUG(4, "pam_dp_send_req returned %d\n", ret); + DEBUG(SSSDBG_CONF_SETTINGS, "pam_dp_send_req returned %d\n", ret); } if (ret != EOK) { @@ -1198,37 +1215,37 @@ static void pam_dom_forwarder(struct pam_auth_req *preq) } static int pam_cmd_authenticate(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_authenticate\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_authenticate\n"); return pam_forwarder(cctx, SSS_PAM_AUTHENTICATE); } static int pam_cmd_setcred(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_setcred\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_setcred\n"); return pam_forwarder(cctx, SSS_PAM_SETCRED); } static int pam_cmd_acct_mgmt(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_acct_mgmt\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_acct_mgmt\n"); return pam_forwarder(cctx, SSS_PAM_ACCT_MGMT); } static int pam_cmd_open_session(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_open_session\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_open_session\n"); return pam_forwarder(cctx, SSS_PAM_OPEN_SESSION); } static int pam_cmd_close_session(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_close_session\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_close_session\n"); return pam_forwarder(cctx, SSS_PAM_CLOSE_SESSION); } static int pam_cmd_chauthtok(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_chauthtok\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_chauthtok\n"); return pam_forwarder(cctx, SSS_PAM_CHAUTHTOK); } static int pam_cmd_chauthtok_prelim(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_chauthtok_prelim\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_chauthtok_prelim\n"); return pam_forwarder(cctx, SSS_PAM_CHAUTHTOK_PRELIM); } diff --git a/src/responder/pam/pamsrv_dp.c b/src/responder/pam/pamsrv_dp.c index a35627e11..4e79eee87 100644 --- a/src/responder/pam/pamsrv_dp.c +++ b/src/responder/pam/pamsrv_dp.c @@ -58,7 +58,8 @@ static void pam_dp_process_reply(DBusPendingCall *pending, void *ptr) /* Sanity-check of message validity */ if (msg == NULL) { - DEBUG(0, "Severe error. A reply callback was called but no reply was" + DEBUG(SSSDBG_FATAL_FAILURE, + "Severe error. A reply callback was called but no reply was" "received and no timeout occurred\n"); preq->pd->pam_status = PAM_SYSTEM_ERR; goto done; @@ -69,18 +70,19 @@ static void pam_dp_process_reply(DBusPendingCall *pending, void *ptr) case DBUS_MESSAGE_TYPE_METHOD_RETURN: ret = dp_unpack_pam_response(msg, preq->pd, &dbus_error); if (!ret) { - DEBUG(0, "Failed to parse reply.\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to parse reply.\n"); preq->pd->pam_status = PAM_SYSTEM_ERR; goto done; } - DEBUG(4, "received: [%d][%s]\n", preq->pd->pam_status, preq->pd->domain); + DEBUG(SSSDBG_CONF_SETTINGS, + "received: [%d][%s]\n", preq->pd->pam_status, preq->pd->domain); break; case DBUS_MESSAGE_TYPE_ERROR: - DEBUG(0, "Reply error.\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Reply error.\n"); preq->pd->pam_status = PAM_SYSTEM_ERR; break; default: - DEBUG(0, "Default... what now?.\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Default... what now?.\n"); preq->pd->pam_status = PAM_SYSTEM_ERR; } @@ -129,17 +131,17 @@ int pam_dp_send_req(struct pam_auth_req *preq, int timeout) DP_INTERFACE, DP_METHOD_PAMHANDLER); if (msg == NULL) { - DEBUG(0,"Out of memory?!\n"); + DEBUG(SSSDBG_FATAL_FAILURE,"Out of memory?!\n"); return ENOMEM; } - DEBUG(4, "Sending request with the following data:\n"); - DEBUG_PAM_DATA(4, pd); + DEBUG(SSSDBG_CONF_SETTINGS, "Sending request with the following data:\n"); + DEBUG_PAM_DATA(SSSDBG_CONF_SETTINGS, pd); ret = dp_pack_pam_request(msg, pd); if (!ret) { - DEBUG(1,"Failed to build message\n"); + DEBUG(SSSDBG_CRIT_FAILURE,"Failed to build message\n"); return EIO; } -- cgit