Re: logging from PAM modules

Michael Tokarev <mjt@tls.msk.ru> · Fri, 01 Sep 2000 14:46:33 +0400

Nikolay Pelov wrote:
> 
[]
> 
> PAM already supports setting two user-defined callback functions:
> conversation function and fail-delay function. And there is a
> standard convention how to set and retreive them:
> 
>         pam_(set|get)_item(pamh, PAM_CONV, conv_func);
>         pam_(set|get)_item(pamh, PAM_FAIL_DELAY, fail_delay_func);
> 
> So, I think we should stick with this principle and use
> 
>     pam_set_item(pamh, PAM_LOG_CALLBACK, newcb);
>     pam_get_item(pamh, PAM_LOG_CALLBACK, &newcb);
> 
> instead of introducting new function which does exatcly the same like:
> 
> >    pam_log_callback_t *pam_set_log_callback(pam_handle_t *pamh,
> >                                             pam_log_callback_t *newcb);
> >

Ok.  Agreed.

See new variant below.

Regards,
 Michael.

/* logging routines exported by pam mostly for modules */
int pam_log(pam_handle_t *pamh, int priority, const char *fmt, ...);
int pam_vlog(pam_handle_t *pamh, int priority, const char *fmt, va_list ap);

/* log callback prototype */
typedef int pam_log_callback_t
   (const char *module, const char *service,
    int priority, const char *message, void *appdata_ptr);

#define PAM_LOG_CALLBACK nnn /* next number :) */

/* setting/getting callback by app (or module):
  pam_log_callback_t *lcb;
  pam_set_item(pamh, PAM_LOG_CALLBACK, lcb);
  pam_get_item(pamh, PAM_LOG_CALLBACK, &lcb);
*/

/* inside libpam: */
/* log_callback is a member of pam_handle_t structure,
   like conversation routine */

int pam_log(pam_handle_t *pamh, int priority, const char *fmt, ...)
{
  va_list args;
  int retval;
  /* check pamh etc */
  va_start (args, fmt);
  retval = pam_vlog(pamh, priority, fmt, args);
  va_end(args);
  return retval;
}

int pam_vlog(pam_handle_t *pamh, int priority, const char *fmt, va_list args)
{
  /* check pamh etc */
  /* format message using vsnprintf(fmt,args),
     maybe allocating buffer */
  retval = (*pamh->log_callback)(pamh->module, pamh->service,
                                 priority, message,
                                 pamh->appdata_ptr);
  /* free possible allocated buffers */
  return retval;
}

/* default callback */
int pam_default_log_callback
   (const char *module, const char *service,
    int priority, const char *message, void *appdata_ptr)
{
  /* set up locale to be "C" */
  openlog(module, LOG_AUTHPRIV|LOG_xxx); /* optional */
  syslog(priority /* or priority|LOG_AUTHPRIV */ ,
         "%s: %s", service, message);
  closelog(); /* optional */
  /* restore locale */
  return PAM_SUCCESS;
  UNUSED(appdata_ptr);
}