|
|
# --- T2-COPYRIGHT-NOTE-BEGIN ---# This copyright note is auto-generated by ./scripts/Create-CopyPatch.# # T2 SDE: package/.../pam_ldap/pam_ldap-178-shadowlastChange.patch# Copyright (C) 2004 - 2006 The T2 SDE Project# # More information can be found in the files COPYING and README.# # This patch file is dual-licensed. It is available under the license the# patched project is licensed under, as long as it is an OpenSource license# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms# of the GNU General Public License as published by the Free Software# Foundation; either version 2 of the License, or (at your option) any later# version.# --- T2-COPYRIGHT-NOTE-END ---## pam_ldap-178-shadowlastChange.patch by Peter Marschall <peter@adpm.de>#### log failure of writing shadowLastChange to syslog
--- ./pam_ldap.c
+++ ./pam_ldap.c 2005-03-28 11:46:41.345626723 +0200
@@ -3625,6 +3625,8 @@
} else {+ int errcode;
+
/* update shadowLastChange; may fail if not shadowAccount */ snprintf (buf, sizeof buf, "%ld", time (NULL) / (60 * 60 * 24)); strvals[0] = buf;@@ -3637,8 +3639,14 @@
mods[0] = &mod; mods[1] = NULL; - /* do this silently because it may fail */
- (void) ldap_modify_s (session->ld, session->info->userdn, mods);
+ /* Only log errors because it may fail */
+ errcode = ldap_modify_s (session->ld, session->info->userdn, mods);
+ if (errcode != LDAP_SUCCESS)
+ {
+ syslog (LOG_WARNING,
+ "pam_ldap: Unable to update shadowLastChange attribute: %s",
+ ldap_err2string (rc));
+ }
snprintf (errmsg, sizeof errmsg, "LDAP password information changed for %s", username);
|
