diff options
| author | Ray Strode <rstrode@redhat.com> | 2008-02-06 05:00:15 +0000 |
|---|---|---|
| committer | Ray Strode <halfline@src.gnome.org> | 2008-02-06 05:00:15 +0000 |
| commit | f616d973837ec266c10d34404f859f66b717bfff (patch) | |
| tree | df5d7ed5707c3e19635f97ab84fda54e2e30aff4 /configure.ac | |
| parent | 46b6d03d4c191fc20c584529aec2574b39af044d (diff) | |
| download | gdm-f616d973837ec266c10d34404f859f66b717bfff.tar.gz | |
Add PAM auditing logic. Based on patch and feedback from Brian Cameron and
2008-02-05 Ray Strode <rstrode@redhat.com>
Add PAM auditing logic. Based on patch and feedback from
Brian Cameron and earlier code from Gary Winiger and
Steve Grubb.
* configure.ac: set HAVE_ADT and HAVE_LIBAUDIT as appropriate
for solaris and linux audit support, respectively.
* daemon/Makefile.am: add new auditing code to Makefile.
* daemon/gdm-session-auditor.[ch]: generic base class for doing
auditing.
* daemon/gdm-session-linux-auditor.[ch]: linux auditor subclass
* daemon/gdm-session-solaris-auditor.[ch]: solaris auditor
subclass
* daemon/gdm-session-worker.c (GdmSessionWorkerPrivate): track
auditor
(gdm_session_worker_update_username): inform audit code about
username changes
(gdm_session_worker_start_auditor): instantiate the auditor
(gdm_session_worker_stop_auditor): free the auditor
(gdm_session_worker_uninitialize_pam): inform audit code about
logout/login failure and then free the auditor
(_get_tty_for_pam): fix calling return more than once on solaris
(gdm_session_worker_initialize_pam): instantiate the auditor.
(gdm_session_worker_authorize_user): inform audit code about
password changes
(gdm_session_worker_accredit_user): inform audit code about
user getting credentials
(gdm_session_worker_open_user_session): inform audit code about
successful login
svn path=/trunk/; revision=5702
Diffstat (limited to 'configure.ac')
| -rw-r--r-- | configure.ac | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac index 3e01fad1..066890dd 100644 --- a/configure.ac +++ b/configure.ac @@ -995,11 +995,34 @@ adt_user_context = ADT_USER; if test ${check_sun_audit} = yes then AC_DEFINE(HAVE_ADT) - EXTRA_DAEMON_LIBS="$EXTRA_DAEMON_LIBS -lbsm" + PAM_LIBS="$PAM_LIBS -lbsm" AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) fi +AM_CONDITIONAL(HAVE_ADT, test x$check_sun_audit = xyes) + +# Check for Linux auditing API +# +AC_ARG_WITH(libaudit, + [ --with-libaudit=[auto/yes/no] Add Linux audit support [default=auto]],, + with_libaudit=auto) + +# libaudit detection +if test x$with_libaudit = xno ; then + have_libaudit=no; +else + # See if we have audit daemon library + AC_CHECK_LIB(audit, audit_log_user_message, + have_libaudit=yes, have_libaudit=no) +fi + +AM_CONDITIONAL(HAVE_LIBAUDIT, test x$have_libaudit = xyes) + +if test x$have_libaudit = xyes ; then + PAM_LIBS="$PAM_LIBS -laudit" + AC_DEFINE(HAVE_LIBAUDIT,1,[linux audit support]) +fi # Check for Solaris logindevperm support # |