commit - a93247d32f79d4b354c4a9e15bf05d787610eb2c
commit + e84000f7b8b8fb8ae29f53f66dea488f904e0838
blob - a4346b1e87488935551807d535fd1a6e548e08f7
blob + 3f9ba0884dee843eb494a59c98f397e6bb26f5cb
--- doc/sample-ngircd.conf.tmpl
+++ doc/sample-ngircd.conf.tmpl
# character prepended to their respective user names!
;PAMIsOptional = no
+ # When PAM is enabled, this value determines the used PAM
+ # configuration.
+ # This setting allows to run multiple ngIRCd instances with
+ # different PAM configurations on each instance.
+ # If you set it to "ngircd-foo", PAM will use
+ # /etc/pam.d/ngircd-foo instead of the default
+ # /etc/pam.d/ngircd.
+ ;PAMServiceName = ngircd
+
# Let ngIRCd send an "authentication PING" when a new client connects,
# and register this client only after receiving the corresponding
# "PONG" reply.
blob - 935ac035f7775cf6a454fcf39c3dd3faeeb171fc
blob + aacacab3e91f6514d9cbb8278376bda29c97979a
--- man/ngircd.conf.5.tmpl
+++ man/ngircd.conf.5.tmpl
able to distinguish between Ident'ified and PAM-authenticated users: both
don't have a "~" character prepended to their respective user names!
Default: no.
+.TP
+\fBPAMServiceName\fR (string)
+When PAM is enabled, this value determines the used PAM configuration.
+This setting allows to run multiple ngIRCd instances with different
+PAM configurations on each instance. If you set it to "ngircd-foo",
+PAM will use /etc/pam.d/ngircd-foo instead of the default
+/etc/pam.d/ngircd.
+Default: ngircd.
.TP
\fBRequireAuthPing\fR (boolean)
Let ngIRCd send an "authentication PING" when a new client connects, and
blob - 98a2c1d790f63eadeda6dcd2073046a4407055ec
blob + 01ec3c09510ae18324900d4fd3651ea63865b401
--- src/ngircd/conf.c
+++ src/ngircd/conf.c
#ifdef PAM
printf(" PAM = %s\n", yesno_to_str(Conf_PAM));
printf(" PAMIsOptional = %s\n", yesno_to_str(Conf_PAMIsOptional));
+ printf(" PAMServiceName = %s\n", Conf_PAMServiceName);
#endif
#ifndef STRICT_RFC
printf(" RequireAuthPing = %s\n", yesno_to_str(Conf_AuthPing));
Conf_PAM = false;
#endif
Conf_PAMIsOptional = false;
+ strcpy(Conf_PAMServiceName, "ngircd");
Conf_ScrubCTCP = false;
#ifdef SYSLOG
#ifdef LOG_LOCAL5
}
if (strcasecmp(Var, "PAMIsOptional") == 0 ) {
Conf_PAMIsOptional = Check_ArgIsTrue(Arg);
+ return;
+ }
+ if (strcasecmp(Var, "PAMServiceName") == 0) {
+ len = strlcpy(Conf_PAMServiceName, Arg, sizeof(Conf_PAMServiceName));
+ if (len >= sizeof(Conf_PAMServiceName))
+ Config_Error_TooLong(File, Line, Var);
return;
}
if (strcasecmp(Var, "PredefChannelsOnly") == 0) {
blob - 70de20af9edbb6321b739eac123124baa74e5575
blob + 7203b86a3b630ce559a6693d7af26234cd1fa84d
--- src/ngircd/conf.h
+++ src/ngircd/conf.h
/** Don't require all clients to send a password an to be PAM authenticated */
GLOBAL bool Conf_PAMIsOptional;
+/** The service name to use for PAM */
+GLOBAL char Conf_PAMServiceName[MAX_PAM_SERVICE_NAME_LEN];
+
/** Disable all CTCP commands except for /me ? */
GLOBAL bool Conf_ScrubCTCP;
blob - 6bea174e2d46725bd36284973e4a6d630d94e810
blob + f2666905e2512ae78396052bc861b19c77bb7de5
--- src/ngircd/defines.h
+++ src/ngircd/defines.h
/** Size of default connection pool. */
#define CONNECTION_POOL 100
+/** Size of buffer for PAM service name. */
+#define MAX_PAM_SERVICE_NAME_LEN 64
+
/* Hard-coded (default) options */
/** Delay after startup before outgoing connections are initiated in seconds. */
blob - d2a8a54e5d66eb15f5edfb573720c83f797d5dee
blob + 4e47ddb16d8d8be0eaa3b0ccddb6e411e1837960
--- src/ngircd/pam.c
+++ src/ngircd/pam.c
#include "log.h"
#include "conn.h"
#include "client.h"
+#include "conf.h"
#include "pam.h"
conv.appdata_ptr = Conn_Password(Client_Conn(Client));
/* Initialize PAM */
- retval = pam_start("ngircd", Client_OrigUser(Client), &conv, &pam);
+ retval = pam_start(Conf_PAMServiceName, Client_OrigUser(Client), &conv, &pam);
if (retval != PAM_SUCCESS) {
Log(LOG_ERR, "PAM: Failed to create authenticator! (%d)", retval);
return false;
