make sure we have a log message at the appropriate level (error) on

why pam is failing in the case of an included pam config file missing. example: instead of logging with the default log settings: Jun 17 08:49:37 tucana su: pam_start failed: system error it will log: Jun 17 08:55:49 tucana su: in openpam_parse_chain(): failed loading include for service gibbetnich in /etc/pam.d/su(15): No such file or directory Jun 17 08:55:49 tucana su: pam_start failed: system error
2014-06-17 07:08:47 +00:00 · 2014-06-17 07:08:47 +00:00 · 0c0b9daba7
parent e0a3ca70e0
commit 0c0b9daba7
1 changed files with 13 additions and 2 deletions
--- a/external/bsd/openpam/dist/lib/openpam_configure.c
+++ b/external/bsd/openpam/dist/lib/openpam_configure.c
@ -1,4 +1,4 @@
-/*	$NetBSD: openpam_configure.c,v 1.9 2014/06/03 20:22:54 christos Exp $	*/
+/*	$NetBSD: openpam_configure.c,v 1.10 2014/06/17 07:08:47 spz Exp $	*/

 /*-
 * Copyright (c) 2001-2003 Networks Associates Technology, Inc.
@ -229,8 +229,19 @@ openpam_parse_chain(pam_handle_t *pamh,
 				 * outer loop does not just ignore the
 				 * error and keep searching.
 				 */
-				if (errno == ENOENT)
+				if (errno == ENOENT) {
+					/*
+					 * we're failing load, make sure
+					 * there's a log message of severity
+					 * higher than debug
+					 */
+					openpam_log(PAM_LOG_ERROR,
+					"failed loading include for service "
+					"%s in %s(%d): %s",
+					servicename, filename, lineno,
+					strerror(errno));
 					errno = EINVAL;
+				}
 				goto fail;
 			}
 			continue;