why pam is failing in the case of an included pam config file missing.
example: instead of logging with the default log settings:
Jun 17 08:49:37 tucana su: pam_start failed: system error
it will log:
Jun 17 08:55:49 tucana su: in openpam_parse_chain(): failed loading include for service gibbetnich in /etc/pam.d/su(15): No such file or directory
Jun 17 08:55:49 tucana su: pam_start failed: system error
Missing module files were treated as soft failures leading to
unexpected behavior if policy files were copied between hosts with
differently installed modules or in the short period during upgrades
when module files were being replaced.
module link failed, instead of printing "Undefined error 0".
- don't print free'd variable on error, restructure so that we free at the
end and print the consistent name of the path dlopened.
- downgrade the error of not finding a file to load to a debug message.
Statically linked OpenPAM (like on sun2) does not have shared objects.
- make sure we preserve errno around dlclose() which will call munmap()
XXX: Pullup to 6
ENHANCE: removed static build autodetection, which didn't work anyway.
Use an explicit, user-specified preprocessor variable instead.
ENHANCE: cleaned up the documentation a bit.
ENHANCE: added openpam_subst(3), allowing certain PAM items to be embedded
in strings such as prompts. Apply it to the prompts used by
pam_get_user(3) and pam_get_authtok(3).
ENHANCE: added support for the user_prompt, authtok_prompt and
oldauthtok_prompt module options, which override the prompts passed
by the module to pam_set_user(3) and pam_get_authtok(3).
ENHANCE: rewrote the policy parser to support quoted option values.
ENHANCE: added pamtest(1), a tool for testing modules and policies.
ENHANCE: added code to check the ownership and permissions of a module before
loading it.
ENHANCE: added / improved input validation in many cases, including the policy
file and some function arguments.
