Skip to content

Commit

Permalink
add an sm_sectcred() implementaion for PamSshAgent
Browse files Browse the repository at this point in the history 
Apparently this is needed to run `doas` without printing a scary
Permission Denied: unknown error
  • Loading branch information
@nresare
nresare committed Jul 31, 2023
1 parent b29fc53 commit 7de47f0
Showing 1 changed file with 11 additions and 1 deletion.
12 changes: 11 additions & 1 deletion src/lib.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,16 @@ impl PamHooks for PamSshAgent {
}
}
}

// `doas` calls pam_setcred(), if this is not defined to succeed it prints
// a fabulous `doas: pam_setcred(?, PAM_REINITIALIZE_CRED): Permission denied: Unknown error -3`
fn sm_setcred(
_pam_handle: &mut PamHandle,
_args: Vec<&CStr>,
_flags: PamFlag,
) -> PamResultCode {
PamResultCode::PAM_SUCCESS
}
}

fn do_authenticate(log: &mut SyslogLogger) -> Result<()> {
Expand All @@ -53,7 +63,7 @@ fn do_authenticate(log: &mut SyslogLogger) -> Result<()> {
}

// Just a quick hack to get logging into syslog. Longer term,
// this should be done pam-bindings: https://github.com/anowell/pam-rs/pull/12
// this should be done in pam-bindings: https://github.com/anowell/pam-rs/pull/12

const PREFIX: &str = "pam_ssh_agent({}:auth): ";

Expand Down

0 comments on commit 7de47f0

Please sign in to comment.