Package: PAM
Version: 1.7.0-5 (Debian)

`pam_start_confdir()` successfully opens the first service in the
supplied `confdir`. Included services are however expected to be placed
in /etc/pam.d and are therefore not found if they are placed in the
`confdir` that was supplied.

Example:
`$ cat /tmp/ml-login-cli-test`:
```
auth include ml-common-auth
account include ml-common-auth
```

`cat /tmp/test_confdir.c`:
```
#include <security/pam_appl.h>
#include <stdio.h>

static int conv(int, const struct pam_message **, struct pam_response **, void 
*) {
    return PAM_CONV_ERR;
}

int main() {
    struct pam_conv c = {conv, NULL};
    pam_handle_t *pamh = NULL;
    int ret = pam_start_confdir("ml-login-cli-test", "test", &c, "/tmp", &pamh);
    printf("pam_start_confdir: %d\n", ret);
    if (ret == PAM_SUCCESS) {
        ret = pam_authenticate(pamh, 0);
        printf("pam_authenticate: %d (%s)\n", ret, pam_strerror(pamh, ret));
        pam_end(pamh, ret);
    }
}
```

Compile and run the test:
```
$ cc -std=c23 -o /tmp/test_confdir /tmp/test_confdir.c -Wall -Wextra -lpam
$ strace -e openat /tmp/test_confdir 2>&1 | grep -E 'pam.d|/tmp|ml-'
openat(AT_FDCWD, "/tmp/ml-login-cli-test", O_RDONLY) = 3
openat(AT_FDCWD, "/etc/pam.d/ml-common-auth", O_RDONLY) = -1 ENOENT (No such 
file or directory)
openat(AT_FDCWD, "/etc/pam.d/ml-common-auth", O_RDONLY) = -1 ENOENT (No such 
file or directory)
openat(AT_FDCWD, "/tmp/other", O_RDONLY) = -1 ENOENT (No such file or 
directory) 
```
As shown in the output, it is not searching in /tmp for ml-common-auth
but goes directly to /etc/pam.d.

Running the same example on Fedora 43 produces the expected output where
it searches for ml-common-auth in /tmp:
```
openat(AT_FDCWD, "/tmp/ml-login-cli-test", O_RDONLY) = 3
openat(AT_FDCWD, "/tmp/ml-common-auth", O_RDONLY) = -1 ENOENT (No such file or 
directory)
openat(AT_FDCWD, "/tmp/ml-common-auth", O_RDONLY) = -1 ENOENT (No such file or 
directory)
openat(AT_FDCWD, "/tmp/other", O_RDONLY) = -1 ENOENT (No such file or directory)
```

Debian GNU/Linux 13 (trixie)
kernel: 4.18.0-553.123.1.el8_10.x86_64
ldd (Debian GLIBC 2.41-12+deb13u2) 2.41

Best regards,
Ted Lyngmo

Reply via email to