Figured out how and where to install pam_cap.so

Also fixed a bug with config= module argument.

Signed-off-by: Andrew G. Morgan <morgan@kernel.org>

3 files changed, 8 insertions, 11 deletions

diff --git a/pam_cap/Makefile b/pam_cap/Makefile
index 3b3d266..8819af2 100644
--- a/pam_cap/Makefile
+++ b/pam_cap/Makefile
@@ -6,12 +6,9 @@ include ../Make.Rules
 all: pam_cap.so
 	$(MAKE) testcompile
 
-install:
-	@echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
-	@echo "X                                                X"
-	@echo "X Need to figure out where to install pam_cap.so X"
-	@echo "X                                                X"
-	@echo "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+install: all
+	mkdir -p -m 0755 $(LIBDIR)/security
+	install -m 0755 pam_cap.so $(LIBDIR)/security
 
 pam_cap.so: pam_cap.o
 	$(LD) -o pam_cap.so $< $(LIBS)
diff --git a/pam_cap/capability.conf b/pam_cap/capability.conf
index b543142..0685b2e 100644
--- a/pam_cap/capability.conf
+++ b/pam_cap/capability.conf
@@ -16,10 +16,10 @@
 # use them
 
 ## user 'morgan' gets the CAP_SETFCAP inheritable capability
-cap_setfcap		morgan
+#cap_setfcap		morgan
 
-## user 'luser' just inherits two capabilities (CAP_NET_RAW and CAP_FOWNER)
-# cap_net_raw,cap_fowner	luser
+## user 'luser' inherits the CAP_DAC_OVERRIDE capability
+#cap_dac_override	luser
 
 ## 'everyone else' gets no inheritable capabilities
 none  *
diff --git a/pam_cap/pam_cap.c b/pam_cap/pam_cap.c
index 94c5ebc..e6ebbe9 100644
--- a/pam_cap/pam_cap.c
+++ b/pam_cap/pam_cap.c
@@ -217,8 +217,8 @@ static void parse_args(int argc, const char **argv, struct pam_cap_s *pcs)
 
 	if (!strcmp(*argv, "debug")) {
 	    pcs->debug = 1;
-	} else if (!strcmp(*argv, "config=")) {
-	    pcs->conf_filename = strlen("config=") + *argv;
+	} else if (!memcmp(*argv, "config=", 7)) {
+	    pcs->conf_filename = 7 + *argv;
 	} else {
 	    _pam_log(LOG_ERR, "unknown option; %s", *argv);
 	}