1#!/usr/local/bin/perl 2# create_pam.cgi 3# Create a new PAM service 4 5require './pam-lib.pl'; 6&ReadParse(); 7&error_setup($text{'create_err'}); 8 9# Create the empty file 10$in{'name'} =~ /^\S+$/ || &error($text{'create_ename'}); 11$f = "$config{'pam_dir'}/$in{'name'}"; 12&lock_file($f); 13&open_tempfile(FILE, ">$f"); 14&print_tempfile(FILE, "#%PAM-1.0\n"); 15&print_tempfile(FILE, "# description: $in{'desc'}\n") if ($in{'desc'}); 16&close_tempfile(FILE); 17chmod(0644, $f); 18 19# Create extra PAM modules 20if ($in{'mods'} == 1) { 21 # Setup for unix authentication 22 &create_module($in{'name'}, { 'type' => 'auth', 23 'control' => 'required', 24 'module' => 'pam_pwdb.so', 25 'args' => 'shadow nullok' }); 26 &create_module($in{'name'}, { 'type' => 'account', 27 'control' => 'required', 28 'module' => 'pam_pwdb.so' }); 29 &create_module($in{'name'}, { 'type' => 'password', 30 'control' => 'required', 31 'module' => 'pam_pwdb.so', 32 'args' => 'shadow nullok use_authtok' }); 33 &create_module($in{'name'}, { 'type' => 'session', 34 'control' => 'required', 35 'module' => 'pam_pwdb.so' }); 36 } 37elsif ($in{'mods'} == 2) { 38 # Setup to deny access 39 &create_module($in{'name'}, { 'type' => 'auth', 40 'control' => 'required', 41 'module' => 'pam_deny.so' }); 42 &create_module($in{'name'}, { 'type' => 'account', 43 'control' => 'required', 44 'module' => 'pam_deny.so' }); 45 &create_module($in{'name'}, { 'type' => 'password', 46 'control' => 'required', 47 'module' => 'pam_deny.so' }); 48 &create_module($in{'name'}, { 'type' => 'session', 49 'control' => 'required', 50 'module' => 'pam_deny.so' }); 51 } 52 53&unlock_file($f); 54&webmin_log("create", "pam", $in{'name'}, { 'name' => $in{'name'}, 55 'file' => $f }); 56&redirect(""); 57 58