Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-10871

Add logging capability to pam_user_map.c

    Details

    • Sprint:
      10.1.30, 10.1.32

      Description

      The PAM user mapping plugin doesn't currently seem to log any information to /var/log/secure. It would probably be helpful if the plugin had some way to enable verbose logging during testing, so that it would be easier to debug configuration problems.

      I expect the best way to implement this would be to create one or more module arguments for the plugin that controls logging. PAM module arguments are explained here:

      https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Managing_Smart_Cards/PAM_Configuration_Files.html#pam-mod-args

      For example, maybe a configuration like this could enable very verbose debugging logging to /var/log/secure:

      auth required pam_user_map.so debug
      

      Or if we wanted the ability to specify a specific log, maybe we could do something like this:

      auth required pam_user_map.so debug_log=/tmp/pam_user_map.log
      

      But these are just suggestions.

        Attachments

          Activity

            People

            • Assignee:
              holyfoot Alexey Botchkov
              Reporter:
              GeoffMontee Geoff Montee
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: