Bug 180180 - net-dialup/ppp patch for /etc/ppp/auth-fail
|
Bug#:
180180
|
Product: Gentoo Linux
|
Version: unspecified
|
Platform: All
|
|
OS/Version: Linux
|
Status: RESOLVED
|
Severity: enhancement
|
Priority: P2
|
|
Resolution: FIXED
|
Assigned To: net-dialup@gentoo.org
|
Reported By: jaco@uls.co.za
|
|
Component: Applications
|
|
|
URL:
|
|
Summary: net-dialup/ppp patch for /etc/ppp/auth-fail
|
|
Keywords:
|
|
Status Whiteboard:
|
|
Opened: 2007-05-29 05:19 0000
|
I've got a need to detect when authentication fails, the patch I'll attach in a
second adds this functionality to the current pppd (2.4.4). It can probably do
with some more work, so any feedback welcome.
For one, I'd like to see the username we tried to authenticate as being passed
through to the script somehow (I can take a guess by doing awk '$2 == ${IFACE}
{ print $1 }' but that _may_ just be inaccurate.
Reproducible: Always
Steps to Reproduce:
(In reply to comment #0)
> For one, I'd like to see the username we tried to authenticate as being passed
> through to the script somehow (I can take a guess by doing awk '$2 == ${IFACE}
> { print $1 }' but that _may_ just be inaccurate.
Isn't $PEERNAME environment variable what you are looking for?
Ah, I see... You wanna see it in auth-fail.
In this case you should tinker auth_peer_fail(), using auth_peer_success() as
model. Don't forget to document changes in man page.
Environment + parameters as follows (and the script that generated it):
xacatecas ~ # cat /tmp/auth-fail
param 1: ppp1
param 2:
param 3: root
param 4: exteth
param 5: 0
PPPD_PID=23210
PPPLOGNAME=root
IFNAME=ppp1
PWD=/
LINKNAME=ppp1
SHLVL=1
DEVICE=exteth
ORIG_UID=0
_=/usr/bin/env
xacatecas ~ # cat /etc/ppp/auth-fail
#! /bin/bash
(
i=0;
for p in "${@}"; do
echo "param $((++i)): $p"
done
env
) > /tmp/$(basename $0)
xacatecas ~ #
So no, the username that I passed to the peer isn't anywhere in there. The
linkname however is the first parameter, and no, that doesn't help me that
much.
Basically I do something like this:
username_ppp0=("$(/usr/bin/awk '$2 == "ppp0" { print $1; exit }' <
/etc/ppp/chap-secrets)")
in /etc/conf.d/net ... some other external control procedures then updates
/etc/ppp/chap-secrets as needed. Now, at some point the username I'm trying to
connect with may be removed from the chap-secrets file. So doing the awk thing
may not be the best of ideas.
I actually had this same problem with ip-up and there I've just decided to go
with the awk solution since it's the first one in the list (and as such would
have been the one I used to auth and as such would not be removed, new accounts
always gets added onto the end of the list), but I would prefer to "know for
sure" :).
The changes done so far is documented in the manpage (part of the attached
patch).
I reckon exporting LOCALNAME as an environment variable to all scripts would
imho be a good change. Would anybody else back that?
auth-fail.patch has been included into patches used by net-dialup/ppp-2.4.4-r6.
There are some English grammar mistakes in the patches:
s/is execute /is executed /g
s/accounts is available/accounts are available/
As I'm not a native speaker either, someone should check them for more.
I take it I should file a seperate bug for the LOCALNAME patch?
I've just asked a friend to take a look at them, he's english is much better
than my own. Will post updated patches this evening.
I unified those patches (see r6). Please do the same.
There's still (at least) one to correct, which I also mentioned before:
s/accounts is available/accounts are available/
