1*2810ac1bSKiyoung Kim /* 2*2810ac1bSKiyoung Kim * Copyright (c) 2021 Andrew G. Morgan <[email protected]> 3*2810ac1bSKiyoung Kim * 4*2810ac1bSKiyoung Kim * The purpose of this file is to provide an executable mode for the 5*2810ac1bSKiyoung Kim * pam_cap.so binary. If you run it directly, all it does is print 6*2810ac1bSKiyoung Kim * version information. 7*2810ac1bSKiyoung Kim * 8*2810ac1bSKiyoung Kim * It accepts the optional --help argument which causes the executable 9*2810ac1bSKiyoung Kim * to display a summary of all the supported, pam stacked, module 10*2810ac1bSKiyoung Kim * arguments. 11*2810ac1bSKiyoung Kim */ 12*2810ac1bSKiyoung Kim 13*2810ac1bSKiyoung Kim #include <stdio.h> 14*2810ac1bSKiyoung Kim #include <stdlib.h> 15*2810ac1bSKiyoung Kim #include <string.h> 16*2810ac1bSKiyoung Kim 17*2810ac1bSKiyoung Kim #include "../libcap/execable.h" 18*2810ac1bSKiyoung Kim SO_MAIN(int argc,char ** argv)19*2810ac1bSKiyoung KimSO_MAIN(int argc, char **argv) 20*2810ac1bSKiyoung Kim { 21*2810ac1bSKiyoung Kim const char *cmd = "<pam_cap.so>"; 22*2810ac1bSKiyoung Kim if (argv != NULL) { 23*2810ac1bSKiyoung Kim cmd = argv[0]; 24*2810ac1bSKiyoung Kim } 25*2810ac1bSKiyoung Kim 26*2810ac1bSKiyoung Kim printf( 27*2810ac1bSKiyoung Kim "%s (version " LIBCAP_VERSION ") is a PAM module to specify\n" 28*2810ac1bSKiyoung Kim "inheritable (IAB) capabilities via the libpam authentication\n" 29*2810ac1bSKiyoung Kim "abstraction. See the pam_cap License file for licensing information.\n" 30*2810ac1bSKiyoung Kim "\n" 31*2810ac1bSKiyoung Kim "Release notes and feature documentation for libcap and pam_cap.so\n" 32*2810ac1bSKiyoung Kim "can be found at:\n" 33*2810ac1bSKiyoung Kim "\n" 34*2810ac1bSKiyoung Kim " https://sites.google.com/site/fullycapable/\n", cmd); 35*2810ac1bSKiyoung Kim if (argc <= 1) { 36*2810ac1bSKiyoung Kim return; 37*2810ac1bSKiyoung Kim } 38*2810ac1bSKiyoung Kim 39*2810ac1bSKiyoung Kim if (argc > 2 || argv[1] == NULL || strcmp(argv[1], "--help")) { 40*2810ac1bSKiyoung Kim printf("\n%s only supports the optional argument --help\n", cmd); 41*2810ac1bSKiyoung Kim exit(1); 42*2810ac1bSKiyoung Kim } 43*2810ac1bSKiyoung Kim 44*2810ac1bSKiyoung Kim printf("\n" 45*2810ac1bSKiyoung Kim "%s supports the following module arguments:\n" 46*2810ac1bSKiyoung Kim "\n" 47*2810ac1bSKiyoung Kim "debug - verbose logging (ignored for now)\n" 48*2810ac1bSKiyoung Kim "config=<file> - override the default config with file\n" 49*2810ac1bSKiyoung Kim "keepcaps - workaround for apps that setuid without this\n" 50*2810ac1bSKiyoung Kim "autoauth - pam_cap.so to always succeed for the 'auth' phase\n" 51*2810ac1bSKiyoung Kim "default=<iab> - fallback IAB value if there is no '*' rule\n" 52*2810ac1bSKiyoung Kim "defer - apply IAB value at pam_exit (not via setcred)\n", 53*2810ac1bSKiyoung Kim cmd); 54*2810ac1bSKiyoung Kim } 55