Changed path and added debugging to log file

2015-10-15 19:54:58 +02:00 · 2015-10-15 19:54:58 +02:00 · 361e70fa13
parent a5583da5c3
commit 361e70fa13
1 changed files with 4 additions and 4 deletions
--- a/plugins/plugin_pam_phase1
+++ b/plugins/plugin_pam_phase1
@ -15,7 +15,7 @@
 #-----------------------------------------------------
 #########################################################################
 #
-    PAM_DIRECTORY="/root/pam.d"
+    PAM_DIRECTORY="/etc/pam.d"
    # Test        : PLGN-0010
    # Description : Check PAM configuration
    if [ -f /etc/pam.conf -o -d /etc/pam.d ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
@ -30,7 +30,7 @@
                #if [ -f /etc/pam.conf ]; then FIND="/etc/pam.conf ${FIND}"; fi
                for PAM_FILE in ${FIND_FILES}; do
                    #echo ""
-                    #echo "* ${PAM_FILE}"
+                    logtext "Now checking PAM file ${PAM_FILE}"
                    while read line; do
                        # Strip empty lines, commented lines, tabs, line breaks (\), then finally remove all double spaces
                        LINE=`echo $line | grep -v "^#" | grep -v "^$" | tr '\011' ' ' | sed 's/\\\n/ /' | sed 's/  / /g'`
@ -285,7 +285,7 @@ report "authentication_two_factor_enabled=${PAM_2F_AUTH_ENABLED}"
 logtext "[PAM] PAM 2F authentication required: ${PAM_2F_AUTH_REQUIRED}"
 report "authentication_two_factor_required=${PAM_2F_AUTH_ENABLED}"

-if [ ! "${AUTH_UNLOCK_TIME}" = "" ]; then
+if [ ! "${AUTH_UNLOCK_TIME}" = "-1" ]; then
    logtext "[PAM] Authentication unlock time: ${AUTH_UNLOCK_TIME}"
    report "authentication_unlock_time=${AUTH_UNLOCK_TIME}"
  else
@ -304,7 +304,7 @@ if [ ${PAM_AUTH_BRUTE_FORCE_PROTECTION} -eq 1 ]; then
    report "authentication_brute_force_protection=1"
 fi

-if [ ! "${MIN_PASSWORD_LENGTH}" = "" ]; then
+if [ ! "${MIN_PASSWORD_LENGTH}" = "-1" ]; then
    logtext "[PAM] Minimum password length: ${MIN_PASSWORD_LENGTH}"
    report "minimum_password_length=${MIN_PASSWORD_LENGTH}"
  else