XiZi's Blog
修改pam_mysql的源代码,让他支持ipv6.
配置了vsftp+pam_mysql+mysql的虚拟用户管理系统。但学校的ipv6网络,人家用ipv6访问的时候不能准确记录其ip地址。遂down了pam_mysql的源代码,改之。基于尽量少的改动原有文件的原则。添加了部分代码。现在ok了。下面给大家说说具体修改过程。
1. 当然是下载源代码了。
在你能有写权限的目录,比如 /home/you/ 建立工作目录如:mysql-pam 并进入
mkdir pam-mysql
cd pam-mysql
apt-get source libpam-mysql
cd pam-mysql
apt-get source libpam-mysql
将会得到以下文件
ado@www:~/mysql-pam$ ls
pam-mysql-0.6.2 pam-mysql_0.6.2-1.dsc
pam-mysql_0.6.2-1.diff.gz pam-mysql_0.6.2.orig.tar.gz
pam-mysql-0.6.2 pam-mysql_0.6.2-1.dsc
pam-mysql_0.6.2-1.diff.gz pam-mysql_0.6.2.orig.tar.gz
2. 修改pam_mysql.c
ado@www:~/mysql-pam$ cd pam-mysql-0.6.2/
ado@www:~/mysql-pam/pam-mysql-0.6.2$ vim pam_mysql.c
ado@www:~/mysql-pam/pam-mysql-0.6.2$ vim pam_mysql.c
第1753行,原文件为:
if (NULL == (remote_host = xcalloc(16, sizeof(char)))) {
syslog(LOG_AUTHPRIV | LOG_CRIT, PAM_MYSQL_LOG_PREFIX "allocation failure at " __FILE__ ":%d", __LINE__);
return PAM_MYSQL_ERR_ALLOC;
}
syslog(LOG_AUTHPRIV | LOG_CRIT, PAM_MYSQL_LOG_PREFIX "allocation failure at " __FILE__ ":%d", __LINE__);
return PAM_MYSQL_ERR_ALLOC;
}
修改为:
if (NULL == (remote_host = xcalloc(255, sizeof(char)))) {
syslog(LOG_AUTHPRIV | LOG_CRIT, PAM_MYSQL_LOG_PREFIX "allocation failure at " __FILE__ ":%d", __LINE__);
return PAM_MYSQL_ERR_ALLOC;
}
syslog(LOG_AUTHPRIV | LOG_CRIT, PAM_MYSQL_LOG_PREFIX "allocation failure at " __FILE__ ":%d", __LINE__);
return PAM_MYSQL_ERR_ALLOC;
}
给remote_host变量足够的存储空间。
从1752行开始田间如下能容:
sprintf(remote_host,"%s","unknown");
struct sockaddr_in6 client_address;
int salen6=sizeof(client_address);
if (!getpeername(0, (struct sockaddr *) &client_address, &salen6))
{
char inet[64]="no ip is 2001:0da8:a800:0000:0000:0000:0000:0000 has nothing to do";
inet_ntop(AF_INET6,&(client_address.sin6_addr),inet,strlen(inet));
sprintf(remote_host,"%s",inet);
}
//strcpy(remote_host, "(unknown)");注释掉原来的操作
//下面的代码不变
struct sockaddr_in6 client_address;
int salen6=sizeof(client_address);
if (!getpeername(0, (struct sockaddr *) &client_address, &salen6))
{
char inet[64]="no ip is 2001:0da8:a800:0000:0000:0000:0000:0000 has nothing to do";
inet_ntop(AF_INET6,&(client_address.sin6_addr),inet,strlen(inet));
sprintf(remote_host,"%s",inet);
}
//strcpy(remote_host, "(unknown)");注释掉原来的操作
//下面的代码不变
3. 好了,重新编译吧
./configure !如果提示找不到什么“mysql_config”就安装这个包"libmysqlclient15-dev"
make
sudo make install
# 默认会安装到 /usr/lib/security/里面。
# 建个软连接
ln -s /usr/lib/security/pam_mysql.so /lib/security/pam_mysql.so
make
sudo make install
# 默认会安装到 /usr/lib/security/里面。
# 建个软连接
ln -s /usr/lib/security/pam_mysql.so /lib/security/pam_mysql.so