1 /*
2 * Copyright (c) 2021 Andrew G. Morgan <morgan@kernel.org>
3 *
4 * The purpose of this file is to provide an executable mode for the
5 * pam_cap.so binary. If you run it directly, all it does is print
6 * version information.
7 *
8 * It accepts the optional --help argument which causes the executable
9 * to display a summary of all the supported, pam stacked, module
10 * arguments.
11 */
12
13 #include <stdio.h>
14 #include <stdlib.h>
15 #include <string.h>
16
17 #include "../libcap/execable.h"
18
SO_MAIN(int argc,char ** argv)19 SO_MAIN(int argc, char **argv)
20 {
21 const char *cmd = "<pam_cap.so>";
22 if (argv != NULL) {
23 cmd = argv[0];
24 }
25
26 printf(
27 "%s (version " LIBCAP_VERSION ") is a PAM module to specify\n"
28 "inheritable (IAB) capabilities via the libpam authentication\n"
29 "abstraction. See the libcap License file for licensing information.\n"
30 "\n"
31 "Release notes and feature documentation for libcap and pam_cap.so\n"
32 "can be found at:\n"
33 "\n"
34 " https://sites.google.com/site/fullycapable/\n", cmd);
35 if (argc <= 1) {
36 return;
37 }
38
39 if (argc > 2 || strcmp(argv[1], "--help")) {
40 printf("\n%s only supports the optional argument --help\n", cmd);
41 exit(1);
42 }
43
44 printf("\n"
45 "%s supports the following module arguments:\n"
46 "\n"
47 "debug - verbose logging (ignored for now)\n"
48 "config=<file> - override the default config with file\n"
49 "keepcaps - workaround for apps that setuid without this\n"
50 "autoauth - pam_cap.so to always succeed for the 'auth' phase\n"
51 "default=<iab> - fallback IAB value if there is no '*' rule\n",
52 cmd);
53 }
54