Merge pull request #1772 from jrha/cleanup-pam

ncm-pam: Fix wrapping and indentation in pan
quattor · Dec 5, 2024 · 934cfac · 934cfac
2 parents aeaa536 + 3f0e351
commit 934cfac
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 15 deletions.
diff --git a/ncm-pam/src/main/pan/components/pam/config.pan b/ncm-pam/src/main/pan/components/pam/config.pan
@@ -51,10 +51,12 @@ function pam_add = {
             options = ARGV[4];
         };
     };
-    ret[service][pamtype][tail] = dict("control", control,
-                                    "module", module,
-                                    "options", options,
-                                    "options_list", options_list);
+    ret[service][pamtype][tail] = dict(
+        "control", control,
+        "module", module,
+        "options", options,
+        "options_list", options_list,
+    );
 
     ret;
 };
@@ -197,11 +199,11 @@ function pam_add_access_acl = {
 
     if(!ret[key]["allowpos"] && permission == "+") {
         error("PAM access policy for " + key + "does not permit positive acls, discarding " + entry_string);
-        };
+    };
 
     if(!ret[key]["allowneg"] && permission == "-") {
         error("PAM access policy for " + key + "does not permit negative acls, discarding " + entry_string);
-        };
+    };
 
     tail = length(ret[key][acl]);
     ret[key][acl][tail] = dict("permission", permission, "users", users, "origins", origins);

diff --git a/ncm-pam/src/main/pan/components/pam/schema.pan b/ncm-pam/src/main/pan/components/pam/schema.pan
@@ -1,4 +1,5 @@
 # ${license-info}
+
 # ${developer-info}
 # ${author-info}
 
@@ -33,7 +34,6 @@ type pam_component_options = extensible {
 };
 
 type pam_component_listfile_acl = {
-
     "filename" : string
     "items" : string[]
 };
@@ -64,7 +64,7 @@ type pam_component_module = {
 type pam_component_access_entry = {
     "permission" : string with match(SELF, "^[-+]$")
     "users" : string
-        "origins" : string
+    "origins" : string
 };
 
 type pam_component_access = {

diff --git a/ncm-pam/src/test/resources/simple.pan b/ncm-pam/src/test/resources/simple.pan
@@ -12,13 +12,20 @@ prefix "/software/components/pam";
 "modules/limits/path" = "/lib/security/$ISA/pam_limits.so";
 
 # configure /etc/pam.d/sshd
-"services/sshd/auth" = append(dict("control", "required", "module", "env"));
-"services/sshd/password" = append(dict("control", "required",
-                      "module", "include",
-                      "options", dict("service", "/etc/pam.d/system-auth")));
-
-"services/sshd/session" = append(dict("control", "required",
-                                       "module", "limits"));
+"services/sshd/auth" = append(dict(
+    "control", "required",
+    "module", "env",
+));
+"services/sshd/password" = append(dict(
+    "control", "required",
+    "module", "include",
+    "options", dict("service", "/etc/pam.d/system-auth"),
+));
+
+"services/sshd/session" = append(dict(
+    "control", "required",
+    "module", "limits",
+));
 
 # declare an ACL
 "access/access/acl/0/origins" = "ALL";