|
Lines 252-257
Link Here
|
| 252 |
*/ |
252 |
*/ |
| 253 |
if ((cp = getenv ("TERM"))) |
253 |
if ((cp = getenv ("TERM"))) |
| 254 |
addenv ("TERM", cp); |
254 |
addenv ("TERM", cp); |
|
|
255 |
/* |
| 256 |
* Also leave DISPLAY and XAUTHORITY if present, else |
| 257 |
* pam_xauth will not work. |
| 258 |
*/ |
| 259 |
if ((cp = getenv ("DISPLAY"))) |
| 260 |
addenv ("DISPLAY", cp); |
| 261 |
if ((cp = getenv ("XAUTHORITY"))) |
| 262 |
addenv ("XAUTHORITY", cp); |
| 255 |
} else { |
263 |
} else { |
| 256 |
while (*envp) |
264 |
while (*envp) |
| 257 |
addenv (*envp++, NULL); |
265 |
addenv (*envp++, NULL); |
|
Lines 507-513
Link Here
|
| 507 |
} |
515 |
} |
| 508 |
#endif |
516 |
#endif |
| 509 |
|
517 |
|
|
|
518 |
/* setup the environment for pam later on, else we run into auth problems */ |
| 519 |
#ifndef USE_PAM |
| 510 |
environ = newenvp; /* make new environment active */ |
520 |
environ = newenvp; /* make new environment active */ |
|
|
521 |
#endif |
| 511 |
|
522 |
|
| 512 |
if (getenv ("IFS")) /* don't export user IFS ... */ |
523 |
if (getenv ("IFS")) /* don't export user IFS ... */ |
| 513 |
addenv ("IFS= \t\n", NULL); /* ... instead, set a safe IFS */ |
524 |
addenv ("IFS= \t\n", NULL); /* ... instead, set a safe IFS */ |
|
Lines 555-560
Link Here
|
| 555 |
exit (1); |
566 |
exit (1); |
| 556 |
} |
567 |
} |
| 557 |
|
568 |
|
|
|
569 |
ret = pam_open_session (pamh, 0); |
| 570 |
if (ret != PAM_SUCCESS) { |
| 571 |
SYSLOG ((LOG_ERR, "pam_open_session: %s", |
| 572 |
pam_strerror (pamh, ret))); |
| 573 |
fprintf (stderr, "%s: %s\n", Prog, |
| 574 |
pam_strerror (pamh, ret)); |
| 575 |
pam_end (pamh, ret); |
| 576 |
exit (1); |
| 577 |
} |
| 578 |
|
| 579 |
/* we need to setup the environment *after* pam_open_session(), |
| 580 |
* else the UID is changed before stuff like pam_xauth could |
| 581 |
* run, and we cannot access /etc/shadow and co |
| 582 |
*/ |
| 583 |
environ = newenvp; /* make new environment active */ |
| 584 |
|
| 558 |
/* become the new user */ |
585 |
/* become the new user */ |
| 559 |
if (change_uid (&pwent)) { |
586 |
if (change_uid (&pwent)) { |
| 560 |
pam_setcred (pamh, PAM_DELETE_CRED); |
587 |
pam_setcred (pamh, PAM_DELETE_CRED); |
