Attachment 4816 Details for Bug 8831 – shadow-4.0.3-su-pam_open_session.patch

[patch] shadow-4.0.3-su-pam_open_session.patch

shadow-4.0.3-su-pam_open_session.patch (text/plain), 1.42 KB, created by Martin Schlemmer (RETIRED) on 2002-10-19 04:30:25 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Martin Schlemmer (RETIRED)

Created: 2002-10-19 04:30:25 UTC

Size: 1.42 KB

patch

obsolete

>--- shadow-4.0.3/src/su.c.orig	2002-10-19 09:54:05.000000000 +0200
>+++ shadow-4.0.3/src/su.c	2002-10-19 11:28:43.000000000 +0200
>@@ -252,6 +252,14 @@
> 		 */
> 		if ((cp = getenv ("TERM")))
> 			addenv ("TERM", cp);
>+		/*
>+		 * Also leave DISPLAY and XAUTHORITY if present, else
>+		 * pam_xauth will not work.
>+		 */
>+		if ((cp = getenv ("DISPLAY")))
>+			addenv ("DISPLAY", cp);
>+		if ((cp = getenv ("XAUTHORITY")))
>+			addenv ("XAUTHORITY", cp);
> 	} else {
> 		while (*envp)
> 			addenv (*envp++, NULL);
>@@ -507,7 +515,10 @@
> 	}
> #endif
> 
>+/* setup the environment for pam later on, else we run into auth problems */
>+#ifndef USE_PAM
> 	environ = newenvp;	/* make new environment active */
>+#endif
> 
> 	if (getenv ("IFS"))	/* don't export user IFS ... */
> 		addenv ("IFS= \t\n", NULL);	/* ... instead, set a safe IFS */
>@@ -555,6 +566,22 @@
> 		exit (1);
> 	}
> 
>+	ret = pam_open_session (pamh, 0);
>+	if (ret != PAM_SUCCESS) {
>+		SYSLOG ((LOG_ERR, "pam_open_session: %s",
>+			pam_strerror (pamh, ret)));
>+		fprintf (stderr, "%s: %s\n", Prog,
>+			pam_strerror (pamh, ret));
>+		pam_end (pamh, ret);
>+		exit (1);
>+	}
>+
>+	/* we need to setup the environment *after* pam_open_session(),
>+	 * else the UID is changed before stuff like pam_xauth could
>+	 * run, and we cannot access /etc/shadow and co
>+	 */
>+	environ = newenvp;      /* make new environment active */
>+
> 	/* become the new user */
> 	if (change_uid (&pwent)) {
> 		pam_setcred (pamh, PAM_DELETE_CRED);

Actions: View | Diff

Attachments on bug 8831: 4816