This commit is contained in:
parent
7d48496d36
commit
6d1722507c
@ -37,7 +37,7 @@ Index: src/Makefile.am
|
||||
ls_LDADD += $(LIB_ACL_TRIVIAL) $(LIB_ACL)
|
||||
--- src/getdef.c
|
||||
+++ src/getdef.c
|
||||
@@ -0,0 +1,257 @@
|
||||
@@ -0,0 +1,259 @@
|
||||
+/* Copyright (C) 2003, 2004, 2005 Thorsten Kukuk
|
||||
+ Author: Thorsten Kukuk <kukuk@suse.de>
|
||||
+
|
||||
@ -70,9 +70,9 @@ Index: src/Makefile.am
|
||||
+#include "getdef.h"
|
||||
+
|
||||
+struct item {
|
||||
+ char *name; /* name of the option. */
|
||||
+ char *value; /* value of the option. */
|
||||
+ struct item *next; /* pointer to next option. */
|
||||
+ char *name; /* Name of the option. */
|
||||
+ char *value; /* Value of the option. */
|
||||
+ struct item *next; /* Pointer to next option. */
|
||||
+};
|
||||
+
|
||||
+static struct item *list = NULL;
|
||||
@ -109,12 +109,12 @@ Index: src/Makefile.am
|
||||
+ abort ();
|
||||
+
|
||||
+ new->name = strdup (name);
|
||||
+ new->value = strdup (value?:"");
|
||||
+ new->value = strdup (value ?: "");
|
||||
+ new->next = list;
|
||||
+ list = new;
|
||||
+}
|
||||
+
|
||||
+/* search a special entry in the list and return the value. */
|
||||
+/* Search a special entry in the list and return the value. */
|
||||
+static const char *
|
||||
+search (const char *name)
|
||||
+{
|
||||
@ -131,7 +131,7 @@ Index: src/Makefile.am
|
||||
+ return NULL;
|
||||
+}
|
||||
+
|
||||
+/* Load the login.defs file (/etc/login.defs) */
|
||||
+/* Load the login.defs file (/etc/login.defs). */
|
||||
+static void
|
||||
+load_defaults_internal (const char *filename)
|
||||
+{
|
||||
@ -173,7 +173,7 @@ Index: src/Makefile.am
|
||||
+ tmp = strchr (cp, '#'); /* remove comments */
|
||||
+ if (tmp)
|
||||
+ *tmp = '\0';
|
||||
+ while (isspace ((int)*cp)) /* remove spaces and tabs */
|
||||
+ while (isspace ((unsigned char) *cp)) /* remove spaces and tabs */
|
||||
+ ++cp;
|
||||
+ if (*cp == '\0') /* ignore empty lines */
|
||||
+ continue;
|
||||
@ -183,7 +183,7 @@ Index: src/Makefile.am
|
||||
+
|
||||
+ tmp = strsep (&cp, " \t=");
|
||||
+ if (cp != NULL)
|
||||
+ while (isspace ((int)*cp) || *cp == '=')
|
||||
+ while (isspace ((unsigned char) *cp) || *cp == '=')
|
||||
+ ++cp;
|
||||
+
|
||||
+ store (tmp, cp);
|
||||
@ -232,9 +232,10 @@ Index: src/Makefile.am
|
||||
+ if (val == NULL)
|
||||
+ return dflt;
|
||||
+
|
||||
+ errno = 0;
|
||||
+ retval = strtol (val, &cp, 0);
|
||||
+ if (*cp != '\0' ||
|
||||
+ ((retval == LONG_MAX || retval == LONG_MIN) && errno == ERANGE))
|
||||
+ if (*cp != '\0'
|
||||
+ || ((retval == LONG_MAX || retval == LONG_MIN) && errno == ERANGE))
|
||||
+ {
|
||||
+ fprintf (stderr,
|
||||
+ "%s contains invalid numerical value: %s!\n",
|
||||
@ -259,6 +260,7 @@ Index: src/Makefile.am
|
||||
+ if (val == NULL)
|
||||
+ return dflt;
|
||||
+
|
||||
+ errno = 0;
|
||||
+ retval = strtoul (val, &cp, 0);
|
||||
+ if (*cp != '\0' || (retval == ULONG_MAX && errno == ERANGE))
|
||||
+ {
|
||||
@ -417,7 +419,7 @@ Index: src/Makefile.am
|
||||
static void run_shell (char const *, char const *, char **, size_t)
|
||||
ATTRIBUTE_NORETURN;
|
||||
|
||||
@@ -215,7 +238,163 @@ log_su (struct passwd const *pw, bool su
|
||||
@@ -215,7 +238,162 @@ log_su (struct passwd const *pw, bool su
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -443,30 +445,29 @@ Index: src/Makefile.am
|
||||
+static void
|
||||
+cleanup_pam (int retcode)
|
||||
+{
|
||||
+ if (_pam_cred_established)
|
||||
+ pam_setcred (pamh, PAM_DELETE_CRED | PAM_SILENT);
|
||||
+
|
||||
+ if (_pam_session_opened)
|
||||
+ pam_close_session (pamh, 0);
|
||||
+
|
||||
+ if (_pam_cred_established)
|
||||
+ pam_setcred (pamh, PAM_DELETE_CRED | PAM_SILENT);
|
||||
+
|
||||
+ pam_end(pamh, retcode);
|
||||
+}
|
||||
+
|
||||
+/* Signal handler for parent process */
|
||||
+/* Signal handler for parent process. */
|
||||
+static void
|
||||
+su_catch_sig (int sig)
|
||||
+{
|
||||
+ caught_signal = true;
|
||||
+}
|
||||
+
|
||||
+/* Export env variables declared by PAM modules */
|
||||
+/* Export env variables declared by PAM modules. */
|
||||
+static void
|
||||
+export_pamenv(void)
|
||||
+export_pamenv (void)
|
||||
+{
|
||||
+ char** env;
|
||||
+ char **env;
|
||||
+
|
||||
+ /* this is a copy but don't care to free as we exec later anyways
|
||||
+ * */
|
||||
+ /* This is a copy but don't care to free as we exec later anyways. */
|
||||
+ env = pam_getenvlist (pamh);
|
||||
+ while (env && *env)
|
||||
+ {
|
||||
@ -477,18 +478,18 @@ Index: src/Makefile.am
|
||||
+}
|
||||
+
|
||||
+static void
|
||||
+create_watching_parent(void)
|
||||
+create_watching_parent (void)
|
||||
+{
|
||||
+ pid_t child;
|
||||
+ sigset_t ourset;
|
||||
+ int status;
|
||||
+
|
||||
+ retval = pam_open_session (pamh,0);
|
||||
+ retval = pam_open_session (pamh, 0);
|
||||
+ if (retval != PAM_SUCCESS)
|
||||
+ {
|
||||
+ cleanup_pam(retval);
|
||||
+ cleanup_pam (retval);
|
||||
+ error (EXIT_FAILURE, 0, _("cannot not open session: %s"),
|
||||
+ pam_strerror (pamh, retval));
|
||||
+ pam_strerror (pamh, retval));
|
||||
+ }
|
||||
+ else
|
||||
+ _pam_session_opened = 1;
|
||||
@ -496,7 +497,7 @@ Index: src/Makefile.am
|
||||
+ child = fork ();
|
||||
+ if (child == (pid_t) -1)
|
||||
+ {
|
||||
+ cleanup_pam(PAM_ABORT);
|
||||
+ cleanup_pam (PAM_ABORT);
|
||||
+ error (EXIT_FAILURE, errno, _("cannot create child process"));
|
||||
+ }
|
||||
+
|
||||
@ -504,10 +505,10 @@ Index: src/Makefile.am
|
||||
+ if (child == 0)
|
||||
+ return;
|
||||
+
|
||||
+ /* in the parent watch the child */
|
||||
+ /* In the parent watch the child. */
|
||||
+
|
||||
+ /* su without pam support does not have a helper that keeps
|
||||
+ * sitting on any directory so let's go to / */
|
||||
+ sitting on any directory so let's go to /. */
|
||||
+ if (chdir ("/") != 0)
|
||||
+ error (0, errno, _("warning: cannot change directory to %s"), "/");
|
||||
+
|
||||
@ -564,7 +565,7 @@ Index: src/Makefile.am
|
||||
+ kill (child, SIGTERM);
|
||||
+ }
|
||||
+
|
||||
+ cleanup_pam(PAM_SUCCESS);
|
||||
+ cleanup_pam (PAM_SUCCESS);
|
||||
+
|
||||
+ if (caught_signal)
|
||||
+ {
|
||||
@ -590,7 +591,7 @@ Index: src/Makefile.am
|
||||
+ const char *cp;
|
||||
+
|
||||
+ retval = pam_start (simulate_login ? PAM_SERVICE_NAME_L : PAM_SERVICE_NAME,
|
||||
+ pw->pw_name, &conv, &pamh);
|
||||
+ pw->pw_name, &conv, &pamh);
|
||||
+ PAM_BAIL_P (return false);
|
||||
+
|
||||
+ if (isatty (0) && (cp = ttyname (0)) != NULL)
|
||||
@ -604,7 +605,7 @@ Index: src/Makefile.am
|
||||
+ retval = pam_set_item (pamh, PAM_TTY, tty);
|
||||
+ PAM_BAIL_P (return false);
|
||||
+ }
|
||||
+#if 0 /* manpage discourages use of getlogin */
|
||||
+#if 0 /* Manpage discourages use of getlogin. */
|
||||
+ cp = getlogin ();
|
||||
+ if (!(cp && *cp && (lpw = getpwnam (cp)) != NULL && lpw->pw_uid == getuid ()))
|
||||
+#endif
|
||||
@ -619,12 +620,12 @@ Index: src/Makefile.am
|
||||
+ retval = pam_acct_mgmt (pamh, 0);
|
||||
+ if (retval == PAM_NEW_AUTHTOK_REQD)
|
||||
+ {
|
||||
+ /* password has expired. Offer option to change it. */
|
||||
+ /* Password has expired. Offer option to change it. */
|
||||
+ retval = pam_chauthtok (pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
|
||||
+ PAM_BAIL_P (return false);
|
||||
+ }
|
||||
+ PAM_BAIL_P (return false);
|
||||
+ /* must be authenticated if this point was reached */
|
||||
+ /* Must be authenticated if this point was reached. */
|
||||
+ return true;
|
||||
+#else /* !USE_PAM */
|
||||
char *unencrypted, *encrypted, *correct;
|
||||
@ -689,7 +690,7 @@ Index: src/Makefile.am
|
||||
- error (EXIT_FAILURE, errno, _("cannot set groups"));
|
||||
+ {
|
||||
+#ifdef USE_PAM
|
||||
+ cleanup_pam(PAM_ABORT);
|
||||
+ cleanup_pam (PAM_ABORT);
|
||||
+#endif
|
||||
+ error (EXIT_FAILURE, errno, _("cannot set groups"));
|
||||
+ }
|
||||
@ -724,17 +725,17 @@ Index: src/Makefile.am
|
||||
}
|
||||
shell = xstrdup (shell ? shell : pw->pw_shell);
|
||||
+
|
||||
+ init_groups(pw);
|
||||
+ init_groups (pw);
|
||||
+
|
||||
+#ifdef USE_PAM
|
||||
+ create_watching_parent();
|
||||
+ /* now we're in the child */
|
||||
+ create_watching_parent ();
|
||||
+ /* Now we're in the child. */
|
||||
+#endif
|
||||
+
|
||||
+ change_identity(pw);
|
||||
+ change_identity (pw);
|
||||
+
|
||||
+ /* Set environment after pam_open_session, which may put KRB5CCNAME
|
||||
+ * into the pam_env, etc. */
|
||||
+ into the pam_env, etc. */
|
||||
+
|
||||
modify_environment (pw, shell);
|
||||
|
||||
|
@ -1,3 +1,8 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Oct 21 11:31:35 CEST 2008 - schwab@suse.de
|
||||
|
||||
- Fix pam cleanup.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 18 16:38:01 CEST 2008 - schwab@suse.de
|
||||
|
||||
|
@ -24,7 +24,7 @@ Url: http://www.gnu.org/software/coreutils/
|
||||
License: GNU Free Documentation License, Version 1.2 (GFDL 1.2); GPL v2 or later; GPL v3 or later
|
||||
Group: System/Base
|
||||
Version: 6.12
|
||||
Release: 29
|
||||
Release: 30
|
||||
Provides: fileutils sh-utils stat textutils mktemp
|
||||
Obsoletes: fileutils sh-utils stat textutils mktemp
|
||||
Obsoletes: libselinux <= 1.23.11-3 libselinux-32bit = 9 libselinux-64bit = 9 libselinux-x86 = 9
|
||||
@ -189,6 +189,8 @@ rm -rf $RPM_BUILD_ROOT
|
||||
%defattr(-,root,root)
|
||||
|
||||
%changelog
|
||||
* Tue Oct 21 2008 schwab@suse.de
|
||||
- Fix pam cleanup.
|
||||
* Thu Sep 18 2008 schwab@suse.de
|
||||
- Move readlink and md5sum to /bin.
|
||||
* Wed Aug 20 2008 schwab@suse.de
|
||||
|
Loading…
Reference in New Issue
Block a user