OBS User unknown 2007-03-06 08:02:47 +00:00 committed by Git OBS Bridge
parent bf56cf2642
commit 979ae87efc
3 changed files with 22 additions and 14 deletions

View File

@ -400,7 +400,7 @@ Index: src/su.c
static void run_shell (char const *, char const *, char **, size_t)
ATTRIBUTE_NORETURN;
@@ -216,7 +239,162 @@ log_su (struct passwd const *pw, bool su
@@ -216,7 +239,163 @@ log_su (struct passwd const *pw, bool su
}
#endif
@ -466,11 +466,6 @@ Index: src/su.c
+ sigset_t ourset;
+ int status;
+
+ /* su without pam support does not have a helper that keeps
+ * sitting on any directory so let's go to / */
+ if (chdir ("/") != 0)
+ error (0, errno, _("warning: cannot change directory to %s"), "/");
+
+ retval = pam_open_session (pamh,0);
+ if (retval != PAM_SUCCESS)
+ {
@ -493,6 +488,12 @@ Index: src/su.c
+ return;
+
+ /* in the parent watch the child */
+
+ /* su without pam support does not have a helper that keeps
+ * sitting on any directory so let's go to / */
+ if (chdir ("/") != 0)
+ error (0, errno, _("warning: cannot change directory to %s"), "/");
+
+ sigfillset (&ourset);
+ if (sigprocmask (SIG_BLOCK, &ourset, NULL))
+ {
@ -563,7 +564,7 @@ Index: src/su.c
Return true if the user gives the correct password for entry PW,
false if not. Return true without asking for a password if run by UID 0
or if PW has an empty password. */
@@ -224,10 +402,52 @@ log_su (struct passwd const *pw, bool su
@@ -224,10 +403,52 @@ log_su (struct passwd const *pw, bool su
static bool
correct_password (const struct passwd *pw)
{
@ -617,7 +618,7 @@ Index: src/su.c
endspent ();
if (sp)
@@ -248,6 +468,7 @@ correct_password (const struct passwd *p
@@ -248,6 +469,7 @@ correct_password (const struct passwd *p
encrypted = crypt (unencrypted, correct);
memset (unencrypted, 0, strlen (unencrypted));
return STREQ (encrypted, correct);
@ -625,7 +626,7 @@ Index: src/su.c
}
/* Update `environ' for the new shell based on PW, with SHELL being
@@ -272,8 +493,8 @@ modify_environment (const struct passwd
@@ -272,8 +494,8 @@ modify_environment (const struct passwd
xsetenv ("USER", pw->pw_name);
xsetenv ("LOGNAME", pw->pw_name);
xsetenv ("PATH", (pw->pw_uid
@ -636,7 +637,7 @@ Index: src/su.c
}
else
{
@@ -283,6 +504,12 @@ modify_environment (const struct passwd
@@ -283,6 +505,12 @@ modify_environment (const struct passwd
{
xsetenv ("HOME", pw->pw_dir);
xsetenv ("SHELL", shell);
@ -649,7 +650,7 @@ Index: src/su.c
if (pw->pw_uid)
{
xsetenv ("USER", pw->pw_name);
@@ -290,19 +517,41 @@ modify_environment (const struct passwd
@@ -290,19 +518,41 @@ modify_environment (const struct passwd
}
}
}
@ -693,7 +694,7 @@ Index: src/su.c
if (setgid (pw->pw_gid))
error (EXIT_FAIL, errno, _("cannot set group id"));
if (setuid (pw->pw_uid))
@@ -495,6 +744,7 @@ main (int argc, char **argv)
@@ -495,6 +745,7 @@ main (int argc, char **argv)
#ifdef SYSLOG_FAILURE
log_su (pw, false);
#endif
@ -701,7 +702,7 @@ Index: src/su.c
error (EXIT_FAIL, 0, _("incorrect password"));
}
#ifdef SYSLOG_SUCCESS
@@ -516,9 +766,21 @@ main (int argc, char **argv)
@@ -516,9 +767,21 @@ main (int argc, char **argv)
shell = NULL;
}
shell = xstrdup (shell ? shell : pw->pw_shell);

View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Mon Mar 5 17:23:45 CET 2007 - lnussel@suse.de
- su: don't chdir("/") before fork() (#251287)
-------------------------------------------------------------------
Fri Mar 2 13:47:35 CET 2007 - lnussel@suse.de

View File

@ -21,7 +21,7 @@ Obsoletes: libselinux <= 1.23.11-3 libselinux-32bit >= 9 libselinux-64bit =
Autoreqprov: on
PreReq: %{install_info_prereq}
Version: 6.8
Release: 3
Release: 4
Summary: GNU Core Utilities
Source: coreutils-%{version}.tar.bz2
Source1: su.pamd
@ -171,6 +171,8 @@ rm -rf $RPM_BUILD_ROOT
%dir %{_prefix}/share/locale/*/LC_TIME
%changelog
* Mon Mar 05 2007 - lnussel@suse.de
- su: don't chdir("/") before fork() (#251287)
* Fri Mar 02 2007 - lnussel@suse.de
- split off and rework PAM patch for su:
* run pam_open_session as root (#245706)