SHA256
1
0
forked from pool/systemd
systemd/pam-properly-handle-ssh-logins-without-pam-tty-field.patch

58 lines
2.6 KiB
Diff
Raw Normal View History

Accepting request 149703 from home:fcrozat:branches:Base:System - Add systemctl-options.patch: handle SYSTEMCTL_OPTIONS internaly (bnc#798620). - Update crypt-loop-file.patch to correctly detect crypto loop files (bnc#799514). - Add journalctl-remove-leftover-message.patch: remove debug message in systemctl. - Add job-avoid-recursion-when-cancelling.patch: prevent potential recursion when cancelling a service. - Add sysctl-parse-all-keys.patch: ensure sysctl file is fully parsed. - Add journal-fix-cutoff-max-date.patch: fix computation of cutoff max date for journal. - Add reword-rescue-mode-hints.patch: reword rescue prompt. - Add improve-overflow-checks.patch: improve time overflow checks. - Add fix-swap-behaviour-with-symlinks.patch: fix swap behaviour with symlinks. - Add hostnamectl-fix-set-hostname-with-no-argument.patch: ensure hostnamectl requires an argument when called with set-hostname option. - Add agetty-overrides-term.patch: pass correctly terminal type to agetty. - Add check-for-empty-strings-in-strto-conversions.patch: better check for empty strings in strto* conversions. - Add strv-cleanup-error-path-loops.patch: cleanup strv on error path. - Add cryptsetup-handle-plain.patch: correctly handle "plain" option in cryptsetup. - Add fstab-generator-improve-error-message.patch: improve error message in fstab-generator. - Add delta-accept-t-option.patch: accept -t option in OBS-URL: https://build.opensuse.org/request/show/149703 OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=331
2013-01-23 14:44:07 +01:00
From 0ad1271f564b9c956685938167f7ea8c301e835e Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Sun, 23 Dec 2012 22:31:17 +0100
Subject: [PATCH] pam: properly handle SSH logins lacking the PAM tty field
---
src/login/pam-module.c | 19 ++++++++++++++-----
1 file changed, 14 insertions(+), 5 deletions(-)
diff --git a/src/login/pam-module.c b/src/login/pam-module.c
index 08a9328..e6764a1 100644
--- a/src/login/pam-module.c
+++ b/src/login/pam-module.c
@@ -322,7 +322,7 @@ _public_ PAM_EXTERN int pam_sm_open_session(
struct passwd *pw;
bool kill_processes = false, debug = false;
- const char *username, *id, *object_path, *runtime_path, *service = NULL, *tty = NULL, *display = NULL, *remote_user = NULL, *remote_host = NULL, *seat = NULL, *type, *class, *cvtnr = NULL;
+ const char *username, *id, *object_path, *runtime_path, *service = NULL, *tty = NULL, *display = NULL, *remote_user = NULL, *remote_host = NULL, *seat = NULL, *type = NULL, *class, *cvtnr = NULL;
char **controllers = NULL, **reset_controllers = NULL, **kill_only_users = NULL, **kill_exclude_users = NULL;
DBusError error;
uint32_t uid, pid;
@@ -453,9 +453,17 @@ _public_ PAM_EXTERN int pam_sm_open_session(
display = tty;
tty = "";
} else if (streq(tty, "cron")) {
- /* cron has been setting PAM_TTY to "cron" for a very long time
- * and it cannot stop doing that for compatibility reasons. */
+ /* cron has been setting PAM_TTY to "cron" for a very
+ * long time and it probably shouldn't stop doing that
+ * for compatibility reasons. */
tty = "";
+ type = "unspecified";
+ } else if (streq(tty, "ssh")) {
+ /* ssh has been setting PAM_TTY to "ssh" for a very
+ * long time and probably shouldn't stop doing that
+ * for compatibility reasons. */
+ tty = "";
+ type ="tty";
}
/* If this fails vtnr will be 0, that's intended */
@@ -469,8 +477,9 @@ _public_ PAM_EXTERN int pam_sm_open_session(
get_seat_from_display(display, NULL, &vtnr);
}
- type = !isempty(display) ? "x11" :
- !isempty(tty) ? "tty" : "unspecified";
+ if (!type)
+ type = !isempty(display) ? "x11" :
+ !isempty(tty) ? "tty" : "unspecified";
class = pam_getenv(handle, "XDG_SESSION_CLASS");
if (isempty(class))
--
1.7.10.4