version 1.1.1.4, 2013/10/14 07:56:35
|
version 1.1.1.5, 2014/06/15 16:12:54
|
Line 230 sudo_pam_begin_session(struct passwd *pw, char **user_
|
Line 230 sudo_pam_begin_session(struct passwd *pw, char **user_
|
(void) pam_set_item(pamh, PAM_USER, pw->pw_name); |
(void) pam_set_item(pamh, PAM_USER, pw->pw_name); |
|
|
/* |
/* |
* Set credentials (may include resource limits, device ownership, etc). | * Reinitialize credentials when changing the user. |
* We don't worry about a failure from pam_setcred() since with |
* We don't worry about a failure from pam_setcred() since with |
* stacked PAM auth modules a failure from one module may override |
* stacked PAM auth modules a failure from one module may override |
* PAM_SUCCESS from another. For example, given a non-local user, |
* PAM_SUCCESS from another. For example, given a non-local user, |
Line 238 sudo_pam_begin_session(struct passwd *pw, char **user_
|
Line 238 sudo_pam_begin_session(struct passwd *pw, char **user_
|
* pam_unix is first in the stack, pam_setcred() will fail. |
* pam_unix is first in the stack, pam_setcred() will fail. |
*/ |
*/ |
if (def_pam_setcred) |
if (def_pam_setcred) |
(void) pam_setcred(pamh, PAM_ESTABLISH_CRED); | (void) pam_setcred(pamh, PAM_REINITIALIZE_CRED); |
|
|
if (def_pam_session) { |
if (def_pam_session) { |
*pam_status = pam_open_session(pamh, 0); |
*pam_status = pam_open_session(pamh, 0); |
Line 246 sudo_pam_begin_session(struct passwd *pw, char **user_
|
Line 246 sudo_pam_begin_session(struct passwd *pw, char **user_
|
(void) pam_end(pamh, *pam_status | PAM_DATA_SILENT); |
(void) pam_end(pamh, *pam_status | PAM_DATA_SILENT); |
pamh = NULL; |
pamh = NULL; |
status = AUTH_FAILURE; |
status = AUTH_FAILURE; |
|
goto done; |
} |
} |
} |
} |
|
|