- (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c.
- (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to
retain previous behavior.
+ - (dtucker) [platform.c session.c] Move the PAM credential establishment for
+ the LOGIN_CAP case into platform.c.
20101025
- (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with
-/* $Id: platform.c,v 1.8 2010/11/05 01:50:41 dtucker Exp $ */
+/* $Id: platform.c,v 1.9 2010/11/05 02:00:05 dtucker Exp $ */
/*
* Copyright (c) 2006 Darren Tucker. All rights reserved.
#include "openbsd-compat/openbsd-compat.h"
+extern int use_privsep;
+
void
platform_pre_listen(void)
{
if (getuid() == 0 || geteuid() == 0)
setpgid(0, 0);
# endif
+
+#if defined(HAVE_LOGIN_CAP) && defined(USE_PAM)
+ /*
+ * If we have both LOGIN_CAP and PAM, we want to establish creds
+ * before calling setusercontext (in session.c:do_setusercontext).
+ */
+ if (getuid() == 0 || geteuid() == 0) {
+ if (options.use_pam) {
+ do_pam_setcred(use_privsep);
+ }
+ }
+# endif /* USE_PAM */
}
/*
#endif /* HAVE_CYGWIN */
{
#ifdef HAVE_LOGIN_CAP
-# ifdef USE_PAM
- if (options.use_pam) {
- do_pam_setcred(use_privsep);
- }
-# endif /* USE_PAM */
if (setusercontext(lc, pw, pw->pw_uid,
(LOGIN_SETALL & ~(LOGIN_SETPATH|LOGIN_SETUSER))) < 0) {
perror("unable to set user context");
projects / thirdparty / openssh-portable.git / commitdiff
