From: Karel Zak Date: Wed, 3 Feb 2021 13:45:15 +0000 (+0100) Subject: su: use full tty path for PAM_TTY X-Git-Tag: v2.37-rc1~142 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=61653767371048c805ae8032951476c547d19e09;p=thirdparty%2Futil-linux.git su: use full tty path for PAM_TTY pam_set_item() man page: PAM_TTY The terminal name: prefixed by /dev/ if it is a device file; for graphical, X-based, applications the value for this item should be the $DISPLAY variable. It seems for example pam_timestamp module is not robust enough to differentiate between /dev/ and pty/0 and it assumes that '/' in the path always means '/dev/' prefix ... Fixes: https://github.com/karelzak/util-linux/issues/1242 Signed-off-by: Karel Zak --- diff --git a/login-utils/su-common.c b/login-utils/su-common.c index a544c1b875..caf20adc56 100644 --- a/login-utils/su-common.c +++ b/login-utils/su-common.c @@ -128,6 +128,7 @@ struct su_context { struct passwd *pwd; /* new user info */ char *pwdbuf; /* pwd strings */ + const char *tty_path; /* tty device path */ const char *tty_name; /* tty_path without /dev prefix */ const char *tty_number; /* end of the tty_path */ @@ -178,7 +179,7 @@ static void init_tty(struct su_context *su) su->isterm = isatty(STDIN_FILENO) ? 1 : 0; DBG(TTY, ul_debug("initialize [is-term=%s]", su->isterm ? "true" : "false")); if (su->isterm) - get_terminal_name(NULL, &su->tty_name, &su->tty_number); + get_terminal_name(&su->tty_path, &su->tty_name, &su->tty_number); } /* @@ -366,8 +367,8 @@ static void supam_authenticate(struct su_context *su) if (is_pam_failure(rc)) goto done; - if (su->tty_name) { - rc = pam_set_item(su->pamh, PAM_TTY, su->tty_name); + if (su->tty_path) { + rc = pam_set_item(su->pamh, PAM_TTY, su->tty_path); if (is_pam_failure(rc)) goto done; }