diff options
author | Damien Miller <djm@mindrot.org> | 2001-03-27 16:12:24 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2001-03-27 16:12:24 +1000 |
commit | f9e93009478075ec04f0ee407e8f83ab2558a892 (patch) | |
tree | 48327e0001087c3d25a13a4a53111519c5b0145c /auth-pam.c | |
parent | 771bbac73327304cbac69ca37e33b5771e01fc17 (diff) | |
download | openssh-git-f9e93009478075ec04f0ee407e8f83ab2558a892.tar.gz |
- (djm) Reestablish PAM credentials (which can be supplemental group
memberships) after initgroups() blows them away. Report and suggested
fix from Nalin Dahyabhai <nalin@redhat.com>
Diffstat (limited to 'auth-pam.c')
-rw-r--r-- | auth-pam.c | 7 |
1 files changed, 4 insertions, 3 deletions
@@ -33,7 +33,7 @@ #include "canohost.h" #include "readpass.h" -RCSID("$Id: auth-pam.c,v 1.33 2001/03/21 02:01:35 djm Exp $"); +RCSID("$Id: auth-pam.c,v 1.34 2001/03/27 06:12:24 djm Exp $"); #define NEW_AUTHTOK_MSG \ "Warning: Your password has expired, please change it now" @@ -287,14 +287,15 @@ void do_pam_session(char *username, const char *ttyname) } /* Set PAM credentials */ -void do_pam_setcred(void) +void do_pam_setcred(int init) { int pam_retval; do_pam_set_conv(&conv); debug("PAM establishing creds"); - pam_retval = pam_setcred(__pamh, PAM_ESTABLISH_CRED); + pam_retval = pam_setcred(__pamh, + init ? PAM_ESTABLISH_CRED : PAM_REINITIALIZE_CRED); if (pam_retval != PAM_SUCCESS) { if (was_authenticated) fatal("PAM setcred failed[%d]: %.200s", |