diff options
author | Darren Tucker <dtucker@zip.com.au> | 2010-11-05 13:00:05 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2010-11-05 13:00:05 +1100 |
commit | 728d8371a1dc1b615284ece94b0085897b4c0b51 (patch) | |
tree | 949dc94374774d643bb2799e4de1795fc92e559c /platform.c | |
parent | fd4d8aa2cbe0acad520ab168656759cb46054c03 (diff) | |
download | openssh-git-728d8371a1dc1b615284ece94b0085897b4c0b51.tar.gz |
- (dtucker) [platform.c session.c] Move the PAM credential establishment for
the LOGIN_CAP case into platform.c.
Diffstat (limited to 'platform.c')
-rw-r--r-- | platform.c | 16 |
1 files changed, 15 insertions, 1 deletions
@@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.8 2010/11/05 01:50:41 dtucker Exp $ */ +/* $Id: platform.c,v 1.9 2010/11/05 02:00:05 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -21,6 +21,8 @@ #include "openbsd-compat/openbsd-compat.h" +extern int use_privsep; + void platform_pre_listen(void) { @@ -79,6 +81,18 @@ platform_setusercontext(struct passwd *pw) if (getuid() == 0 || geteuid() == 0) setpgid(0, 0); # endif + +#if defined(HAVE_LOGIN_CAP) && defined(USE_PAM) + /* + * If we have both LOGIN_CAP and PAM, we want to establish creds + * before calling setusercontext (in session.c:do_setusercontext). + */ + if (getuid() == 0 || geteuid() == 0) { + if (options.use_pam) { + do_pam_setcred(use_privsep); + } + } +# endif /* USE_PAM */ } /* |