117 lines
3.7 KiB
Diff
117 lines
3.7 KiB
Diff
--- sudo-1.6.8p12/configure.in.login 2006-07-16 15:25:33.000000000 +0200
|
|
+++ sudo-1.6.8p12/configure.in 2006-07-16 15:49:08.000000000 +0200
|
|
@@ -357,6 +357,17 @@
|
|
;;
|
|
esac])
|
|
|
|
+AC_ARG_WITH(pam-login, [ --with-pam-login enable specific PAM session for sudo -i],
|
|
+[case $with_pam_login in
|
|
+ yes) AC_DEFINE(HAVE_PAM_LOGIN)
|
|
+ AC_MSG_CHECKING(whether to use PAM login)
|
|
+ AC_MSG_RESULT(yes)
|
|
+ ;;
|
|
+ no) ;;
|
|
+ *) AC_MSG_ERROR(["--with-pam-login does not take an argument."])
|
|
+ ;;
|
|
+esac])
|
|
+
|
|
AC_ARG_WITH(AFS, [ --with-AFS enable AFS support],
|
|
[case $with_AFS in
|
|
yes) AC_DEFINE(HAVE_AFS)
|
|
--- sudo-1.6.8p12/sudo.c.login 2006-07-16 15:39:26.000000000 +0200
|
|
+++ sudo-1.6.8p12/sudo.c 2006-07-16 15:41:42.000000000 +0200
|
|
@@ -109,7 +109,7 @@
|
|
static struct passwd *get_authpw __P((void));
|
|
extern int sudo_edit __P((int, char **));
|
|
extern void list_matches __P((void));
|
|
-extern char **rebuild_env __P((char **, int, int));
|
|
+extern char **rebuild_env __P((char **, int));
|
|
extern char **zero_env __P((char **));
|
|
extern struct passwd *sudo_getpwnam __P((const char *));
|
|
extern struct passwd *sudo_getpwuid __P((uid_t));
|
|
@@ -140,6 +140,7 @@
|
|
#endif /* HAVE_BSD_AUTH_H */
|
|
sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp, saved_sa_chld;
|
|
void (*set_perms) __P((int));
|
|
+int sudo_mode;
|
|
|
|
|
|
int
|
|
@@ -151,7 +152,6 @@
|
|
int validated;
|
|
int fd;
|
|
int cmnd_status;
|
|
- int sudo_mode;
|
|
int pwflag;
|
|
char **new_environ;
|
|
sigaction_t sa;
|
|
@@ -368,7 +368,7 @@
|
|
|
|
/* Build a new environment that avoids any nasty bits if we have a cmnd. */
|
|
if (ISSET(sudo_mode, MODE_RUN))
|
|
- new_environ = rebuild_env(envp, sudo_mode, ISSET(validated, FLAG_NOEXEC));
|
|
+ new_environ = rebuild_env(envp, ISSET(validated, FLAG_NOEXEC));
|
|
else
|
|
new_environ = envp;
|
|
|
|
--- sudo-1.6.8p12/auth/pam.c.login 2006-07-16 15:41:59.000000000 +0200
|
|
+++ sudo-1.6.8p12/auth/pam.c 2006-07-16 15:45:15.000000000 +0200
|
|
@@ -89,7 +89,12 @@
|
|
if (auth != NULL)
|
|
auth->data = (VOID *) &pam_status;
|
|
pam_conv.conv = sudo_conv;
|
|
- pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
|
|
+#ifdef HAVE_PAM_LOGIN
|
|
+ if (ISSET(sudo_mode, MODE_LOGIN_SHELL))
|
|
+ pam_status = pam_start("sudo-i", pw->pw_name, &pam_conv, &pamh);
|
|
+ else
|
|
+#endif
|
|
+ pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
|
|
if (pam_status != PAM_SUCCESS) {
|
|
log_error(USE_ERRNO|NO_EXIT|NO_MAIL, "unable to initialize PAM");
|
|
return(AUTH_FATAL);
|
|
--- sudo-1.6.8p12/env.c.login 2006-07-16 15:40:14.000000000 +0200
|
|
+++ sudo-1.6.8p12/env.c 2006-07-16 15:57:19.000000000 +0200
|
|
@@ -77,7 +77,7 @@
|
|
/*
|
|
* Prototypes
|
|
*/
|
|
-char **rebuild_env __P((char **, int, int));
|
|
+char **rebuild_env __P((char **, int));
|
|
char **zero_env __P((char **));
|
|
static void insert_env __P((char *, int));
|
|
static char *format_env __P((char *, ...));
|
|
@@ -321,9 +321,8 @@
|
|
* Also adds sudo-specific variables (SUDO_*).
|
|
*/
|
|
char **
|
|
-rebuild_env(envp, sudo_mode, noexec)
|
|
+rebuild_env(envp, noexec)
|
|
char **envp;
|
|
- int sudo_mode;
|
|
int noexec;
|
|
{
|
|
char **ep, *cp, *ps1;
|
|
--- sudo-1.6.8p12/sudo.h.login 2006-07-16 15:59:08.000000000 +0200
|
|
+++ sudo-1.6.8p12/sudo.h 2006-07-16 15:59:38.000000000 +0200
|
|
@@ -251,6 +251,7 @@
|
|
extern FILE *sudoers_fp;
|
|
extern int tgetpass_flags;
|
|
extern uid_t timestamp_uid;
|
|
+extern int sudo_mode;
|
|
|
|
extern void (*set_perms) __P((int));
|
|
#endif
|
|
--- sudo-1.6.8p12/config.h.in.login 2006-07-16 15:32:09.000000000 +0200
|
|
+++ sudo-1.6.8p12/config.h.in 2006-07-16 15:32:56.000000000 +0200
|
|
@@ -230,6 +230,9 @@
|
|
/* Define to 1 if you use PAM authentication. */
|
|
#undef HAVE_PAM
|
|
|
|
+/* Define to 1 if you use specific PAM session for sodo -i. */
|
|
+#undef HAVE_PAM_LOGIN
|
|
+
|
|
/* Define to 1 if you have the <pam/pam_appl.h> header file. */
|
|
#undef HAVE_PAM_PAM_APPL_H
|
|
|