rpms
/
sudo
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
sudo/sudo-1.7.2p1-login.patch

112 lines
4.0 KiB
Diff
Raw Blame History

diff -up sudo-1.7.2p1/auth/pam.c.login sudo-1.7.2p1/auth/pam.c
--- sudo-1.7.2p1/auth/pam.c.login 2009-05-25 14:02:42.000000000 +0200
+++ sudo-1.7.2p1/auth/pam.c 2009-10-30 12:15:48.000000000 +0100
@@ -100,7 +100,13 @@ pam_init(pw, promptp, auth)
if (auth != NULL)
auth->data = (void *) &pam_status;
pam_conv.conv = sudo_conv;
- pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
+#ifdef HAVE_PAM_LOGIN
+ if (ISSET(sudo_mode, MODE_LOGIN_SHELL))
+ pam_status = pam_start("sudo-i", pw->pw_name, &pam_conv, &pamh);
+ else
+#endif
+ pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
+
if (pam_status != PAM_SUCCESS) {
log_error(USE_ERRNO|NO_EXIT|NO_MAIL, "unable to initialize PAM");
return(AUTH_FATAL);
diff -up sudo-1.7.2p1/configure.in.login sudo-1.7.2p1/configure.in
--- sudo-1.7.2p1/configure.in.login 2009-07-20 15:34:37.000000000 +0200
+++ sudo-1.7.2p1/configure.in 2009-10-30 12:16:24.000000000 +0100
@@ -394,6 +394,17 @@ AC_ARG_WITH(pam, [AS_HELP_STRING([--with
;;
esac])
+AC_ARG_WITH(pam-login, [ --with-pam-login enable specific PAM session for sudo -i],
+[case $with_pam_login in
+ yes) AC_DEFINE([HAVE_PAM_LOGIN], [], ["Define to 1 if you use specific PAM session for sodo -i."])
+ AC_MSG_CHECKING(whether to use PAM login)
+ AC_MSG_RESULT(yes)
+ ;;
+ no) ;;
+ *) AC_MSG_ERROR(["--with-pam-login does not take an argument."])
+ ;;
+esac])
+
AC_ARG_WITH(AFS, [AS_HELP_STRING([--with-AFS], [enable AFS support])],
[case $with_AFS in
yes) AC_DEFINE(HAVE_AFS)
diff -up sudo-1.7.2p1/env.c.login sudo-1.7.2p1/env.c
--- sudo-1.7.2p1/env.c.login 2009-06-23 20:24:42.000000000 +0200
+++ sudo-1.7.2p1/env.c 2009-10-30 12:15:48.000000000 +0100
@@ -102,7 +102,7 @@ struct environment {
/*
* Prototypes
*/
-void rebuild_env __P((int, int));
+void rebuild_env __P((int));
static void sudo_setenv __P((const char *, const char *, int));
static void sudo_putenv __P((char *, int, int));
@@ -562,8 +562,7 @@ matches_env_keep(var)
* Also adds sudo-specific variables (SUDO_*).
*/
void
-rebuild_env(sudo_mode, noexec)
- int sudo_mode;
+rebuild_env(noexec)
int noexec;
{
char **old_envp, **ep, *cp, *ps1;
diff -up sudo-1.7.2p1/sudo.c.login sudo-1.7.2p1/sudo.c
--- sudo-1.7.2p1/sudo.c.login 2009-05-27 02:49:07.000000000 +0200
+++ sudo-1.7.2p1/sudo.c 2009-10-30 12:15:48.000000000 +0100
@@ -126,7 +126,7 @@ static void usage_excl __P((int))
__attribute__((__noreturn__));
static struct passwd *get_authpw __P((void));
extern int sudo_edit __P((int, char **, char **));
-extern void rebuild_env __P((int, int));
+extern void rebuild_env __P((int));
void validate_env_vars __P((struct list_member *));
void insert_env_vars __P((struct list_member *));
@@ -157,6 +157,8 @@ login_cap_t *lc;
char *login_style;
#endif /* HAVE_BSD_AUTH_H */
sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp;
+
+int sudo_mode;
static char *runas_user;
static char *runas_group;
static struct sudo_nss_list *snl;
@@ -172,7 +174,7 @@ main(argc, argv, envp)
char **envp;
{
int sources = 0, validated;
- int fd, cmnd_status, sudo_mode, pwflag, rc = 0;
+ int fd, cmnd_status, pwflag, rc = 0;
sigaction_t sa;
struct sudo_nss *nss;
#if defined(SUDO_DEVEL) && defined(__OpenBSD__)
@@ -421,7 +423,7 @@ main(argc, argv, envp)
def_env_reset = FALSE;
/* Build a new environment that avoids any nasty bits. */
- rebuild_env(sudo_mode, def_noexec);
+ rebuild_env(def_noexec);
/* Fill in passwd struct based on user we are authenticating as. */
auth_pw = get_authpw();
diff -up sudo-1.7.2p1/sudo.h.login sudo-1.7.2p1/sudo.h
--- sudo-1.7.2p1/sudo.h.login 2009-05-25 14:02:41.000000000 +0200
+++ sudo-1.7.2p1/sudo.h 2009-10-30 12:15:48.000000000 +0100
@@ -334,6 +334,7 @@ extern struct passwd *auth_pw, *list_pw;
extern int tgetpass_flags;
extern int long_list;
extern uid_t timestamp_uid;
+extern int sudo_mode;
#endif
#ifndef errno
extern int errno;
Reference in New Issue View Git Blame Copy Permalink