105 lines
3.5 KiB
Diff
105 lines
3.5 KiB
Diff
--- sudo-1.6.9p4/auth/pam.c.login 2007-07-22 14:14:53.000000000 +0200
|
|
+++ sudo-1.6.9p4/auth/pam.c 2007-08-20 11:08:33.000000000 +0200
|
|
@@ -89,7 +89,12 @@
|
|
if (auth != NULL)
|
|
auth->data = (VOID *) &pam_status;
|
|
pam_conv.conv = sudo_conv;
|
|
- pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
|
|
+#ifdef HAVE_PAM_LOGIN
|
|
+ if (ISSET(sudo_mode, MODE_LOGIN_SHELL))
|
|
+ pam_status = pam_start("sudo-i", pw->pw_name, &pam_conv, &pamh);
|
|
+ else
|
|
+#endif
|
|
+ pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
|
|
if (pam_status != PAM_SUCCESS) {
|
|
log_error(USE_ERRNO|NO_EXIT|NO_MAIL, "unable to initialize PAM");
|
|
return(AUTH_FATAL);
|
|
--- sudo-1.6.9p4/env.c.login 2007-07-31 20:04:31.000000000 +0200
|
|
+++ sudo-1.6.9p4/env.c 2007-08-20 11:24:48.000000000 +0200
|
|
@@ -104,7 +104,7 @@
|
|
/*
|
|
* Prototypes
|
|
*/
|
|
-char **rebuild_env __P((char **, int, int));
|
|
+char **rebuild_env __P((char **, int));
|
|
static void insert_env __P((char *, struct environment *, int));
|
|
static char *format_env __P((char *, ...));
|
|
|
|
@@ -391,9 +391,8 @@
|
|
* Also adds sudo-specific variables (SUDO_*).
|
|
*/
|
|
char **
|
|
-rebuild_env(envp, sudo_mode, noexec)
|
|
+rebuild_env(envp, noexec)
|
|
char **envp;
|
|
- int sudo_mode;
|
|
int noexec;
|
|
{
|
|
char **ep, *cp, *ps1;
|
|
--- sudo-1.6.9p4/configure.in.login 2007-08-15 15:48:51.000000000 +0200
|
|
+++ sudo-1.6.9p4/configure.in 2007-08-20 11:08:33.000000000 +0200
|
|
@@ -351,6 +351,17 @@
|
|
;;
|
|
esac])
|
|
|
|
+AC_ARG_WITH(pam-login, [ --with-pam-login enable specific PAM session for sudo -i],
|
|
+[case $with_pam_login in
|
|
+ yes) AC_DEFINE([HAVE_PAM_LOGIN], [], ["Define to 1 if you use specific PAM session for sodo -i."])
|
|
+ AC_MSG_CHECKING(whether to use PAM login)
|
|
+ AC_MSG_RESULT(yes)
|
|
+ ;;
|
|
+ no) ;;
|
|
+ *) AC_MSG_ERROR(["--with-pam-login does not take an argument."])
|
|
+ ;;
|
|
+esac])
|
|
+
|
|
AC_ARG_WITH(AFS, [ --with-AFS enable AFS support],
|
|
[case $with_AFS in
|
|
yes) AC_DEFINE(HAVE_AFS)
|
|
--- sudo-1.6.9p4/sudo.h.login 2007-07-06 16:14:34.000000000 +0200
|
|
+++ sudo-1.6.9p4/sudo.h 2007-08-20 11:33:45.000000000 +0200
|
|
@@ -268,6 +268,7 @@
|
|
extern FILE *sudoers_fp;
|
|
extern int tgetpass_flags;
|
|
extern uid_t timestamp_uid;
|
|
+extern int sudo_mode;
|
|
#endif
|
|
#ifndef errno
|
|
extern int errno;
|
|
--- sudo-1.6.9p4/sudo.c.login 2007-08-15 15:48:56.000000000 +0200
|
|
+++ sudo-1.6.9p4/sudo.c 2007-08-20 11:34:07.000000000 +0200
|
|
@@ -122,7 +122,7 @@
|
|
static struct passwd *get_authpw __P((void));
|
|
extern int sudo_edit __P((int, char **, char **));
|
|
extern void list_matches __P((void));
|
|
-extern char **rebuild_env __P((char **, int, int));
|
|
+extern char **rebuild_env __P((char **, int));
|
|
extern void validate_env_vars __P((struct list_member *));
|
|
extern char **insert_env_vars __P((char **, struct list_member *));
|
|
extern struct passwd *sudo_getpwnam __P((const char *));
|
|
@@ -153,6 +153,7 @@
|
|
char *login_style;
|
|
#endif /* HAVE_BSD_AUTH_H */
|
|
sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp, saved_sa_chld;
|
|
+int sudo_mode;
|
|
|
|
|
|
int
|
|
@@ -164,7 +165,6 @@
|
|
int validated;
|
|
int fd;
|
|
int cmnd_status;
|
|
- int sudo_mode;
|
|
int pwflag;
|
|
sigaction_t sa;
|
|
extern int printmatches;
|
|
@@ -347,7 +347,7 @@
|
|
def_env_reset = FALSE;
|
|
|
|
/* Build a new environment that avoids any nasty bits. */
|
|
- environ = rebuild_env(environ, sudo_mode, ISSET(validated, FLAG_NOEXEC));
|
|
+ environ = rebuild_env(envp, ISSET(validated, FLAG_NOEXEC));
|
|
|
|
/* Fill in passwd struct based on user we are authenticating as. */
|
|
auth_pw = get_authpw();
|