summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Rekorajski <baggins@sith.mimuw.edu.pl>2000-12-01 18:22:34 +0000
committerJan Rekorajski <baggins@sith.mimuw.edu.pl>2000-12-01 18:22:34 +0000
commit74caf6ff817de8e4d6cab5fafa5c01e88fb658b4 (patch)
tree9d712c64775b023d332ab370bf054a203c66b678
parent30661180000c3047534d128af7c0ca2e3d299d46 (diff)
Relevant BUGIDs: 124062
Purpose of commit: new feature Commit summary: --------------- add change_uid option to pam_limits, and set real uid only if this option is present
-rw-r--r--CHANGELOG2
-rw-r--r--doc/modules/pam_limits.sgml6
-rw-r--r--modules/pam_limits/README6
-rw-r--r--modules/pam_limits/pam_limits.c8
4 files changed, 20 insertions, 2 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 0fa94d0f..0b026dee 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -35,6 +35,8 @@ Where you should replace XXXXX with a bug-id.
0.73: please submit patches for this section with actual code/doc
patches!
+* add change_uid option to pam_limits, and set real uid only if
+ this option is present (Bug 124062 - baggins)
* pam_limits - set real uid to the user for who we set limits.
(Bug 123972 - baggins)
* removed static variables from pam_limits (thread safe now). (Bug
diff --git a/doc/modules/pam_limits.sgml b/doc/modules/pam_limits.sgml
index f7a2245e..3b30a2c3 100644
--- a/doc/modules/pam_limits.sgml
+++ b/doc/modules/pam_limits.sgml
@@ -74,6 +74,12 @@ verbose logging to <tt/syslog(3)/.
<item><tt>conf=/path/to/file.conf</tt> -
indicate an alternative <em/limits/ configuration file to the default.
+<item><tt/change_uid/ -
+change real uid to the user for who the limits are set up. Use this
+option if you have problems like login not forking a shell for user
+who has no processes. Be warned that something else may break when
+you do this.
+
</itemize>
<tag><bf>Examples/suggested usage:</bf></tag>
diff --git a/modules/pam_limits/README b/modules/pam_limits/README
index 06a6857a..918e6c91 100644
--- a/modules/pam_limits/README
+++ b/modules/pam_limits/README
@@ -68,6 +68,12 @@ ARGUMENTS RECOGNIZED:
conf=/path/to/file the limits configuration file if different from the
one set at compile time.
+ change_uid change real uid to the user for who the limits
+ are set up. Use this option if you have problems
+ like login not forking a shell for user who has
+ no processes. Be warned that something else
+ may break when you do this.
+
MODULE SERVICES PROVIDED:
session _open_session and _close_session (blank)
diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c
index 07dc3556..34d76bf5 100644
--- a/modules/pam_limits/pam_limits.c
+++ b/modules/pam_limits/pam_limits.c
@@ -91,6 +91,7 @@ static void _pam_log(int err, const char *format, ...)
/* argument parsing */
#define PAM_DEBUG_ARG 0x0001
+#define PAM_DO_SETREUID 0x0002
static int _pam_parse(int argc, const char **argv, struct pam_limit_s *pl)
{
@@ -105,6 +106,8 @@ static int _pam_parse(int argc, const char **argv, struct pam_limit_s *pl)
ctrl |= PAM_DEBUG_ARG;
else if (!strncmp(*argv,"conf=",5))
strcpy(pl->conf_file,*argv+5);
+ else if (!strncmp(*argv,"change_uid",10))
+ ctrl |= PAM_DO_SETREUID;
else {
_pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv);
}
@@ -564,8 +567,9 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags,
_pam_log(LOG_WARNING, "error parsing the configuration file");
return PAM_IGNORE;
}
-
- setreuid(pwd->pw_uid, -1);
+
+ if (ctrl & PAM_DO_SETREUID)
+ setreuid(pwd->pw_uid, -1);
retval = setup_limits(pwd->pw_name, ctrl, &pl);
if (retval & LOGIN_ERR) {
printf("\nToo many logins for '%s'\n",pwd->pw_name);