diff options
author | Steve Langasek <vorlon@debian.org> | 2019-01-02 12:24:44 -0800 |
---|---|---|
committer | Steve Langasek <vorlon@debian.org> | 2019-01-02 12:27:24 -0800 |
commit | a6f4ab0bebc76acf85cc0244bd21c1036009c28c (patch) | |
tree | df0d6a57d2b91ab9038e8d7b0d62f28c2daa66db /debian/patches-applied/045_pam_dispatch_jump_is_ignore | |
parent | 10b6243f4664747e815372070142d6c5853176da (diff) |
fix-up commit for grafting svn history onto git history
Diffstat (limited to 'debian/patches-applied/045_pam_dispatch_jump_is_ignore')
-rw-r--r-- | debian/patches-applied/045_pam_dispatch_jump_is_ignore | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/debian/patches-applied/045_pam_dispatch_jump_is_ignore b/debian/patches-applied/045_pam_dispatch_jump_is_ignore new file mode 100644 index 00000000..01d67d41 --- /dev/null +++ b/debian/patches-applied/045_pam_dispatch_jump_is_ignore @@ -0,0 +1,31 @@ + +Previously jumps were treated as PAM_IGNORE in the freezing part of +the chain and PAM_OK (aka required) in the frozen part of the chain. +No one on pam-list was able to explain this behavior, so I changed it +to be consistent. + +Index: Linux-PAM/libpam/pam_dispatch.c +=================================================================== +--- Linux-PAM/libpam/pam_dispatch.c.orig ++++ Linux-PAM/libpam/pam_dispatch.c +@@ -229,19 +229,7 @@ + if ( _PAM_ACTION_IS_JUMP(action) ) { + + /* If we are evaluating a cached chain, we treat this +- module as required (aka _PAM_ACTION_OK) as well as +- executing the jump. */ +- +- if (use_cached_chain) { +- if (impression == _PAM_UNDEF +- || (impression == _PAM_POSITIVE +- && status == PAM_SUCCESS) ) { +- if ( retval != PAM_IGNORE || cached_retval == retval ) { +- impression = _PAM_POSITIVE; +- status = retval; +- } +- } +- } ++ module as ignored as well as executing the jump. */ + + /* this means that we need to skip #action stacked modules */ + do { |