diff options
| author | Jan Rekorajski <baggins@sith.mimuw.edu.pl> | 2000-12-01 18:22:34 +0000 |
|---|---|---|
| committer | Jan Rekorajski <baggins@sith.mimuw.edu.pl> | 2000-12-01 18:22:34 +0000 |
| commit | 74caf6ff817de8e4d6cab5fafa5c01e88fb658b4 (patch) | |
| tree | 9d712c64775b023d332ab370bf054a203c66b678 /modules/pam_limits | |
| parent | 30661180000c3047534d128af7c0ca2e3d299d46 (diff) | |
Relevant BUGIDs: 124062
Purpose of commit: new feature
Commit summary:
---------------
add change_uid option to pam_limits, and set real uid only
if this option is present
Diffstat (limited to 'modules/pam_limits')
| -rw-r--r-- | modules/pam_limits/README | 6 | ||||
| -rw-r--r-- | modules/pam_limits/pam_limits.c | 8 |
2 files changed, 12 insertions, 2 deletions
diff --git a/modules/pam_limits/README b/modules/pam_limits/README index 06a6857a..918e6c91 100644 --- a/modules/pam_limits/README +++ b/modules/pam_limits/README @@ -68,6 +68,12 @@ ARGUMENTS RECOGNIZED: conf=/path/to/file the limits configuration file if different from the one set at compile time. + change_uid change real uid to the user for who the limits + are set up. Use this option if you have problems + like login not forking a shell for user who has + no processes. Be warned that something else + may break when you do this. + MODULE SERVICES PROVIDED: session _open_session and _close_session (blank) diff --git a/modules/pam_limits/pam_limits.c b/modules/pam_limits/pam_limits.c index 07dc3556..34d76bf5 100644 --- a/modules/pam_limits/pam_limits.c +++ b/modules/pam_limits/pam_limits.c @@ -91,6 +91,7 @@ static void _pam_log(int err, const char *format, ...) /* argument parsing */ #define PAM_DEBUG_ARG 0x0001 +#define PAM_DO_SETREUID 0x0002 static int _pam_parse(int argc, const char **argv, struct pam_limit_s *pl) { @@ -105,6 +106,8 @@ static int _pam_parse(int argc, const char **argv, struct pam_limit_s *pl) ctrl |= PAM_DEBUG_ARG; else if (!strncmp(*argv,"conf=",5)) strcpy(pl->conf_file,*argv+5); + else if (!strncmp(*argv,"change_uid",10)) + ctrl |= PAM_DO_SETREUID; else { _pam_log(LOG_ERR,"pam_parse: unknown option; %s",*argv); } @@ -564,8 +567,9 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, _pam_log(LOG_WARNING, "error parsing the configuration file"); return PAM_IGNORE; } - - setreuid(pwd->pw_uid, -1); + + if (ctrl & PAM_DO_SETREUID) + setreuid(pwd->pw_uid, -1); retval = setup_limits(pwd->pw_name, ctrl, &pl); if (retval & LOGIN_ERR) { printf("\nToo many logins for '%s'\n",pwd->pw_name); |