New upstream version 1.3.0

1 files changed, 9 insertions, 4 deletions

diff --git a/modules/pam_selinux/pam_selinux.c b/modules/pam_selinux/pam_selinux.c
index b96cc236..6daba1ed 100644
--- a/modules/pam_selinux/pam_selinux.c
+++ b/modules/pam_selinux/pam_selinux.c
@@ -491,12 +491,17 @@ compute_exec_context(pam_handle_t *pamh, module_data_t *data,
   char *level = NULL;
   security_context_t *contextlist = NULL;
   int num_contexts = 0;
+  const struct passwd *pwd;
 
   if (!(username = get_item(pamh, PAM_USER))) {
     pam_syslog(pamh, LOG_ERR, "Cannot obtain the user name");
     return PAM_USER_UNKNOWN;
   }
 
+  if ((pwd = pam_modutil_getpwnam(pamh, username)) != NULL) {
+    username = pwd->pw_name;
+  } /* ignore error and keep using original username */
+
   /* compute execute context */
 #ifdef HAVE_GETSEUSER
   if (!(service = get_item(pamh, PAM_SERVICE))) {
@@ -752,7 +757,7 @@ create_context(pam_handle_t *pamh, int argc, const char **argv,
   return set_context(pamh, data, debug, verbose);
 }
 
-PAM_EXTERN int
+int
 pam_sm_authenticate(pam_handle_t *pamh UNUSED, int flags UNUSED,
 		    int argc UNUSED, const char **argv UNUSED)
 {
@@ -760,14 +765,14 @@ pam_sm_authenticate(pam_handle_t *pamh UNUSED, int flags UNUSED,
   return PAM_AUTH_ERR;
 }
 
-PAM_EXTERN int
+int
 pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED,
 	       int argc UNUSED, const char **argv UNUSED)
 {
   return PAM_SUCCESS;
 }
 
-PAM_EXTERN int
+int
 pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
 		    int argc, const char **argv)
 {
@@ -808,7 +813,7 @@ pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
     create_context(pamh, argc, argv, debug, verbose);
 }
 
-PAM_EXTERN int
+int
 pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
 		     int argc, const char **argv)
 {