diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | modules/pam_sepermit/pam_sepermit.c | 3 |
2 files changed, 8 insertions, 0 deletions
@@ -1,3 +1,8 @@ +2008-03-31 Dan Walsh <dwalsh@redhat.com> + + * modules/pam_sepermit/pam_sepermit.c(sepermit_lock): Mark lock fd to + be closed on exec. + 2008-03-25 Leah Liu <lliu@redhat.com> * po/zh_CN.po: Updated translation. diff --git a/modules/pam_sepermit/pam_sepermit.c b/modules/pam_sepermit/pam_sepermit.c index 47f95030..0d5ab21a 100644 --- a/modules/pam_sepermit/pam_sepermit.c +++ b/modules/pam_sepermit/pam_sepermit.c @@ -207,6 +207,9 @@ sepermit_lock(pam_handle_t *pamh, const char *user, int debug) return -1; } + /* Need to close on exec */ + fcntl(fd, F_SETFD, FD_CLOEXEC); + if (fcntl(fd, F_SETLK, &fl) == -1) { pam_syslog(pamh, LOG_ERR, "User %s with exclusive login already logged in", user); close(fd); |