diff options
Diffstat (limited to 'debian/patches-applied/008_modules_pam_limits_chroot')
-rw-r--r-- | debian/patches-applied/008_modules_pam_limits_chroot | 132 |
1 files changed, 0 insertions, 132 deletions
diff --git a/debian/patches-applied/008_modules_pam_limits_chroot b/debian/patches-applied/008_modules_pam_limits_chroot deleted file mode 100644 index 7a86fdd5..00000000 --- a/debian/patches-applied/008_modules_pam_limits_chroot +++ /dev/null @@ -1,132 +0,0 @@ -Index: pam/modules/pam_limits/pam_limits.c -=================================================================== ---- pam.orig/modules/pam_limits/pam_limits.c -+++ pam/modules/pam_limits/pam_limits.c -@@ -90,6 +90,7 @@ - specific user or to count all logins */ - int priority; /* the priority to run user process with */ - int nonewprivs; /* whether to prctl(PR_SET_NO_NEW_PRIVS) */ -+ char chroot_dir[8092]; /* directory to chroot into */ - struct user_limits_struct limits[RLIM_NLIMITS]; - const char *conf_file; - int utmp_after_pam_call; -@@ -101,6 +102,7 @@ - - #define LIMIT_PRI RLIM_NLIMITS+3 - #define LIMIT_NONEWPRIVS RLIM_NLIMITS+4 -+#define LIMIT_CHROOT RLIM_NLIMITS+5 - - #define LIMIT_SOFT 1 - #define LIMIT_HARD 2 -@@ -484,6 +486,8 @@ - pl->login_limit = -2; - pl->login_limit_def = LIMITS_DEF_NONE; - -+ pl->chroot_dir[0] = '\0'; -+ - return retval; - } - -@@ -591,6 +595,8 @@ - limit_item = LIMIT_PRI; - } else if (strcmp(lim_item, "nonewprivs") == 0) { - limit_item = LIMIT_NONEWPRIVS; -+ } else if (strcmp(lim_item, "chroot") == 0) { -+ limit_item = LIMIT_CHROOT; - } else { - pam_syslog(pamh, LOG_DEBUG, "unknown limit item '%s'", lim_item); - return; -@@ -640,9 +646,9 @@ - pam_syslog(pamh, LOG_DEBUG, - "wrong limit value '%s' for limit type '%s'", - lim_value, lim_type); -- return; -+ return; - } -- } else { -+ } else if (limit_item != LIMIT_CHROOT) { - #ifdef __USE_FILE_OFFSET64 - rlimit_value = strtoull (lim_value, &endptr, 10); - #else -@@ -717,7 +723,11 @@ - break; - } - -- if ( (limit_item != LIMIT_LOGIN) -+ if (limit_item == LIMIT_CHROOT) { -+ strncpy(pl->chroot_dir, value_orig, sizeof(pl->chroot_dir)-1); -+ pl->chroot_dir[sizeof(pl->chroot_dir)-1]='\0'; -+ } -+ else if ( (limit_item != LIMIT_LOGIN) - && (limit_item != LIMIT_NUMSYSLOGINS) - && (limit_item != LIMIT_PRI) - && (limit_item != LIMIT_NONEWPRIVS) ) { -@@ -1071,6 +1081,15 @@ - } - } - -+ if (!retval && pl->chroot_dir[0]) { -+ i = chdir(pl->chroot_dir); -+ if (i == 0) -+ i = chroot(pl->chroot_dir); -+ if (i == 0) -+ i = chdir("/"); -+ if (i != 0) -+ retval = LIMIT_ERR; -+ } - return retval; - } - -Index: pam/modules/pam_limits/limits.conf.5.xml -=================================================================== ---- pam.orig/modules/pam_limits/limits.conf.5.xml -+++ pam/modules/pam_limits/limits.conf.5.xml -@@ -273,6 +273,12 @@ - (Linux 2.6.12 and higher)</para> - </listitem> - </varlistentry> -+ <varlistentry> -+ <term><option>chroot</option></term> -+ <listitem> -+ <para>the directory to chroot the user to</para> -+ </listitem> -+ </varlistentry> - </variablelist> - </listitem> - </varlistentry> -Index: pam/modules/pam_limits/limits.conf.5 -=================================================================== ---- pam.orig/modules/pam_limits/limits.conf.5 -+++ pam/modules/pam_limits/limits.conf.5 -@@ -279,6 +279,11 @@ - .RS 4 - maximum realtime priority allowed for non\-privileged processes (Linux 2\&.6\&.12 and higher) - .RE -+.PP -+\fBchroot\fR -+.RS 4 -+the directory to chroot the user to -+.RE - .RE - .PP - All items support the values -Index: pam/modules/pam_limits/limits.conf -=================================================================== ---- pam.orig/modules/pam_limits/limits.conf -+++ pam/modules/pam_limits/limits.conf -@@ -46,6 +46,7 @@ - # - msgqueue - max memory used by POSIX message queues (bytes) - # - nice - max nice priority allowed to raise to values: [-20, 19] - # - rtprio - max realtime priority -+# - chroot - change root to directory (Debian-specific) - # - #<domain> <type> <item> <value> - # -@@ -56,6 +57,7 @@ - #@faculty soft nproc 20 - #@faculty hard nproc 50 - #ftp hard nproc 0 -+#ftp - chroot /ftp - #@student - maxlogins 4 - - # End of file |