summaryrefslogtreecommitdiff
path: root/modules/pam_namespace/pam_namespace.c
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_namespace/pam_namespace.c')
-rw-r--r--modules/pam_namespace/pam_namespace.c24
1 files changed, 7 insertions, 17 deletions
diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c
index e0d5e30b..d02ea09e 100644
--- a/modules/pam_namespace/pam_namespace.c
+++ b/modules/pam_namespace/pam_namespace.c
@@ -1205,6 +1205,11 @@ static int inst_init(const struct polydir_s *polyptr, const char *ipath,
_exit(1);
}
#endif
+ /* Pass maximum privs when we exec() */
+ if (setuid(geteuid()) < 0) {
+ /* ignore failures, they don't matter */
+ }
+
if (execle(init_script, init_script,
polyptr->dir, ipath, newdir?"1":"0", idata->user, NULL, envp) < 0)
_exit(1);
@@ -2003,7 +2008,7 @@ static int get_user_data(struct instance_data *idata)
/*
* Entry point from pam_open_session call.
*/
-PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
+int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
int argc, const char **argv)
{
int i, retval;
@@ -2099,7 +2104,7 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
/*
* Entry point from pam_close_session call.
*/
-PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
+int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
int argc, const char **argv)
{
int i, retval;
@@ -2178,18 +2183,3 @@ PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
return PAM_SUCCESS;
}
-
-#ifdef PAM_STATIC
-
-/* static module data */
-
-struct pam_module _pam_namespace_modstruct = {
- "pam_namespace",
- NULL,
- NULL,
- NULL,
- pam_sm_open_session,
- pam_sm_close_session,
- NULL
-};
-#endif
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 04:05:09 +0000