From 2324e72d69927a7d2b6c8c67d641d35066484474 Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <kukuk@thkukuk.de>
Date: Mon, 14 Mar 2005 09:42:27 +0000
Subject: Relevant BUGIDs: Novell #66885

Purpose of commit: bugfix

Commit summary:
---------------

DISPLAY variable was not preserved, which means that pam_xauth only
works if the calling application takes care of it.
---
 CHANGELOG                     |  1 +
 modules/pam_xauth/pam_xauth.c | 30 +++++++++++++++++++++++++-----
 2 files changed, 26 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG b/CHANGELOG
index 9ae5d7a3..458adba8 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -83,6 +83,7 @@ BerliOS Bugs are marked with (BerliOS #XXXX).
 * pam_shells: correct README
 * libpam: Fix debug code (kukuk)
 * pam_limits: Fix order of LIMITS_DEF_* priorities (kukuk)
+* pam_xauth: preserve DISPLAY variable (Novell #66885 - kukuk)
 
 0.78: Do Nov 18 14:48:36 CET 2004
 
diff --git a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c
index bde432e2..700edbd3 100644
--- a/modules/pam_xauth/pam_xauth.c
+++ b/modules/pam_xauth/pam_xauth.c
@@ -542,13 +542,33 @@ pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv)
 		}
 
 		/* Unset any old XAUTHORITY variable in the environment. */
-		if (getenv(XAUTHENV)) {
-			unsetenv(XAUTHENV);
-		}
+		if (getenv (XAUTHENV))
+		  unsetenv (XAUTHENV);
 
 		/* Set the new variable in the environment. */
-		pam_putenv(pamh, xauthority);
-		putenv(xauthority); /* The environment owns this string now. */
+		if (pam_putenv (pamh, xauthority) != PAM_SUCCESS)
+		  syslog (LOG_DEBUG, "pam_xauth: can't set environment variable '%s'",
+			  xauthority);
+		putenv (xauthority); /* The environment owns this string now. */
+
+		/* set $DISPLAY in pam handle to make su - work */
+		{
+		  char *d = (char *) malloc (strlen ("DISPLAY=") +
+					     strlen (display) + 1);
+		  if (d == NULL)
+		    {
+		      syslog (LOG_DEBUG, "pam_xauth: memory exhausted\n");
+		      return PAM_SESSION_ERR;
+		    }
+		  strcpy (d, "DISPLAY=");
+		  strcat (d, display);
+
+		  if (pam_putenv (pamh, d) != PAM_SUCCESS)
+		    syslog (LOG_DEBUG,
+			    "pam_xauth: can't set environment variable '%s'",
+			    d);
+		  free (d);
+		}
 
 		/* Merge the cookie we read before into the new file. */
 		if (debug) {
-- 
cgit v1.2.3