From 2535f925c1a6049e5ad9ee4f313bcaa79131932b Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tm@t8m.info>
Date: Fri, 1 Feb 2008 16:22:23 +0000
Subject: Relevant BUGIDs:

Purpose of commit: new feature

Commit summary:
---------------
2008-02-01  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_namespace/namespace.conf.5.xml: Add documentation for
        tmpfs and tmpdir polyinst and for ~ user list modifier.
        * modules/pam_namespace/namespace.init: Add documentation for the
        new init parameter. Add home directory initialization script.
        * modules/pam_namespace/pam_namespace.8.xml: Document the new
        init parameter of the namespace.init script.
        * modules/pam_namespace/pam_namespace.c(copy_ent): Copy exclusive flag.
        (cleanup_data): New function.
        (process_line): Set exclusive flag. Add tmpfs and tmpdir methods.
        (ns_override): Change behavior on the exclusive flag.
        (poly_name): Process tmpfs and tmpdir methods.
        (inst_init): Add flag for new directory initialization.
        (create_dirs): Process the tmpdir method, add the new directory
        flag.
        (ns_setup): Remove unused code. Process the tmpfs method.
        (cleanup_tmpdirs): New function.
        (setup_namespace): Set data for proper cleanup. Cleanup the tmpdirs
        on failures.
        (pam_sm_close_session): Instead of parsing the config file again use
        the previously set data for cleanup.
        * modules/pam_namespace/pam_namespace.h: Add TMPFS and TMPDIR methods
        and exclusive flag.
---
 modules/pam_namespace/pam_namespace.h | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'modules/pam_namespace/pam_namespace.h')

diff --git a/modules/pam_namespace/pam_namespace.h b/modules/pam_namespace/pam_namespace.h
index 0847ec08..4b438899 100644
--- a/modules/pam_namespace/pam_namespace.h
+++ b/modules/pam_namespace/pam_namespace.h
@@ -90,6 +90,7 @@
 #define PAMNS_NO_UNMOUNT_ON_CLOSE  0x00010000 /* no unmount at session close */
 
 #define NAMESPACE_MAX_DIR_LEN 80
+#define NAMESPACE_POLYDIR_DATA "pam_namespace:polydir_data"
 
 /*
  * Polyinstantiation method options, based on user, security context
@@ -100,6 +101,8 @@ enum polymethod {
     USER,
     CONTEXT,
     LEVEL,
+    TMPDIR,
+    TMPFS
 };
 
 /*
@@ -128,6 +131,7 @@ struct polydir_s {
     enum polymethod method;		/* method used to polyinstantiate */
     unsigned int num_uids;		/* number of override uids */
     uid_t *uid;				/* list of override uids */
+    int exclusive;			/* polyinstatiate exclusively for override uids */
     struct polydir_s *next;		/* pointer to the next polydir entry */
 };
 
-- 
cgit v1.2.3