From 5446d7c0392279696b941b65f21b383e7c01511c Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tm@t8m.info>
Date: Mon, 18 Dec 2006 21:07:42 +0000
Subject: Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2006-12-18  Tomas Mraz  <t8m@centrum.cz>

        * modules/pam_keyinit/pam_keyinit.c (kill_keyrings): Switch to new
        egid first, euid next. Revert euid/egid to old euid/egid and not
        ruid/rgid.
        (pam_sm_open_session): Switch to new rgid first, ruid next.
---
 modules/pam_keyinit/pam_keyinit.c | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

(limited to 'modules')

diff --git a/modules/pam_keyinit/pam_keyinit.c b/modules/pam_keyinit/pam_keyinit.c
index 452b0005..378a7723 100644
--- a/modules/pam_keyinit/pam_keyinit.c
+++ b/modules/pam_keyinit/pam_keyinit.c
@@ -132,21 +132,21 @@ static void kill_keyrings(pam_handle_t *pamh)
 	if (my_session_keyring > 0) {
 		debug(pamh, "REVOKE %d", my_session_keyring);
 
-		old_uid = getuid();
-		old_gid = getgid();
+		old_uid = geteuid();
+		old_gid = getegid();
 		debug(pamh, "UID:%d [%d]  GID:%d [%d]",
 		      revoke_as_uid, old_uid, revoke_as_gid, old_gid);
 
 		/* switch to the real UID and GID so that we have permission to
 		 * revoke the key */
-		if (revoke_as_uid != old_uid && setreuid(-1, revoke_as_uid) < 0)
-			error(pamh, "Unable to change UID to %d temporarily\n",
-			      revoke_as_uid);
-
 		if (revoke_as_gid != old_gid && setregid(-1, revoke_as_gid) < 0)
 			error(pamh, "Unable to change GID to %d temporarily\n",
 			      revoke_as_gid);
 
+		if (revoke_as_uid != old_uid && setreuid(-1, revoke_as_uid) < 0)
+			error(pamh, "Unable to change UID to %d temporarily\n",
+			      revoke_as_uid);
+
 		syscall(__NR_keyctl,
 			KEYCTL_REVOKE,
 			my_session_keyring);
@@ -211,12 +211,14 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
 
 	/* switch to the real UID and GID so that the keyring ends up owned by
 	 * the right user */
-	if (uid != old_uid && setreuid(uid, -1) < 0)
-		return error(pamh, "Unable to change UID to %d temporarily\n", uid);
-
 	if (gid != old_gid && setregid(gid, -1) < 0) {
 		error(pamh, "Unable to change GID to %d temporarily\n", gid);
-		setreuid(old_uid, -1);
+		return PAM_SESSION_ERR;
+	}
+
+	if (uid != old_uid && setreuid(uid, -1) < 0) {
+		error(pamh, "Unable to change UID to %d temporarily\n", uid);
+		setregid(old_gid, -1);
 		return PAM_SESSION_ERR;
 	}
 
-- 
cgit v1.2.3