diff options
| author | Damien Miller <djm@mindrot.org> | 2001-02-14 00:45:51 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2001-02-14 00:45:51 +1100 |
| commit | 6b4146ad739da603a298474db67824532508c3b8 (patch) | |
| tree | 827aa4bbbd6920b55649fb03016847a2a51bab2c | |
| parent | 3dfeee46d710c74f48919c827b2403dc7a63c591 (diff) | |
- (djm) Move PAM session initialisation until after fork in sshd. Patch
from Nalin Dahyabhai <nalin@redhat.com>
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | session.c | 14 |
2 files changed, 8 insertions, 10 deletions
| @@ -2,6 +2,8 @@ | |||
| 2 | - (djm) Don't try to close PAM session or delete credentials if the | 2 | - (djm) Don't try to close PAM session or delete credentials if the |
| 3 | session has not been open or credentials not set. Based on patch from | 3 | session has not been open or credentials not set. Based on patch from |
| 4 | Andrew Bartlett <abartlet@pcug.org.au> | 4 | Andrew Bartlett <abartlet@pcug.org.au> |
| 5 | - (djm) Move PAM session initialisation until after fork in sshd. Patch | ||
| 6 | from Nalin Dahyabhai <nalin@redhat.com> | ||
| 5 | 7 | ||
| 6 | 20010213 | 8 | 20010213 |
| 7 | - (djm) Only test -S potential EGD sockets if they exist and are readable. | 9 | - (djm) Only test -S potential EGD sockets if they exist and are readable. |
| @@ -3918,4 +3920,4 @@ | |||
| 3918 | - Wrote replacements for strlcpy and mkdtemp | 3920 | - Wrote replacements for strlcpy and mkdtemp |
| 3919 | - Released 1.0pre1 | 3921 | - Released 1.0pre1 |
| 3920 | 3922 | ||
| 3921 | $Id: ChangeLog,v 1.755 2001/02/13 13:43:55 djm Exp $ | 3923 | $Id: ChangeLog,v 1.756 2001/02/13 13:45:51 djm Exp $ |
| @@ -484,10 +484,6 @@ do_exec_no_pty(Session *s, const char *command, struct passwd * pw) | |||
| 484 | 484 | ||
| 485 | session_proctitle(s); | 485 | session_proctitle(s); |
| 486 | 486 | ||
| 487 | #ifdef USE_PAM | ||
| 488 | do_pam_setcred(); | ||
| 489 | #endif /* USE_PAM */ | ||
| 490 | |||
| 491 | /* Fork the child. */ | 487 | /* Fork the child. */ |
| 492 | if ((pid = fork()) == 0) { | 488 | if ((pid = fork()) == 0) { |
| 493 | /* Child. Reinitialize the log since the pid has changed. */ | 489 | /* Child. Reinitialize the log since the pid has changed. */ |
| @@ -600,11 +596,6 @@ do_exec_pty(Session *s, const char *command, struct passwd * pw) | |||
| 600 | ptyfd = s->ptyfd; | 596 | ptyfd = s->ptyfd; |
| 601 | ttyfd = s->ttyfd; | 597 | ttyfd = s->ttyfd; |
| 602 | 598 | ||
| 603 | #ifdef USE_PAM | ||
| 604 | do_pam_session(pw->pw_name, s->tty); | ||
| 605 | do_pam_setcred(); | ||
| 606 | #endif /* USE_PAM */ | ||
| 607 | |||
| 608 | /* Fork the child. */ | 599 | /* Fork the child. */ |
| 609 | if ((pid = fork()) == 0) { | 600 | if ((pid = fork()) == 0) { |
| 610 | /* Child. Reinitialize the log because the pid has changed. */ | 601 | /* Child. Reinitialize the log because the pid has changed. */ |
| @@ -1156,6 +1147,11 @@ do_child(const char *command, struct passwd * pw, const char *term, | |||
| 1156 | shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); | 1147 | shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); |
| 1157 | #endif | 1148 | #endif |
| 1158 | 1149 | ||
| 1150 | #ifdef USE_PAM | ||
| 1151 | do_pam_session(pw->pw_name, ttyname); | ||
| 1152 | do_pam_setcred(); | ||
| 1153 | #endif /* USE_PAM */ | ||
| 1154 | |||
| 1159 | #ifdef AFS | 1155 | #ifdef AFS |
| 1160 | /* Try to get AFS tokens for the local cell. */ | 1156 | /* Try to get AFS tokens for the local cell. */ |
| 1161 | if (k_hasafs()) { | 1157 | if (k_hasafs()) { |