Handle SELinux authorisation roles

Rejected upstream due to discomfort with magic usernames; a better approach will need an SSH protocol change. In the meantime, this came from Debian's SELinux maintainer, so we'll keep it until we have something better. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 Bug-Debian: http://bugs.debian.org/394795 Last-Update: 2015-08-19 Patch-Name: selinux-role.patch
author: Manoj Srivastava <srivasta@debian.org> 2014-02-09 16:09:49 +0000
committer: Colin Watson <cjwatson@debian.org> 2016-03-10 13:00:39 +0000
commit: 16caff9bcfbc638ed7d2e01a338db678f138faa5 (patch)
tree: 4dc7fd839271789949e30e2c3edf255cf2f17a31 /auth.h
parent: 1b820bd5376b5b04403f0489b2e135566cedd4e6 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/auth.h b/auth.h
index 2160154f4..3b3a0853e 100644
--- a/auth.h
+++ b/auth.h
@@ -62,6 +62,7 @@ struct Authctxt {
        char            *service;
        struct passwd   *pw;            /* set if 'valid' */
        char            *style;
+        char            *role;
        void            *kbdintctxt;
        char            *info;          /* Extra info for next auth_log */
 #ifdef BSD_AUTH
author	Manoj Srivastava <srivasta@debian.org>	2014-02-09 16:09:49 +0000
committer	Colin Watson <cjwatson@debian.org>	2016-03-10 13:00:39 +0000
commit	16caff9bcfbc638ed7d2e01a338db678f138faa5 (patch)
tree	4dc7fd839271789949e30e2c3edf255cf2f17a31 /auth.h
parent	1b820bd5376b5b04403f0489b2e135566cedd4e6 (diff)

diff --git a/auth.h b/auth.h index 2160154f4..3b3a0853e 100644 --- a/auth.h +++ b/auth.h
@@ -62,6 +62,7 @@ struct Authctxt {
62	char *service;	62	char *service;
63	struct passwd pw; / set if 'valid' */	63	struct passwd pw; / set if 'valid' */
64	char *style;	64	char *style;
		65	char *role;
65	void *kbdintctxt;	66	void *kbdintctxt;
66	char info; / Extra info for next auth_log */	67	char info; / Extra info for next auth_log */
67	#ifdef BSD_AUTH	68	#ifdef BSD_AUTH