diff options
| author | Damien Miller <djm@mindrot.org> | 2011-05-20 11:23:07 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2011-05-20 11:23:07 +1000 |
| commit | 14684a1f84e2c8fc949ccff1a6dce10e9bf52ac2 (patch) | |
| tree | 48aaa36819a2a656ac6aea9db4c8c0bfece75914 /session.c | |
| parent | 23f425b48b5c496a4a2f5289a491852e21a97623 (diff) | |
- (djm) [session.c] call setexeccon() before executing passwd for pw
changes; bz#1891 reported by jchadima AT redhat.com; ok dtucker@
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 7 |
1 files changed, 7 insertions, 0 deletions
| @@ -96,6 +96,10 @@ | |||
| 96 | #include <kafs.h> | 96 | #include <kafs.h> |
| 97 | #endif | 97 | #endif |
| 98 | 98 | ||
| 99 | #ifdef WITH_SELINUX | ||
| 100 | #include <selinux/selinux.h> | ||
| 101 | #endif | ||
| 102 | |||
| 99 | #define IS_INTERNAL_SFTP(c) \ | 103 | #define IS_INTERNAL_SFTP(c) \ |
| 100 | (!strncmp(c, INTERNAL_SFTP_NAME, sizeof(INTERNAL_SFTP_NAME) - 1) && \ | 104 | (!strncmp(c, INTERNAL_SFTP_NAME, sizeof(INTERNAL_SFTP_NAME) - 1) && \ |
| 101 | (c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\0' || \ | 105 | (c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\0' || \ |
| @@ -1531,6 +1535,9 @@ do_pwchange(Session *s) | |||
| 1531 | if (s->ttyfd != -1) { | 1535 | if (s->ttyfd != -1) { |
| 1532 | fprintf(stderr, | 1536 | fprintf(stderr, |
| 1533 | "You must change your password now and login again!\n"); | 1537 | "You must change your password now and login again!\n"); |
| 1538 | #ifdef WITH_SELINUX | ||
| 1539 | setexeccon(NULL); | ||
| 1540 | #endif | ||
| 1534 | #ifdef PASSWD_NEEDS_USERNAME | 1541 | #ifdef PASSWD_NEEDS_USERNAME |
| 1535 | execl(_PATH_PASSWD_PROG, "passwd", s->pw->pw_name, | 1542 | execl(_PATH_PASSWD_PROG, "passwd", s->pw->pw_name, |
| 1536 | (char *)NULL); | 1543 | (char *)NULL); |