diff options
author | Manoj Srivastava <srivasta@debian.org> | 2014-02-09 16:09:49 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2018-08-24 17:49:07 +0100 |
commit | 03979f2e0768e146d179c66f2d2e33afe61c1be3 (patch) | |
tree | 624add62ece0fb72400966a483aa5af060fb0a77 /session.c | |
parent | 84a7a1b1c767056c80add9f0e15c9f9ec23ec94d (diff) |
Handle SELinux authorisation roles
Rejected upstream due to discomfort with magic usernames; a better approach
will need an SSH protocol change. In the meantime, this came from Debian's
SELinux maintainer, so we'll keep it until we have something better.
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641
Bug-Debian: http://bugs.debian.org/394795
Last-Update: 2018-08-24
Patch-Name: selinux-role.patch
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 10 |
1 files changed, 5 insertions, 5 deletions
@@ -1378,7 +1378,7 @@ safely_chroot(const char *path, uid_t uid) | |||
1378 | 1378 | ||
1379 | /* Set login name, uid, gid, and groups. */ | 1379 | /* Set login name, uid, gid, and groups. */ |
1380 | void | 1380 | void |
1381 | do_setusercontext(struct passwd *pw) | 1381 | do_setusercontext(struct passwd *pw, const char *role) |
1382 | { | 1382 | { |
1383 | char uidstr[32], *chroot_path, *tmp; | 1383 | char uidstr[32], *chroot_path, *tmp; |
1384 | 1384 | ||
@@ -1406,7 +1406,7 @@ do_setusercontext(struct passwd *pw) | |||
1406 | endgrent(); | 1406 | endgrent(); |
1407 | #endif | 1407 | #endif |
1408 | 1408 | ||
1409 | platform_setusercontext_post_groups(pw); | 1409 | platform_setusercontext_post_groups(pw, role); |
1410 | 1410 | ||
1411 | if (!in_chroot && options.chroot_directory != NULL && | 1411 | if (!in_chroot && options.chroot_directory != NULL && |
1412 | strcasecmp(options.chroot_directory, "none") != 0) { | 1412 | strcasecmp(options.chroot_directory, "none") != 0) { |
@@ -1545,7 +1545,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) | |||
1545 | 1545 | ||
1546 | /* Force a password change */ | 1546 | /* Force a password change */ |
1547 | if (s->authctxt->force_pwchange) { | 1547 | if (s->authctxt->force_pwchange) { |
1548 | do_setusercontext(pw); | 1548 | do_setusercontext(pw, s->authctxt->role); |
1549 | child_close_fds(ssh); | 1549 | child_close_fds(ssh); |
1550 | do_pwchange(s); | 1550 | do_pwchange(s); |
1551 | exit(1); | 1551 | exit(1); |
@@ -1563,7 +1563,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) | |||
1563 | /* When PAM is enabled we rely on it to do the nologin check */ | 1563 | /* When PAM is enabled we rely on it to do the nologin check */ |
1564 | if (!options.use_pam) | 1564 | if (!options.use_pam) |
1565 | do_nologin(pw); | 1565 | do_nologin(pw); |
1566 | do_setusercontext(pw); | 1566 | do_setusercontext(pw, s->authctxt->role); |
1567 | /* | 1567 | /* |
1568 | * PAM session modules in do_setusercontext may have | 1568 | * PAM session modules in do_setusercontext may have |
1569 | * generated messages, so if this in an interactive | 1569 | * generated messages, so if this in an interactive |
@@ -1953,7 +1953,7 @@ session_pty_req(struct ssh *ssh, Session *s) | |||
1953 | ssh_tty_parse_modes(ssh, s->ttyfd); | 1953 | ssh_tty_parse_modes(ssh, s->ttyfd); |
1954 | 1954 | ||
1955 | if (!use_privsep) | 1955 | if (!use_privsep) |
1956 | pty_setowner(s->pw, s->tty); | 1956 | pty_setowner(s->pw, s->tty, s->authctxt->role); |
1957 | 1957 | ||
1958 | /* Set window size from the packet. */ | 1958 | /* Set window size from the packet. */ |
1959 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); | 1959 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); |