Handle SELinux authorisation roles

Rejected upstream due to discomfort with magic usernames; a better approach will need an SSH protocol change. In the meantime, this came from Debian's SELinux maintainer, so we'll keep it until we have something better. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 Bug-Debian: http://bugs.debian.org/394795 Last-Update: 2015-08-19 Patch-Name: selinux-role.patch
author: Manoj Srivastava <srivasta@debian.org> 2014-02-09 16:09:49 +0000
committer: Colin Watson <cjwatson@debian.org> 2015-08-19 17:09:55 +0100
commit: 8b3e4a6ddad01fef62d153ac3b033de61a02696e (patch)
tree: d9ed528e3f1b953fd1cd9a846363eb6092252a86 /session.c
parent: ace4bfab52b31a2833636a243ba150fdf0f48293 (diff)
1 files changed, 5 insertions, 5 deletions
diff --git a/session.c b/session.c
index 5a64715e2..afac4a58f 100644
--- a/session.c
+++ b/session.c
@@ -1487,7 +1487,7 @@ safely_chroot(const char *path, uid_t uid)
 /* Set login name, uid, gid, and groups. */
 void
-do_setusercontext(struct passwd *pw)
+do_setusercontext(struct passwd *pw, const char *role)
 {
        char *chroot_path, *tmp;
 #ifdef USE_LIBIAF
@@ -1518,7 +1518,7 @@ do_setusercontext(struct passwd *pw)
                endgrent();
 #endif
-                platform_setusercontext_post_groups(pw);
+                platform_setusercontext_post_groups(pw, role);
                if (options.chroot_directory != NULL &&
                    strcasecmp(options.chroot_directory, "none") != 0) {
@@ -1677,7 +1677,7 @@ do_child(Session *s, const char *command)
        /* Force a password change */
        if (s->authctxt->force_pwchange) {
-                do_setusercontext(pw);
+                do_setusercontext(pw, s->authctxt->role);
                child_close_fds();
                do_pwchange(s);
                exit(1);
@@ -1704,7 +1704,7 @@ do_child(Session *s, const char *command)
                /* When PAM is enabled we rely on it to do the nologin check */
                if (!options.use_pam)
                        do_nologin(pw);
-                do_setusercontext(pw);
+                do_setusercontext(pw, s->authctxt->role);
                /*
                 * PAM session modules in do_setusercontext may have
                 * generated messages, so if this in an interactive
@@ -2115,7 +2115,7 @@ session_pty_req(Session *s)
        tty_parse_modes(s->ttyfd, &n_bytes);
        if (!use_privsep)
-                pty_setowner(s->pw, s->tty);
+                pty_setowner(s->pw, s->tty, s->authctxt->role);
        /* Set window size from the packet. */
        pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);
author	Manoj Srivastava <srivasta@debian.org>	2014-02-09 16:09:49 +0000
committer	Colin Watson <cjwatson@debian.org>	2015-08-19 17:09:55 +0100
commit	8b3e4a6ddad01fef62d153ac3b033de61a02696e (patch)
tree	d9ed528e3f1b953fd1cd9a846363eb6092252a86 /session.c
parent	ace4bfab52b31a2833636a243ba150fdf0f48293 (diff)

diff --git a/session.c b/session.c index 5a64715e2..afac4a58f 100644 --- a/session.c +++ b/session.c
@@ -1487,7 +1487,7 @@ safely_chroot(const char *path, uid_t uid)
1487		1487
1488	/* Set login name, uid, gid, and groups. */	1488	/* Set login name, uid, gid, and groups. */
1489	void	1489	void
1490	do_setusercontext(struct passwd *pw)	1490	do_setusercontext(struct passwd pw, const char role)
1491	{	1491	{
1492	char chroot_path, tmp;	1492	char chroot_path, tmp;
1493	#ifdef USE_LIBIAF	1493	#ifdef USE_LIBIAF
@@ -1518,7 +1518,7 @@ do_setusercontext(struct passwd *pw)
1518	endgrent();	1518	endgrent();
1519	#endif	1519	#endif
1520		1520
1521	platform_setusercontext_post_groups(pw);	1521	platform_setusercontext_post_groups(pw, role);
1522		1522
1523	if (options.chroot_directory != NULL &&	1523	if (options.chroot_directory != NULL &&
1524	strcasecmp(options.chroot_directory, "none") != 0) {	1524	strcasecmp(options.chroot_directory, "none") != 0) {
@@ -1677,7 +1677,7 @@ do_child(Session s, const char command)
1677		1677
1678	/* Force a password change */	1678	/* Force a password change */
1679	if (s->authctxt->force_pwchange) {	1679	if (s->authctxt->force_pwchange) {
1680	do_setusercontext(pw);	1680	do_setusercontext(pw, s->authctxt->role);
1681	child_close_fds();	1681	child_close_fds();
1682	do_pwchange(s);	1682	do_pwchange(s);
1683	exit(1);	1683	exit(1);
@@ -1704,7 +1704,7 @@ do_child(Session s, const char command)
1704	/* When PAM is enabled we rely on it to do the nologin check */	1704	/* When PAM is enabled we rely on it to do the nologin check */
1705	if (!options.use_pam)	1705	if (!options.use_pam)
1706	do_nologin(pw);	1706	do_nologin(pw);
1707	do_setusercontext(pw);	1707	do_setusercontext(pw, s->authctxt->role);
1708	/*	1708	/*
1709	* PAM session modules in do_setusercontext may have	1709	* PAM session modules in do_setusercontext may have
1710	* generated messages, so if this in an interactive	1710	* generated messages, so if this in an interactive
@@ -2115,7 +2115,7 @@ session_pty_req(Session *s)
2115	tty_parse_modes(s->ttyfd, &n_bytes);	2115	tty_parse_modes(s->ttyfd, &n_bytes);
2116		2116
2117	if (!use_privsep)	2117	if (!use_privsep)
2118	pty_setowner(s->pw, s->tty);	2118	pty_setowner(s->pw, s->tty, s->authctxt->role);
2119		2119
2120	/* Set window size from the packet. */	2120	/* Set window size from the packet. */
2121	pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);	2121	pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);