diff options
| author | Manoj Srivastava <srivasta@debian.org> | 2014-02-09 16:09:49 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2020-02-21 12:03:50 +0000 |
| commit | b108c6bbe4b3691600a272b27fa24d9080018db7 (patch) | |
| tree | 1a39cd8b5f41790f369ea635f889675367c09c5b /session.c | |
| parent | 31d42cd8624f29508f772447e617ab043a6487d9 (diff) | |
Handle SELinux authorisation roles
Rejected upstream due to discomfort with magic usernames; a better approach
will need an SSH protocol change. In the meantime, this came from Debian's
SELinux maintainer, so we'll keep it until we have something better.
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641
Bug-Debian: http://bugs.debian.org/394795
Last-Update: 2020-02-21
Patch-Name: selinux-role.patch
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 10 |
1 files changed, 5 insertions, 5 deletions
| @@ -1360,7 +1360,7 @@ safely_chroot(const char *path, uid_t uid) | |||
| 1360 | 1360 | ||
| 1361 | /* Set login name, uid, gid, and groups. */ | 1361 | /* Set login name, uid, gid, and groups. */ |
| 1362 | void | 1362 | void |
| 1363 | do_setusercontext(struct passwd *pw) | 1363 | do_setusercontext(struct passwd *pw, const char *role) |
| 1364 | { | 1364 | { |
| 1365 | char uidstr[32], *chroot_path, *tmp; | 1365 | char uidstr[32], *chroot_path, *tmp; |
| 1366 | 1366 | ||
| @@ -1388,7 +1388,7 @@ do_setusercontext(struct passwd *pw) | |||
| 1388 | endgrent(); | 1388 | endgrent(); |
| 1389 | #endif | 1389 | #endif |
| 1390 | 1390 | ||
| 1391 | platform_setusercontext_post_groups(pw); | 1391 | platform_setusercontext_post_groups(pw, role); |
| 1392 | 1392 | ||
| 1393 | if (!in_chroot && options.chroot_directory != NULL && | 1393 | if (!in_chroot && options.chroot_directory != NULL && |
| 1394 | strcasecmp(options.chroot_directory, "none") != 0) { | 1394 | strcasecmp(options.chroot_directory, "none") != 0) { |
| @@ -1529,7 +1529,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) | |||
| 1529 | 1529 | ||
| 1530 | /* Force a password change */ | 1530 | /* Force a password change */ |
| 1531 | if (s->authctxt->force_pwchange) { | 1531 | if (s->authctxt->force_pwchange) { |
| 1532 | do_setusercontext(pw); | 1532 | do_setusercontext(pw, s->authctxt->role); |
| 1533 | child_close_fds(ssh); | 1533 | child_close_fds(ssh); |
| 1534 | do_pwchange(s); | 1534 | do_pwchange(s); |
| 1535 | exit(1); | 1535 | exit(1); |
| @@ -1547,7 +1547,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) | |||
| 1547 | /* When PAM is enabled we rely on it to do the nologin check */ | 1547 | /* When PAM is enabled we rely on it to do the nologin check */ |
| 1548 | if (!options.use_pam) | 1548 | if (!options.use_pam) |
| 1549 | do_nologin(pw); | 1549 | do_nologin(pw); |
| 1550 | do_setusercontext(pw); | 1550 | do_setusercontext(pw, s->authctxt->role); |
| 1551 | /* | 1551 | /* |
| 1552 | * PAM session modules in do_setusercontext may have | 1552 | * PAM session modules in do_setusercontext may have |
| 1553 | * generated messages, so if this in an interactive | 1553 | * generated messages, so if this in an interactive |
| @@ -1946,7 +1946,7 @@ session_pty_req(struct ssh *ssh, Session *s) | |||
| 1946 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); | 1946 | sshpkt_fatal(ssh, r, "%s: parse packet", __func__); |
| 1947 | 1947 | ||
| 1948 | if (!use_privsep) | 1948 | if (!use_privsep) |
| 1949 | pty_setowner(s->pw, s->tty); | 1949 | pty_setowner(s->pw, s->tty, s->authctxt->role); |
| 1950 | 1950 | ||
| 1951 | /* Set window size from the packet. */ | 1951 | /* Set window size from the packet. */ |
| 1952 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); | 1952 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); |