summaryrefslogtreecommitdiff
path: root/sshd.c
diff options
context:
space:
mode:
authorManoj Srivastava <srivasta@debian.org>2014-02-09 16:09:49 +0000
committerColin Watson <cjwatson@debian.org>2019-10-09 23:06:25 +0100
commit3131e3bb3c56a6c6ee8cb9d68f542af04cd9e8ff (patch)
treefb2bdf39ed7ad6111f501712d2d9346a55528214 /sshd.c
parent57c1dd662f9259f58a47801e2d4b0f84e973441d (diff)
Handle SELinux authorisation roles
Rejected upstream due to discomfort with magic usernames; a better approach will need an SSH protocol change. In the meantime, this came from Debian's SELinux maintainer, so we'll keep it until we have something better. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 Bug-Debian: http://bugs.debian.org/394795 Last-Update: 2019-06-05 Patch-Name: selinux-role.patch
Diffstat (limited to 'sshd.c')
-rw-r--r--sshd.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/sshd.c b/sshd.c
index 4e32fd10d..ea8beacb4 100644
--- a/sshd.c
+++ b/sshd.c
@@ -594,7 +594,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt)
594 reseed_prngs(); 594 reseed_prngs();
595 595
596 /* Drop privileges */ 596 /* Drop privileges */
597 do_setusercontext(authctxt->pw); 597 do_setusercontext(authctxt->pw, authctxt->role);
598 598
599 skip: 599 skip:
600 /* It is safe now to apply the key state */ 600 /* It is safe now to apply the key state */