diff options
author | Manoj Srivastava <srivasta@debian.org> | 2014-02-09 16:09:49 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2020-06-07 10:25:35 +0100 |
commit | 8641a3f57e67e087b4500beb9916e06c4d0ba94c (patch) | |
tree | 13f2ec3473e6689b2d890f1a529a320a6f3cfa2a /sshd.c | |
parent | 7e3de67f8447064d6963e8299653d8e01baaef1e (diff) |
Handle SELinux authorisation roles
Rejected upstream due to discomfort with magic usernames; a better approach
will need an SSH protocol change. In the meantime, this came from Debian's
SELinux maintainer, so we'll keep it until we have something better.
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641
Bug-Debian: http://bugs.debian.org/394795
Last-Update: 2020-02-21
Patch-Name: selinux-role.patch
Diffstat (limited to 'sshd.c')
-rw-r--r-- | sshd.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -594,7 +594,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt) | |||
594 | reseed_prngs(); | 594 | reseed_prngs(); |
595 | 595 | ||
596 | /* Drop privileges */ | 596 | /* Drop privileges */ |
597 | do_setusercontext(authctxt->pw); | 597 | do_setusercontext(authctxt->pw, authctxt->role); |
598 | 598 | ||
599 | skip: | 599 | skip: |
600 | /* It is safe now to apply the key state */ | 600 | /* It is safe now to apply the key state */ |