summaryrefslogtreecommitdiff
path: root/sshd.c
diff options
context:
space:
mode:
authorManoj Srivastava <srivasta@debian.org>2014-02-09 16:09:49 +0000
committerColin Watson <cjwatson@debian.org>2016-01-14 15:07:16 +0000
commit701eb985309b1c9fce617949298659843fce723d (patch)
treed1000cc3fae5c2d17a0150a401683229dc125c9d /sshd.c
parentf1fe58341ea22a6f07e5e1de79aa0385c0ee0c6a (diff)
Handle SELinux authorisation roles
Rejected upstream due to discomfort with magic usernames; a better approach will need an SSH protocol change. In the meantime, this came from Debian's SELinux maintainer, so we'll keep it until we have something better. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 Bug-Debian: http://bugs.debian.org/394795 Last-Update: 2015-08-19 Patch-Name: selinux-role.patch
Diffstat (limited to 'sshd.c')
-rw-r--r--sshd.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/sshd.c b/sshd.c
index 9275e0b7a..1b49b2669 100644
--- a/sshd.c
+++ b/sshd.c
@@ -786,7 +786,7 @@ privsep_postauth(Authctxt *authctxt)
786 explicit_bzero(rnd, sizeof(rnd)); 786 explicit_bzero(rnd, sizeof(rnd));
787 787
788 /* Drop privileges */ 788 /* Drop privileges */
789 do_setusercontext(authctxt->pw); 789 do_setusercontext(authctxt->pw, authctxt->role);
790 790
791 skip: 791 skip:
792 /* It is safe now to apply the key state */ 792 /* It is safe now to apply the key state */