diff options
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 10 |
1 files changed, 5 insertions, 5 deletions
@@ -1322,7 +1322,7 @@ safely_chroot(const char *path, uid_t uid) | |||
1322 | 1322 | ||
1323 | /* Set login name, uid, gid, and groups. */ | 1323 | /* Set login name, uid, gid, and groups. */ |
1324 | void | 1324 | void |
1325 | do_setusercontext(struct passwd *pw) | 1325 | do_setusercontext(struct passwd *pw, const char *role) |
1326 | { | 1326 | { |
1327 | char *chroot_path, *tmp; | 1327 | char *chroot_path, *tmp; |
1328 | 1328 | ||
@@ -1350,7 +1350,7 @@ do_setusercontext(struct passwd *pw) | |||
1350 | endgrent(); | 1350 | endgrent(); |
1351 | #endif | 1351 | #endif |
1352 | 1352 | ||
1353 | platform_setusercontext_post_groups(pw); | 1353 | platform_setusercontext_post_groups(pw, role); |
1354 | 1354 | ||
1355 | if (!in_chroot && options.chroot_directory != NULL && | 1355 | if (!in_chroot && options.chroot_directory != NULL && |
1356 | strcasecmp(options.chroot_directory, "none") != 0) { | 1356 | strcasecmp(options.chroot_directory, "none") != 0) { |
@@ -1487,7 +1487,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) | |||
1487 | 1487 | ||
1488 | /* Force a password change */ | 1488 | /* Force a password change */ |
1489 | if (s->authctxt->force_pwchange) { | 1489 | if (s->authctxt->force_pwchange) { |
1490 | do_setusercontext(pw); | 1490 | do_setusercontext(pw, s->authctxt->role); |
1491 | child_close_fds(ssh); | 1491 | child_close_fds(ssh); |
1492 | do_pwchange(s); | 1492 | do_pwchange(s); |
1493 | exit(1); | 1493 | exit(1); |
@@ -1505,7 +1505,7 @@ do_child(struct ssh *ssh, Session *s, const char *command) | |||
1505 | /* When PAM is enabled we rely on it to do the nologin check */ | 1505 | /* When PAM is enabled we rely on it to do the nologin check */ |
1506 | if (!options.use_pam) | 1506 | if (!options.use_pam) |
1507 | do_nologin(pw); | 1507 | do_nologin(pw); |
1508 | do_setusercontext(pw); | 1508 | do_setusercontext(pw, s->authctxt->role); |
1509 | /* | 1509 | /* |
1510 | * PAM session modules in do_setusercontext may have | 1510 | * PAM session modules in do_setusercontext may have |
1511 | * generated messages, so if this in an interactive | 1511 | * generated messages, so if this in an interactive |
@@ -1897,7 +1897,7 @@ session_pty_req(struct ssh *ssh, Session *s) | |||
1897 | tty_parse_modes(s->ttyfd, &n_bytes); | 1897 | tty_parse_modes(s->ttyfd, &n_bytes); |
1898 | 1898 | ||
1899 | if (!use_privsep) | 1899 | if (!use_privsep) |
1900 | pty_setowner(s->pw, s->tty); | 1900 | pty_setowner(s->pw, s->tty, s->authctxt->role); |
1901 | 1901 | ||
1902 | /* Set window size from the packet. */ | 1902 | /* Set window size from the packet. */ |
1903 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); | 1903 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); |