summaryrefslogtreecommitdiff
path: root/session.c
diff options
context:
space:
mode:
Diffstat (limited to 'session.c')
-rw-r--r--session.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/session.c b/session.c
index 12dd9ab10..5ddd82aa6 100644
--- a/session.c
+++ b/session.c
@@ -1497,7 +1497,7 @@ safely_chroot(const char *path, uid_t uid)
1497 1497
1498/* Set login name, uid, gid, and groups. */ 1498/* Set login name, uid, gid, and groups. */
1499void 1499void
1500do_setusercontext(struct passwd *pw) 1500do_setusercontext(struct passwd *pw, const char *role)
1501{ 1501{
1502 char *chroot_path, *tmp; 1502 char *chroot_path, *tmp;
1503 1503
@@ -1525,7 +1525,7 @@ do_setusercontext(struct passwd *pw)
1525 endgrent(); 1525 endgrent();
1526#endif 1526#endif
1527 1527
1528 platform_setusercontext_post_groups(pw); 1528 platform_setusercontext_post_groups(pw, role);
1529 1529
1530 if (options.chroot_directory != NULL && 1530 if (options.chroot_directory != NULL &&
1531 strcasecmp(options.chroot_directory, "none") != 0) { 1531 strcasecmp(options.chroot_directory, "none") != 0) {
@@ -1674,7 +1674,7 @@ do_child(Session *s, const char *command)
1674 1674
1675 /* Force a password change */ 1675 /* Force a password change */
1676 if (s->authctxt->force_pwchange) { 1676 if (s->authctxt->force_pwchange) {
1677 do_setusercontext(pw); 1677 do_setusercontext(pw, s->authctxt->role);
1678 child_close_fds(); 1678 child_close_fds();
1679 do_pwchange(s); 1679 do_pwchange(s);
1680 exit(1); 1680 exit(1);
@@ -1701,7 +1701,7 @@ do_child(Session *s, const char *command)
1701 /* When PAM is enabled we rely on it to do the nologin check */ 1701 /* When PAM is enabled we rely on it to do the nologin check */
1702 if (!options.use_pam) 1702 if (!options.use_pam)
1703 do_nologin(pw); 1703 do_nologin(pw);
1704 do_setusercontext(pw); 1704 do_setusercontext(pw, s->authctxt->role);
1705 /* 1705 /*
1706 * PAM session modules in do_setusercontext may have 1706 * PAM session modules in do_setusercontext may have
1707 * generated messages, so if this in an interactive 1707 * generated messages, so if this in an interactive
@@ -2112,7 +2112,7 @@ session_pty_req(Session *s)
2112 tty_parse_modes(s->ttyfd, &n_bytes); 2112 tty_parse_modes(s->ttyfd, &n_bytes);
2113 2113
2114 if (!use_privsep) 2114 if (!use_privsep)
2115 pty_setowner(s->pw, s->tty); 2115 pty_setowner(s->pw, s->tty, s->authctxt->role);
2116 2116
2117 /* Set window size from the packet. */ 2117 /* Set window size from the packet. */
2118 pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); 2118 pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);