summaryrefslogtreecommitdiff
path: root/session.c
diff options
context:
space:
mode:
Diffstat (limited to 'session.c')
-rw-r--r--session.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/session.c b/session.c
index 6a7040078..5b34aa2a2 100644
--- a/session.c
+++ b/session.c
@@ -1471,7 +1471,7 @@ safely_chroot(const char *path, uid_t uid)
1471 1471
1472/* Set login name, uid, gid, and groups. */ 1472/* Set login name, uid, gid, and groups. */
1473void 1473void
1474do_setusercontext(struct passwd *pw) 1474do_setusercontext(struct passwd *pw, const char *role)
1475{ 1475{
1476 char *chroot_path, *tmp; 1476 char *chroot_path, *tmp;
1477 1477
@@ -1499,7 +1499,7 @@ do_setusercontext(struct passwd *pw)
1499 endgrent(); 1499 endgrent();
1500#endif 1500#endif
1501 1501
1502 platform_setusercontext_post_groups(pw); 1502 platform_setusercontext_post_groups(pw, role);
1503 1503
1504 if (options.chroot_directory != NULL && 1504 if (options.chroot_directory != NULL &&
1505 strcasecmp(options.chroot_directory, "none") != 0) { 1505 strcasecmp(options.chroot_directory, "none") != 0) {
@@ -1625,7 +1625,7 @@ do_child(Session *s, const char *command)
1625 1625
1626 /* Force a password change */ 1626 /* Force a password change */
1627 if (s->authctxt->force_pwchange) { 1627 if (s->authctxt->force_pwchange) {
1628 do_setusercontext(pw); 1628 do_setusercontext(pw, s->authctxt->role);
1629 child_close_fds(); 1629 child_close_fds();
1630 do_pwchange(s); 1630 do_pwchange(s);
1631 exit(1); 1631 exit(1);
@@ -1652,7 +1652,7 @@ do_child(Session *s, const char *command)
1652 /* When PAM is enabled we rely on it to do the nologin check */ 1652 /* When PAM is enabled we rely on it to do the nologin check */
1653 if (!options.use_pam) 1653 if (!options.use_pam)
1654 do_nologin(pw); 1654 do_nologin(pw);
1655 do_setusercontext(pw); 1655 do_setusercontext(pw, s->authctxt->role);
1656 /* 1656 /*
1657 * PAM session modules in do_setusercontext may have 1657 * PAM session modules in do_setusercontext may have
1658 * generated messages, so if this in an interactive 1658 * generated messages, so if this in an interactive
@@ -2064,7 +2064,7 @@ session_pty_req(Session *s)
2064 tty_parse_modes(s->ttyfd, &n_bytes); 2064 tty_parse_modes(s->ttyfd, &n_bytes);
2065 2065
2066 if (!use_privsep) 2066 if (!use_privsep)
2067 pty_setowner(s->pw, s->tty); 2067 pty_setowner(s->pw, s->tty, s->authctxt->role);
2068 2068
2069 /* Set window size from the packet. */ 2069 /* Set window size from the packet. */
2070 pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); 2070 pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel);