From b108c6bbe4b3691600a272b27fa24d9080018db7 Mon Sep 17 00:00:00 2001 From: Manoj Srivastava Date: Sun, 9 Feb 2014 16:09:49 +0000 Subject: Handle SELinux authorisation roles Rejected upstream due to discomfort with magic usernames; a better approach will need an SSH protocol change. In the meantime, this came from Debian's SELinux maintainer, so we'll keep it until we have something better. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1641 Bug-Debian: http://bugs.debian.org/394795 Last-Update: 2020-02-21 Patch-Name: selinux-role.patch --- sshd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sshd.c') diff --git a/sshd.c b/sshd.c index 62dc55cf2..65916fc6d 100644 --- a/sshd.c +++ b/sshd.c @@ -595,7 +595,7 @@ privsep_postauth(struct ssh *ssh, Authctxt *authctxt) reseed_prngs(); /* Drop privileges */ - do_setusercontext(authctxt->pw); + do_setusercontext(authctxt->pw, authctxt->role); skip: /* It is safe now to apply the key state */ -- cgit v1.2.3