File pam-bsc1197795-do-not-include-obsolete-header-files.patch of Package pam-modules.23706

Index: pam-modules-12.1/pam_unix2-2.9.1/src/selinux_utils.c
===================================================================
--- pam-modules-12.1.orig/pam_unix2-2.9.1/src/selinux_utils.c
+++ pam-modules-12.1/pam_unix2-2.9.1/src/selinux_utils.c
@@ -27,7 +27,6 @@
 #include <string.h>
 #include <syslog.h>
 #include <sys/types.h>
-#include <selinux/flask.h>
 #include <selinux/selinux.h>
 #include <selinux/context.h>
 
@@ -47,15 +46,25 @@ selinux_check_access (const char *chuser
     {
       context_t c = context_new (user_context);
       const char *user = context_user_get (c);
+      security_class_t passwd_class;
 
       if (strcmp (chuser, user) == 0)
 	status = 0;
+      else if ((passwd_class = string_to_security_class("passwd")) == 0)
+        {
+	  context_free (c);
+	  freecon (user_context);
+	  if (security_deny_unknown() == 0)
+	    status = 0;
+	}
       else
 	{
 	  struct av_decision avd;
-	  int retval = security_compute_av (user_context,
+	  int retval;
+
+	  retval = security_compute_av (user_context,
 					    user_context,
-					    SECCLASS_PASSWD,
+					    passwd_class,
 					    access,
 					    &avd);
 
openSUSE Build Service is sponsored by