Overview

File sudo-1.7.6p2-pam_session.patch of Package sudo.534

Index: sudo-1.7.6p2/exec.c
===================================================================
--- sudo-1.7.6p2.orig/exec.c	2011-03-16 16:55:57.000000000 +0100
+++ sudo-1.7.6p2/exec.c	2012-06-01 14:01:16.731167608 +0200
@@ -64,6 +64,7 @@
 #ifdef HAVE_SELINUX
 # include <selinux/selinux.h>
 #endif
+#include <pwd.h>
 
 #include "sudo.h"
 #include "sudo_exec.h"
@@ -128,6 +129,13 @@ static int fork_cmnd(path, argv, envp, s
     sa.sa_handler = handler;
     sigaction(SIGCONT, &sa, NULL);
 
+/* operate PAM session in a single thread  */
+#ifdef HAVE_PAM
+    if (runas_pw->pw_name != NULL) {
+        pam_begin_session(runas_pw);
+    }
+#endif /* HAVE_PAM */
+
     child = fork();
     switch (child) {
     case -1:
@@ -259,6 +267,12 @@ sudo_execve(path, argv, envp, uid, cstat
      * If we don't need to wait for the command to finish, just exec it.
      */
     if (!dowait) {
+/* operate PAM session in a single thread  */
+#ifdef HAVE_PAM
+        if (runas_pw->pw_name != NULL) {
+            pam_begin_session(runas_pw);
+        }
+#endif /* HAVE_PAM */
 	exec_setup(FALSE, NULL, -1);
 	closefrom(def_closefrom);
 	my_execve(path, argv, envp);
Index: sudo-1.7.6p2/set_perms.c
===================================================================
--- sudo-1.7.6p2.orig/set_perms.c	2011-01-24 20:39:13.000000000 +0100
+++ sudo-1.7.6p2/set_perms.c	2012-06-01 14:01:16.744167606 +0200
@@ -631,9 +631,6 @@ runas_setup()
 #ifdef HAVE_GETUSERATTR
 	aix_prep_user(runas_pw->pw_name, user_ttypath);
 #endif
-#ifdef HAVE_PAM
-	pam_begin_session(runas_pw);
-#endif /* HAVE_PAM */
 
 #ifdef HAVE_LOGIN_CAP_H
 	if (def_use_loginclass) {
Index: sudo-1.7.6p2/exec_pty.c
===================================================================
--- sudo-1.7.6p2.orig/exec_pty.c	2011-03-18 15:07:31.000000000 +0100
+++ sudo-1.7.6p2/exec_pty.c	2012-06-01 14:01:16.745167606 +0200
@@ -60,6 +60,7 @@
 #include <errno.h>
 #include <fcntl.h>
 #include <signal.h>
+#include <pwd.h>
 
 #include "sudo.h"
 #include "sudo_exec.h"
@@ -443,6 +444,13 @@ fork_pty(path, argv, envp, sv, rbac_enab
 	}
     }
 
+/* operate PAM session in a single thread  */
+#ifdef HAVE_PAM
+    if (runas_pw->pw_name != NULL) {
+        pam_begin_session(runas_pw);
+    }
+#endif /* HAVE_PAM */
+
     child = fork();
     switch (child) {
     case -1:
openSUSE Build Service is sponsored by
Places