]>
Commit | Line | Data |
---|---|---|
940ad429 JR |
1 | --- sudo-1.6.8p12/configure.in.login 2006-07-16 15:25:33.000000000 +0200 |
2 | +++ sudo-1.6.8p12/configure.in 2006-07-16 15:49:08.000000000 +0200 | |
3 | @@ -357,6 +357,17 @@ | |
4 | ;; | |
5 | esac]) | |
6 | ||
7 | +AC_ARG_WITH(pam-login, [ --with-pam-login enable specific PAM session for sudo -i], | |
8 | +[case $with_pam_login in | |
9 | + yes) AC_DEFINE(HAVE_PAM_LOGIN) | |
10 | + AC_MSG_CHECKING(whether to use PAM login) | |
11 | + AC_MSG_RESULT(yes) | |
12 | + ;; | |
13 | + no) ;; | |
14 | + *) AC_MSG_ERROR(["--with-pam-login does not take an argument."]) | |
15 | + ;; | |
16 | +esac]) | |
17 | + | |
18 | AC_ARG_WITH(AFS, [ --with-AFS enable AFS support], | |
19 | [case $with_AFS in | |
20 | yes) AC_DEFINE(HAVE_AFS) | |
21 | --- sudo-1.6.8p12/sudo.c.login 2006-07-16 15:39:26.000000000 +0200 | |
22 | +++ sudo-1.6.8p12/sudo.c 2006-07-16 15:41:42.000000000 +0200 | |
23 | @@ -109,7 +109,7 @@ | |
24 | static struct passwd *get_authpw __P((void)); | |
25 | extern int sudo_edit __P((int, char **)); | |
26 | extern void list_matches __P((void)); | |
27 | -extern char **rebuild_env __P((char **, int, int)); | |
28 | +extern char **rebuild_env __P((char **, int)); | |
29 | extern char **zero_env __P((char **)); | |
30 | extern struct passwd *sudo_getpwnam __P((const char *)); | |
31 | extern struct passwd *sudo_getpwuid __P((uid_t)); | |
32 | @@ -140,6 +140,7 @@ | |
33 | #endif /* HAVE_BSD_AUTH_H */ | |
34 | sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp, saved_sa_chld; | |
35 | void (*set_perms) __P((int)); | |
36 | +int sudo_mode; | |
37 | ||
38 | ||
39 | int | |
40 | @@ -151,7 +152,6 @@ | |
41 | int validated; | |
42 | int fd; | |
43 | int cmnd_status; | |
44 | - int sudo_mode; | |
45 | int pwflag; | |
46 | char **new_environ; | |
47 | sigaction_t sa; | |
48 | @@ -368,7 +368,7 @@ | |
49 | ||
50 | /* Build a new environment that avoids any nasty bits if we have a cmnd. */ | |
51 | if (ISSET(sudo_mode, MODE_RUN)) | |
52 | - new_environ = rebuild_env(envp, sudo_mode, ISSET(validated, FLAG_NOEXEC)); | |
53 | + new_environ = rebuild_env(envp, ISSET(validated, FLAG_NOEXEC)); | |
54 | else | |
55 | new_environ = envp; | |
56 | ||
57 | --- sudo-1.6.8p12/auth/pam.c.login 2006-07-16 15:41:59.000000000 +0200 | |
58 | +++ sudo-1.6.8p12/auth/pam.c 2006-07-16 15:45:15.000000000 +0200 | |
59 | @@ -89,7 +89,12 @@ | |
60 | if (auth != NULL) | |
61 | auth->data = (VOID *) &pam_status; | |
62 | pam_conv.conv = sudo_conv; | |
63 | - pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh); | |
64 | +#ifdef HAVE_PAM_LOGIN | |
65 | + if (ISSET(sudo_mode, MODE_LOGIN_SHELL)) | |
66 | + pam_status = pam_start("sudo-i", pw->pw_name, &pam_conv, &pamh); | |
67 | + else | |
68 | +#endif | |
69 | + pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh); | |
70 | if (pam_status != PAM_SUCCESS) { | |
71 | log_error(USE_ERRNO|NO_EXIT|NO_MAIL, "unable to initialize PAM"); | |
72 | return(AUTH_FATAL); | |
73 | --- sudo-1.6.8p12/env.c.login 2006-07-16 15:40:14.000000000 +0200 | |
74 | +++ sudo-1.6.8p12/env.c 2006-07-16 15:57:19.000000000 +0200 | |
75 | @@ -77,7 +77,7 @@ | |
76 | /* | |
77 | * Prototypes | |
78 | */ | |
79 | -char **rebuild_env __P((char **, int, int)); | |
80 | +char **rebuild_env __P((char **, int)); | |
81 | char **zero_env __P((char **)); | |
82 | static void insert_env __P((char *, int)); | |
83 | static char *format_env __P((char *, ...)); | |
84 | @@ -321,9 +321,8 @@ | |
85 | * Also adds sudo-specific variables (SUDO_*). | |
86 | */ | |
87 | char ** | |
88 | -rebuild_env(envp, sudo_mode, noexec) | |
89 | +rebuild_env(envp, noexec) | |
90 | char **envp; | |
91 | - int sudo_mode; | |
92 | int noexec; | |
93 | { | |
94 | char **ep, *cp, *ps1; | |
95 | --- sudo-1.6.8p12/sudo.h.login 2006-07-16 15:59:08.000000000 +0200 | |
96 | +++ sudo-1.6.8p12/sudo.h 2006-07-16 15:59:38.000000000 +0200 | |
97 | @@ -251,6 +251,7 @@ | |
98 | extern FILE *sudoers_fp; | |
99 | extern int tgetpass_flags; | |
100 | extern uid_t timestamp_uid; | |
101 | +extern int sudo_mode; | |
102 | ||
103 | extern void (*set_perms) __P((int)); | |
104 | #endif | |
105 | --- sudo-1.6.8p12/config.h.in.login 2006-07-16 15:32:09.000000000 +0200 | |
106 | +++ sudo-1.6.8p12/config.h.in 2006-07-16 15:32:56.000000000 +0200 | |
107 | @@ -230,6 +230,9 @@ | |
108 | /* Define to 1 if you use PAM authentication. */ | |
109 | #undef HAVE_PAM | |
110 | ||
111 | +/* Define to 1 if you use specific PAM session for sodo -i. */ | |
112 | +#undef HAVE_PAM_LOGIN | |
113 | + | |
114 | /* Define to 1 if you have the <pam/pam_appl.h> header file. */ | |
115 | #undef HAVE_PAM_PAM_APPL_H | |
116 |