- don't call pam_env twice (auth is enough)

[packages/pam.git] / pam-selinux-drop-multiple.patch

--- Linux-PAM-0.99.6.2/modules/pam_selinux/pam_selinux.8.xml.drop-multiple      2006-06-18 10:26:59.000000000 +0200
+++ Linux-PAM-0.99.6.2/modules/pam_selinux/pam_selinux.8.xml    2006-11-10 17:47:16.000000000 +0100
@@ -25,9 +25,6 @@
        debug
       </arg>
       <arg choice="opt">
-       multiple
-      </arg>
-      <arg choice="opt">
        open
       </arg>
       <arg choice="opt">
@@ -93,18 +90,6 @@
       </varlistentry>
       <varlistentry>
         <term>
-          <option>multiple</option>
-        </term>
-        <listitem>
-          <para>
-            Tells pam_selinux.so to allow the user to  select  the
-            security context  they  will  login  with, if the user has
-            more than one role.
-          </para>
-        </listitem>
-      </varlistentry>
-      <varlistentry>
-        <term>
           <option>open</option>
         </term>
         <listitem>
--- Linux-PAM-0.99.6.2/modules/pam_selinux/pam_selinux.c.drop-multiple  2006-11-10 17:44:33.000000000 +0100
+++ Linux-PAM-0.99.6.2/modules/pam_selinux/pam_selinux.c        2006-11-10 17:44:33.000000000 +0100
@@ -89,56 +89,6 @@
 }
 
 static security_context_t
-select_context (pam_handle_t *pamh, security_context_t* contextlist,
-               int debug)
-{
-  char *responses;
-  char *text=calloc(PATH_MAX,1);
-
-  if (text == NULL)
-    return (security_context_t) strdup(contextlist[0]);
-
-  snprintf(text, PATH_MAX,
-          _("Your default context is %s. \n"), contextlist[0]);
-  send_text(pamh,text,debug);
-  free(text);
-  query_response(pamh,_("Do you want to choose a different one? [n]"),
-                &responses,debug);
-  if (responses && ((responses[0] == 'y') ||
-                   (responses[0] == 'Y')))
-    {
-      int choice=0;
-      int i;
-      const char *prompt=_("Enter number of choice: ");
-      int len=strlen(prompt);
-      char buf[PATH_MAX];
-
-      _pam_drop(responses);
-      for (i = 0; contextlist[i]; i++) {
-       len+=strlen(contextlist[i]) + 10;
-      }
-      text=calloc(len,1);
-      for (i = 0; contextlist[i]; i++) {
-       snprintf(buf, PATH_MAX,
-                "[%d] %s\n", i+1, contextlist[i]);
-       strncat(text,buf,len);
-      }
-      strcat(text,prompt);
-      while ((choice < 1) || (choice > i)) {
-       query_response(pamh,text,&responses,debug);
-       choice = strtol (responses, NULL, 10);
-       _pam_drop(responses);
-      }
-      free(text);
-      return (security_context_t) strdup(contextlist[choice-1]);
-    }
-  else if (responses)
-    _pam_drop(responses);
-
-  return (security_context_t) strdup(contextlist[0]);
-}
-
-static security_context_t
 manual_context (pam_handle_t *pamh, const char *user, int debug)
 {
   security_context_t newcon;
@@ -322,7 +272,7 @@
                    int argc, const char **argv)
 {
   int i, debug = 0, ttys=1, has_tty=isatty(0);
-  int verbose=0, multiple=0, close_session=0;
+  int verbose=0, close_session=0;
   int ret = 0;
   security_context_t* contextlist = NULL;
   int num_contexts = 0;
@@ -342,9 +292,6 @@
     if (strcmp(argv[i], "verbose") == 0) {
       verbose = 1;
     }
-    if (strcmp(argv[i], "multiple") == 0) {
-      multiple = 1;
-    }
     if (strcmp(argv[i], "close") == 0) {
       close_session = 1;
     }
@@ -377,13 +324,8 @@
          free(level);
   }
   if (num_contexts > 0) {
-    if (multiple && (num_contexts > 1) && has_tty) {
-      user_context = select_context(pamh,contextlist, debug);
-      freeconary(contextlist);
-    } else {
-      user_context = (security_context_t) strdup(contextlist[0]);
-      freeconary(contextlist);
-    }
+    user_context = (security_context_t) strdup(contextlist[0]);
+    freeconary(contextlist);
   } else {
     if (has_tty) {
       user_context = manual_context(pamh,username,debug);