1 --- sudo-1.6.8p12/configure.in.login 2006-07-16 15:25:33.000000000 +0200
2 +++ sudo-1.6.8p12/configure.in 2006-07-16 15:49:08.000000000 +0200
7 +AC_ARG_WITH(pam-login, [ --with-pam-login enable specific PAM session for sudo -i],
8 +[case $with_pam_login in
9 + yes) AC_DEFINE(HAVE_PAM_LOGIN)
10 + AC_MSG_CHECKING(whether to use PAM login)
14 + *) AC_MSG_ERROR(["--with-pam-login does not take an argument."])
18 AC_ARG_WITH(AFS, [ --with-AFS enable AFS support],
20 yes) AC_DEFINE(HAVE_AFS)
21 --- sudo-1.6.8p12/sudo.c.login 2006-07-16 15:39:26.000000000 +0200
22 +++ sudo-1.6.8p12/sudo.c 2006-07-16 15:41:42.000000000 +0200
24 static struct passwd *get_authpw __P((void));
25 extern int sudo_edit __P((int, char **));
26 extern void list_matches __P((void));
27 -extern char **rebuild_env __P((char **, int, int));
28 +extern char **rebuild_env __P((char **, int));
29 extern char **zero_env __P((char **));
30 extern struct passwd *sudo_getpwnam __P((const char *));
31 extern struct passwd *sudo_getpwuid __P((uid_t));
33 #endif /* HAVE_BSD_AUTH_H */
34 sigaction_t saved_sa_int, saved_sa_quit, saved_sa_tstp, saved_sa_chld;
35 void (*set_perms) __P((int));
50 /* Build a new environment that avoids any nasty bits if we have a cmnd. */
51 if (ISSET(sudo_mode, MODE_RUN))
52 - new_environ = rebuild_env(envp, sudo_mode, ISSET(validated, FLAG_NOEXEC));
53 + new_environ = rebuild_env(envp, ISSET(validated, FLAG_NOEXEC));
57 --- sudo-1.6.8p12/auth/pam.c.login 2006-07-16 15:41:59.000000000 +0200
58 +++ sudo-1.6.8p12/auth/pam.c 2006-07-16 15:45:15.000000000 +0200
61 auth->data = (VOID *) &pam_status;
62 pam_conv.conv = sudo_conv;
63 - pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
64 +#ifdef HAVE_PAM_LOGIN
65 + if (ISSET(sudo_mode, MODE_LOGIN_SHELL))
66 + pam_status = pam_start("sudo-i", pw->pw_name, &pam_conv, &pamh);
69 + pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
70 if (pam_status != PAM_SUCCESS) {
71 log_error(USE_ERRNO|NO_EXIT|NO_MAIL, "unable to initialize PAM");
73 --- sudo-1.6.8p12/env.c.login 2006-07-16 15:40:14.000000000 +0200
74 +++ sudo-1.6.8p12/env.c 2006-07-16 15:57:19.000000000 +0200
79 -char **rebuild_env __P((char **, int, int));
80 +char **rebuild_env __P((char **, int));
81 char **zero_env __P((char **));
82 static void insert_env __P((char *, int));
83 static char *format_env __P((char *, ...));
85 * Also adds sudo-specific variables (SUDO_*).
88 -rebuild_env(envp, sudo_mode, noexec)
89 +rebuild_env(envp, noexec)
95 --- sudo-1.6.8p12/sudo.h.login 2006-07-16 15:59:08.000000000 +0200
96 +++ sudo-1.6.8p12/sudo.h 2006-07-16 15:59:38.000000000 +0200
98 extern FILE *sudoers_fp;
99 extern int tgetpass_flags;
100 extern uid_t timestamp_uid;
101 +extern int sudo_mode;
103 extern void (*set_perms) __P((int));
105 --- sudo-1.6.8p12/config.h.in.login 2006-07-16 15:32:09.000000000 +0200
106 +++ sudo-1.6.8p12/config.h.in 2006-07-16 15:32:56.000000000 +0200
108 /* Define to 1 if you use PAM authentication. */
111 +/* Define to 1 if you use specific PAM session for sodo -i. */
112 +#undef HAVE_PAM_LOGIN
114 /* Define to 1 if you have the <pam/pam_appl.h> header file. */
115 #undef HAVE_PAM_PAM_APPL_H