[Pkg-shadow-commits] r1375 - in upstream/trunk: . src
nekral-guest at alioth.debian.org
nekral-guest at alioth.debian.org
Sat Nov 17 17:19:44 UTC 2007
Author: nekral-guest
Date: 2007-11-17 17:19:44 +0000 (Sat, 17 Nov 2007)
New Revision: 1375
Modified:
upstream/trunk/ChangeLog
upstream/trunk/NEWS
upstream/trunk/src/su.c
Log:
Avoid terminating the PAM library in the forked child. This is done later
in the parent after closing the PAM session.
This fixes http://bugs.debian.org/412061.
Debian patch 405_su_no_pam_end_before_exec.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2007-11-17 17:03:01 UTC (rev 1374)
+++ upstream/trunk/ChangeLog 2007-11-17 17:19:44 UTC (rev 1375)
@@ -1,5 +1,12 @@
2007-11-17 Nicolas François <nicolas.francois at centraliens.net>
+ * NEWS, src/su.c: Avoid terminating the PAM library in the forked
+ child. This is done later in the parent after closing the PAM
+ session. This fixes http://bugs.debian.org/412061.
+ Debian patch 405_su_no_pam_end_before_exec.
+
+2007-11-17 Nicolas François <nicolas.francois at centraliens.net>
+
* man/newgrp.1.xml: Mention sg in the newgrp manpage.
Debian patch 410_newgrp_man_mention_sg.
Modified: upstream/trunk/NEWS
===================================================================
--- upstream/trunk/NEWS 2007-11-17 17:03:01 UTC (rev 1374)
+++ upstream/trunk/NEWS 2007-11-17 17:19:44 UTC (rev 1375)
@@ -39,6 +39,8 @@
addition* to editing the password field. Debian patch 494_passwd_lock.
- pwck: Remove the SHADOWPWD preprocessor check. Some check for /etc/shadow
were always missing.
+- su: Avoid terminating the PAM library in the forked child. This is done
+ later in the parent after closing the PAM session.
shadow-4.0.18.1 -> shadow-4.0.18.2 28-10-2007
Modified: upstream/trunk/src/su.c
===================================================================
--- upstream/trunk/src/su.c 2007-11-17 17:03:01 UTC (rev 1374)
+++ upstream/trunk/src/su.c 2007-11-17 17:19:44 UTC (rev 1375)
@@ -183,7 +183,12 @@
child = fork ();
if (child == 0) { /* child shell */
- pam_end (pamh, PAM_SUCCESS);
+ /*
+ * PAM_DATA_SILENT is not supported by some modules, and
+ * there is no strong need to clean up the process space's
+ * memory since we will either call exec or exit.
+ pam_end (pamh, PAM_SUCCESS | PAM_DATA_SILENT);
+ */
if (doshell)
(void) shell (shellstr, (char *) args[0], envp);
More information about the Pkg-shadow-commits
mailing list