in the parent after closing the PAM session.
This fixes http://bugs.debian.org/412061.
Debian patch 405_su_no_pam_end_before_exec.
+2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
+
+ * NEWS, src/su.c: Avoid terminating the PAM library in the forked
+ child. This is done later in the parent after closing the PAM
+ session. This fixes http://bugs.debian.org/412061.
+ Debian patch 405_su_no_pam_end_before_exec.
+
2007-11-17 Nicolas François <nicolas.francois@centraliens.net>
* man/newgrp.1.xml: Mention sg in the newgrp manpage.
addition* to editing the password field. Debian patch 494_passwd_lock.
- pwck: Remove the SHADOWPWD preprocessor check. Some check for /etc/shadow
were always missing.
+- su: Avoid terminating the PAM library in the forked child. This is done
+ later in the parent after closing the PAM session.
shadow-4.0.18.1 -> shadow-4.0.18.2 28-10-2007
child = fork ();
if (child == 0) { /* child shell */
- pam_end (pamh, PAM_SUCCESS);
+ /*
+ * PAM_DATA_SILENT is not supported by some modules, and
+ * there is no strong need to clean up the process space's
+ * memory since we will either call exec or exit.
+ pam_end (pamh, PAM_SUCCESS | PAM_DATA_SILENT);
+ */
if (doshell)
(void) shell (shellstr, (char *) args[0], envp);
projects / shadow / commitdiff