pam_keyinit: Check return value of setregid.

author Robin Hack <rhack@redhat.com>

Mon, 25 Aug 2014 15:33:21 +0000 (17:33 +0200)

committer Tomas Mraz <tmraz@fedoraproject.org>

Mon, 25 Aug 2014 15:33:21 +0000 (17:33 +0200)
author Robin Hack <rhack@redhat.com>
Mon, 25 Aug 2014 15:33:21 +0000 (17:33 +0200)
committer Tomas Mraz <tmraz@fedoraproject.org>
Mon, 25 Aug 2014 15:33:21 +0000 (17:33 +0200)
diff --git a/modules/pam_keyinit/pam_keyinit.c b/modules/pam_keyinit/pam_keyinit.c

index 8d0501e03886e71bb8fe92a5dd661071d7c0b50e..f82eead221b56066d0603c112f738729b3da1ac4 100644 (file)
--- a/modules/pam_keyinit/pam_keyinit.c
+++ b/modules/pam_keyinit/pam_keyinit.c
@@ -218,7 +218,8 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
  
         if (uid != old_uid && setreuid(uid, -1) < 0) {
                 error(pamh, "Unable to change UID to %d temporarily\n", uid);
-               setregid(old_gid, -1);
+               if (setregid(old_gid, -1) < 0)
+                       error(pamh, "Unable to change GID back to %d\n", old_gid);
                 return PAM_SESSION_ERR;
         }
author	Robin Hack <rhack@redhat.com>
	Mon, 25 Aug 2014 15:33:21 +0000 (17:33 +0200)
committer	Tomas Mraz <tmraz@fedoraproject.org>
	Mon, 25 Aug 2014 15:33:21 +0000 (17:33 +0200)