From: nekral-guest Date: Mon, 13 Jun 2011 18:27:46 +0000 (+0000) Subject: * src/su.c: After prepare_pam_close_session() there is no need to X-Git-Tag: 4.1.5~181 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=317939e8211d49b04cc811c52e5c05deed652b88;p=shadow * src/su.c: After prepare_pam_close_session() there is no need to close the session in the child. Added pam_setcred to prepare_pam_close_session(). --- diff --git a/ChangeLog b/ChangeLog index 5beed08e..04cd6789 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,9 @@ * src/su.c: Also drop the controlling terminal when PAM is not used. * src/su.c: Remove run_shell(). + * src/su.c: After prepare_pam_close_session() there is no need to + close the session in the child. Added pam_setcred to + prepare_pam_close_session(). 2011-06-12 Nicolas François diff --git a/src/su.c b/src/su.c index 14483327..e0a2c6d8 100644 --- a/src/su.c +++ b/src/su.c @@ -376,11 +376,10 @@ static void prepare_pam_close_session (void) SYSLOG ((LOG_ERR, "pam_close_session: %s", pam_strerror (pamh, ret))); fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret)); - (void) pam_end (pamh, ret); - exit (1); } - ret = pam_end (pamh, PAM_SUCCESS); + (void) pam_setcred (pamh, PAM_DELETE_CRED); + (void) pam_end (pamh, PAM_SUCCESS); if (0 != caught) { (void) signal (SIGALRM, kill_child); @@ -1016,9 +1015,6 @@ int main (int argc, char **argv) /* become the new user */ if (change_uid (pw) != 0) { - pam_close_session (pamh, 0); - pam_setcred (pamh, PAM_DELETE_CRED); - (void) pam_end (pamh, PAM_ABORT); exit (1); } #else /* !USE_PAM */