← Back to branch summary

~ubuntu-branches/ubuntu/quantal/pam/quantal

~ubuntu-branches/ubuntu/quantal/pam/quantal

« back to all changes in this revision

Viewing changes to debian/patches-applied/pam_motd-legal-notice

Committer: Bazaar Package Importer
Author(s): Martin Pitt, Steve Langasek, Martin Pitt
Date: 2011-06-24 11:07:57 UTC
Revision ID: james.westby@ubuntu.com-20110624110757-tmk6370f7jzpws1f

Tags: 1.1.3-1ubuntu3

https://launchpad.net/bugs/253096

http://bugs.debian.org/583958

[ Steve Langasek ]
* debian/patches/pam_motd-legal-notice: use pam_modutil_gain/drop_priv
  common helper functions, instead of hand-rolled uid-setting code.

[ Martin Pitt ]
* debian/local/common-session{,-noninteractive}: Enable pam_umask by
  default, now that the umask setting is gone from /etc/profile.
  (LP: #253096, UbuntuSpec:umask-to-0002)
* debian/local/pam-auth-update: Add the new md5sum of above files.
* Add debian/patches-applied/pam_umask_usergroups_from_login.defs.patch:
  Deprecate pam_unix' explicit "usergroups" option and instead read it from
  /etc/login.def's "USERGROUP_ENAB" option if umask is only defined there.
  This restores compatibility with the pre-PAM behaviour of login.
  (Closes: #583958)

files added:
debian/patches-applied/pam_umask_usergroups_from_login.defs.patch

files modified:
debian/changelog

debian/local/common-session

debian/local/common-session-noninteractive

debian/local/pam-auth-update

debian/patches-applied/pam_motd-legal-notice

debian/patches-applied/series

Show diffs side-by-side

added added

removed removed

debian/patches-applied/pam_motd-legal-notice

8

8

9

9

Upstream status: Ubuntu-specific, maybe submit to Debian

10

10

11

Index: pam-1.1.0/modules/pam_motd/pam_motd.c

11

Index: pam.ubuntu/modules/pam_motd/pam_motd.c

12

12

===================================================================

13

--- pam-1.1.0.orig/modules/pam_motd/pam_motd.c 2010-07-07 11:46:28.375352410 -0700

14

+++ pam-1.1.0/modules/pam_motd/pam_motd.c 2010-07-07 11:47:35.296210838 -0700

15

@@ -73,6 +73,74 @@

13

--- pam.ubuntu.orig/modules/pam_motd/pam_motd.c

14

+++ pam.ubuntu/modules/pam_motd/pam_motd.c

15

@@ -73,6 +73,61 @@

16

16

close(fd);

17

17

}

18

18

29

29

+ rc = pam_get_item(pamh, PAM_USER, &user);

30

30

+ if (rc == PAM_SUCCESS && user != NULL && *(const char *)user != '\0')

31

31

+ {

32

+ PAM_MODUTIL_DEF_PRIVS(privs);

33

+

32

34

+ /* Get the password entry */

33

35

+ pwd = pam_modutil_getpwnam (pamh, user);

34

36

+ if (pwd != NULL)

35

37

+ {

36

+ int old_uid = geteuid();

37

+ int old_gid = getegid();

38

+

39

+ if (pwd->pw_gid != old_gid && setregid(-1, pwd->pw_gid) < 0) {

40

+ pam_syslog(pamh, LOG_ERR,

41

+ "Unable to change GID to %d temporarily\n",

42

+ pwd->pw_gid);

43

+ retval = PAM_SESSION_ERR;

44

+ goto finished;

45

+ }

46

+ if (pwd->pw_uid != old_uid && setresuid(-1, pwd->pw_uid, old_uid) < 0) {

38

+ if (pam_modutil_drop_priv(pamh, &privs, pwd)) {

47

39

+ pam_syslog(pamh, LOG_ERR,

48

40

+ "Unable to change UID to %d temporarily\n",

49

41

+ pwd->pw_uid);

66

58

+ }

67

59

+

68

60

+finished:

69

+ if (pwd->pw_uid != old_uid && setreuid(-1, old_uid) < 0) {

70

+ pam_syslog(pamh, LOG_ERR,

71

+ "Unable to change UID back to %d\n", old_uid);

72

+ retval = PAM_SESSION_ERR;

73

+ }

74

+ if (pwd->pw_gid != old_gid && setregid(-1, old_gid) < 0) {

75

+ pam_syslog(pamh, LOG_ERR,

76

+ "Unable to change GID back to %d\n", old_gid);

61

+ if (pam_modutil_regain_priv(pamh, &privs)) {

62

+ pam_syslog(pamh, LOG_ERR,

63

+ "Unable to change UID back to %d\n", privs.old_uid);

77

64

+ retval = PAM_SESSION_ERR;

78

65

+ }

79

66

+

87

74

PAM_EXTERN

88

75

int pam_sm_open_session(pam_handle_t *pamh, int flags,

89

76

int argc, const char **argv)

90

@@ -116,6 +184,9 @@

77

@@ -116,6 +171,9 @@

91

78

/* Display the updated motd */

92

79

display_file(pamh, motd_path);

93

80

Older »