check for NULL pamh on two more places (#1176215)
This commit is contained in:
Tomas Mraz
parent
bc9aef5aa3
commit
fc778cf11f
@ -12,7 +12,7 @@ index 22571ff..d165a06 100644
|
||||
"You (%s) are not allowed to access to (%s) because of pam configuration.\n",
|
||||
User, ProgramName);
|
||||
diff --git a/src/security.c b/src/security.c
|
||||
index 4eee004..079ea2a 100644
|
||||
index 4eee004..1668890 100644
|
||||
--- a/src/security.c
|
||||
+++ b/src/security.c
|
||||
@@ -88,6 +88,7 @@ static int cron_open_pam_session(struct passwd *pw);
|
||||
@ -54,6 +54,51 @@ index 4eee004..079ea2a 100644
|
||||
#endif
|
||||
}
|
||||
|
||||
@@ -243,7 +248,9 @@ int cron_change_groups(struct passwd *pw) {
|
||||
#if defined(WITH_PAM)
|
||||
/* credentials may take form of supplementary groups so reinitialize
|
||||
* them here */
|
||||
- pam_setcred(pamh, PAM_REINITIALIZE_CRED | PAM_SILENT);
|
||||
+ if (pamh != NULL) {
|
||||
+ pam_setcred(pamh, PAM_REINITIALIZE_CRED | PAM_SILENT);
|
||||
+ }
|
||||
#endif
|
||||
|
||||
return 0;
|
||||
@@ -614,18 +621,19 @@ int crontab_security_access(void) {
|
||||
* crontab environment
|
||||
*/
|
||||
static char **build_env(char **cronenv) {
|
||||
+ char **jobenv;
|
||||
#ifdef WITH_PAM
|
||||
- char **jobenv = pam_getenvlist(pamh);
|
||||
char *cronvar;
|
||||
int count = 0;
|
||||
|
||||
- if (jobenv == NULL) {
|
||||
- jobenv = env_init();
|
||||
- if (jobenv == NULL) {
|
||||
+ if (pamh == NULL || (jobenv=pam_getenvlist(pamh)) == NULL) {
|
||||
+#endif
|
||||
+ jobenv = env_copy(cronenv);
|
||||
+ if (jobenv == NULL)
|
||||
log_it("CRON", getpid(),
|
||||
"ERROR", "Initialization of cron environment variables failed", 0);
|
||||
- return NULL;
|
||||
- }
|
||||
+ return jobenv;
|
||||
+#ifdef WITH_PAM
|
||||
}
|
||||
|
||||
/* Now add the cron environment variables. Since env_set()
|
||||
@@ -640,7 +648,5 @@ static char **build_env(char **cronenv) {
|
||||
}
|
||||
}
|
||||
return jobenv;
|
||||
-#else
|
||||
- return env_copy(cronenv);
|
||||
#endif
|
||||
}
|
||||
diff --git a/src/structs.h b/src/structs.h
|
||||
index 272777a..6d3c15b 100644
|
||||
--- a/src/structs.h
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
Summary: Cron daemon for executing programs at set times
|
||||
Name: cronie
|
||||
Version: 1.4.12
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
License: MIT and BSD and ISC and GPLv2+
|
||||
Group: System Environment/Base
|
||||
URL: https://fedorahosted.org/cronie
|
||||
@ -205,6 +205,9 @@ exit 0
|
||||
%attr(0644,root,root) %{_sysconfdir}/cron.d/dailyjobs
|
||||
|
||||
%changelog
|
||||
* Fri Jan 2 2015 Tomáš Mráz <tmraz@redhat.com> - 1.4.12-4
|
||||
- check for NULL pamh on two more places (#1176215)
|
||||
|
||||
* Tue Dec 2 2014 Tomáš Mráz <tmraz@redhat.com> - 1.4.12-3
|
||||
- call PAM only for non-root user or non-system crontabs (#956157)
|
||||
- bypass the PAM check in crontab for root (#1169175)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user