pam/pam-0.99.6.2-selinux-drop-multiple.patch

126 lines
3.6 KiB
Diff
Raw Normal View History

--- Linux-PAM-0.99.6.2/modules/pam_selinux/pam_selinux.8.xml.drop-multiple 2006-06-18 10:26:59.000000000 +0200
+++ Linux-PAM-0.99.6.2/modules/pam_selinux/pam_selinux.8.xml 2006-11-10 17:47:16.000000000 +0100
@@ -25,9 +25,6 @@
debug
</arg>
<arg choice="opt">
- multiple
- </arg>
- <arg choice="opt">
open
</arg>
<arg choice="opt">
@@ -93,18 +90,6 @@
</varlistentry>
<varlistentry>
<term>
- <option>multiple</option>
- </term>
- <listitem>
- <para>
- Tells pam_selinux.so to allow the user to select the
- security context they will login with, if the user has
- more than one role.
- </para>
- </listitem>
- </varlistentry>
- <varlistentry>
- <term>
<option>open</option>
</term>
<listitem>
--- Linux-PAM-0.99.6.2/modules/pam_selinux/pam_selinux.c.drop-multiple 2006-11-10 17:44:33.000000000 +0100
+++ Linux-PAM-0.99.6.2/modules/pam_selinux/pam_selinux.c 2006-11-10 17:44:33.000000000 +0100
@@ -89,56 +89,6 @@
}
static security_context_t
-select_context (pam_handle_t *pamh, security_context_t* contextlist,
- int debug)
-{
- char *responses;
- char *text=calloc(PATH_MAX,1);
-
- if (text == NULL)
- return (security_context_t) strdup(contextlist[0]);
-
- snprintf(text, PATH_MAX,
- _("Your default context is %s. \n"), contextlist[0]);
- send_text(pamh,text,debug);
- free(text);
- query_response(pamh,_("Do you want to choose a different one? [n]"),
- &responses,debug);
- if (responses && ((responses[0] == 'y') ||
- (responses[0] == 'Y')))
- {
- int choice=0;
- int i;
- const char *prompt=_("Enter number of choice: ");
- int len=strlen(prompt);
- char buf[PATH_MAX];
-
- _pam_drop(responses);
- for (i = 0; contextlist[i]; i++) {
- len+=strlen(contextlist[i]) + 10;
- }
- text=calloc(len,1);
- for (i = 0; contextlist[i]; i++) {
- snprintf(buf, PATH_MAX,
- "[%d] %s\n", i+1, contextlist[i]);
- strncat(text,buf,len);
- }
- strcat(text,prompt);
- while ((choice < 1) || (choice > i)) {
- query_response(pamh,text,&responses,debug);
- choice = strtol (responses, NULL, 10);
- _pam_drop(responses);
- }
- free(text);
- return (security_context_t) strdup(contextlist[choice-1]);
- }
- else if (responses)
- _pam_drop(responses);
-
- return (security_context_t) strdup(contextlist[0]);
-}
-
-static security_context_t
manual_context (pam_handle_t *pamh, const char *user, int debug)
{
security_context_t newcon;
@@ -322,7 +272,7 @@
int argc, const char **argv)
{
int i, debug = 0, ttys=1, has_tty=isatty(0);
- int verbose=0, multiple=0, close_session=0;
+ int verbose=0, close_session=0;
int ret = 0;
security_context_t* contextlist = NULL;
int num_contexts = 0;
@@ -342,9 +292,6 @@
if (strcmp(argv[i], "verbose") == 0) {
verbose = 1;
}
- if (strcmp(argv[i], "multiple") == 0) {
- multiple = 1;
- }
if (strcmp(argv[i], "close") == 0) {
close_session = 1;
}
@@ -377,13 +324,8 @@
free(level);
}
if (num_contexts > 0) {
- if (multiple && (num_contexts > 1) && has_tty) {
- user_context = select_context(pamh,contextlist, debug);
- freeconary(contextlist);
- } else {
- user_context = (security_context_t) strdup(contextlist[0]);
- freeconary(contextlist);
- }
+ user_context = (security_context_t) strdup(contextlist[0]);
+ freeconary(contextlist);
} else {
if (has_tty) {
user_context = manual_context(pamh,username,debug);