4f2fe36b29
- move setgid before setuid in pam_keyinit (#212329) - make username check in pam_unix consistent with useradd (#212153)
126 lines
3.6 KiB
Diff
126 lines
3.6 KiB
Diff
--- Linux-PAM-0.99.6.2/modules/pam_selinux/pam_selinux.8.xml.drop-multiple 2006-06-18 10:26:59.000000000 +0200
|
|
+++ Linux-PAM-0.99.6.2/modules/pam_selinux/pam_selinux.8.xml 2006-11-10 17:47:16.000000000 +0100
|
|
@@ -25,9 +25,6 @@
|
|
debug
|
|
</arg>
|
|
<arg choice="opt">
|
|
- multiple
|
|
- </arg>
|
|
- <arg choice="opt">
|
|
open
|
|
</arg>
|
|
<arg choice="opt">
|
|
@@ -93,18 +90,6 @@
|
|
</varlistentry>
|
|
<varlistentry>
|
|
<term>
|
|
- <option>multiple</option>
|
|
- </term>
|
|
- <listitem>
|
|
- <para>
|
|
- Tells pam_selinux.so to allow the user to select the
|
|
- security context they will login with, if the user has
|
|
- more than one role.
|
|
- </para>
|
|
- </listitem>
|
|
- </varlistentry>
|
|
- <varlistentry>
|
|
- <term>
|
|
<option>open</option>
|
|
</term>
|
|
<listitem>
|
|
--- Linux-PAM-0.99.6.2/modules/pam_selinux/pam_selinux.c.drop-multiple 2006-11-10 17:44:33.000000000 +0100
|
|
+++ Linux-PAM-0.99.6.2/modules/pam_selinux/pam_selinux.c 2006-11-10 17:44:33.000000000 +0100
|
|
@@ -89,56 +89,6 @@
|
|
}
|
|
|
|
static security_context_t
|
|
-select_context (pam_handle_t *pamh, security_context_t* contextlist,
|
|
- int debug)
|
|
-{
|
|
- char *responses;
|
|
- char *text=calloc(PATH_MAX,1);
|
|
-
|
|
- if (text == NULL)
|
|
- return (security_context_t) strdup(contextlist[0]);
|
|
-
|
|
- snprintf(text, PATH_MAX,
|
|
- _("Your default context is %s. \n"), contextlist[0]);
|
|
- send_text(pamh,text,debug);
|
|
- free(text);
|
|
- query_response(pamh,_("Do you want to choose a different one? [n]"),
|
|
- &responses,debug);
|
|
- if (responses && ((responses[0] == 'y') ||
|
|
- (responses[0] == 'Y')))
|
|
- {
|
|
- int choice=0;
|
|
- int i;
|
|
- const char *prompt=_("Enter number of choice: ");
|
|
- int len=strlen(prompt);
|
|
- char buf[PATH_MAX];
|
|
-
|
|
- _pam_drop(responses);
|
|
- for (i = 0; contextlist[i]; i++) {
|
|
- len+=strlen(contextlist[i]) + 10;
|
|
- }
|
|
- text=calloc(len,1);
|
|
- for (i = 0; contextlist[i]; i++) {
|
|
- snprintf(buf, PATH_MAX,
|
|
- "[%d] %s\n", i+1, contextlist[i]);
|
|
- strncat(text,buf,len);
|
|
- }
|
|
- strcat(text,prompt);
|
|
- while ((choice < 1) || (choice > i)) {
|
|
- query_response(pamh,text,&responses,debug);
|
|
- choice = strtol (responses, NULL, 10);
|
|
- _pam_drop(responses);
|
|
- }
|
|
- free(text);
|
|
- return (security_context_t) strdup(contextlist[choice-1]);
|
|
- }
|
|
- else if (responses)
|
|
- _pam_drop(responses);
|
|
-
|
|
- return (security_context_t) strdup(contextlist[0]);
|
|
-}
|
|
-
|
|
-static security_context_t
|
|
manual_context (pam_handle_t *pamh, const char *user, int debug)
|
|
{
|
|
security_context_t newcon;
|
|
@@ -322,7 +272,7 @@
|
|
int argc, const char **argv)
|
|
{
|
|
int i, debug = 0, ttys=1, has_tty=isatty(0);
|
|
- int verbose=0, multiple=0, close_session=0;
|
|
+ int verbose=0, close_session=0;
|
|
int ret = 0;
|
|
security_context_t* contextlist = NULL;
|
|
int num_contexts = 0;
|
|
@@ -342,9 +292,6 @@
|
|
if (strcmp(argv[i], "verbose") == 0) {
|
|
verbose = 1;
|
|
}
|
|
- if (strcmp(argv[i], "multiple") == 0) {
|
|
- multiple = 1;
|
|
- }
|
|
if (strcmp(argv[i], "close") == 0) {
|
|
close_session = 1;
|
|
}
|
|
@@ -377,13 +324,8 @@
|
|
free(level);
|
|
}
|
|
if (num_contexts > 0) {
|
|
- if (multiple && (num_contexts > 1) && has_tty) {
|
|
- user_context = select_context(pamh,contextlist, debug);
|
|
- freeconary(contextlist);
|
|
- } else {
|
|
- user_context = (security_context_t) strdup(contextlist[0]);
|
|
- freeconary(contextlist);
|
|
- }
|
|
+ user_context = (security_context_t) strdup(contextlist[0]);
|
|
+ freeconary(contextlist);
|
|
} else {
|
|
if (has_tty) {
|
|
user_context = manual_context(pamh,username,debug);
|