isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add open/close session to sudo auth, only used by PAM.

Browse Source 
This allows us to open (and close) the PAM session from sudoers.
This commit is contained in:
Todd C. Miller
2010-05-26 17:57:47 -04:00
parent a0646aa4ad
commit 27be96c9cd
6 changed files with 94 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
plugins/sudoers/sudoers.c
View File

@@ -276,6 +276,7 @@ sudoers_policy_close(int exit_status, int error_code)
/* We do not currently log the exit status. */
if (error_code)
warningx("unable to execute %s: %s", safe_cmnd, strerror(error_code));
end_session();
}
static int
@@ -627,6 +628,15 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
restore_perms();
/*
* Ideally we would like to do session setup (currently only PAM)
* from inside sudo itself, but this should be close enough.
*/
if (ISSET(sudo_mode, MODE_RUN))
rval = begin_session(runas_pw);
if (ISSET(sudo_mode, MODE_EDIT))
rval = begin_session(sudo_user.pw);
done:
return rval;
}