Add support for a sudo-i pam.d file to be used for "sudo -i".

Adapted from a RedHat patch.
2010-07-12 17:57:53 -04:00
parent 684d1fd9f7
commit d9de7b5f8e
7 changed files with 65 additions and 20 deletions
--- a/plugins/sudoers/auth/pam.c
+++ b/plugins/sudoers/auth/pam.c
@@ -90,7 +90,12 @@ pam_init(struct passwd *pw, char **promptp, sudo_auth *auth)
    if (auth != NULL)
 	auth->data = (void *) &pam_status;
    pam_conv.conv = converse;
-    pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
+#ifdef HAVE_PAM_LOGIN
+    if (ISSET(sudo_mode, MODE_LOGIN_SHELL))
+	pam_status = pam_start("sudo-i", pw->pw_name, &pam_conv, &pamh);
+    else
+#endif
+	pam_status = pam_start("sudo", pw->pw_name, &pam_conv, &pamh);
    if (pam_status != PAM_SUCCESS) {
 	log_error(USE_ERRNO|NO_EXIT|NO_MAIL, "unable to initialize PAM");
 	return(AUTH_FATAL);