Todd C. Miller
bceb5df158
Modify the authentication API such that the init and cleanup functions
...
are always called, regardless of whether or not we are going to
verify a password. This is needed for proper PAM session support.
2011-09-27 13:18:46 -04:00
Todd C. Miller
c5f8dc95c6
Fix a PAM_USER mismatch in session open/close. We update PAM_USER
...
to the target user immediately before setting resource limits, which
is after the monitor process has forked (so it has the old value).
Also, if the user did not authenticate, there is no pamh in the
monitor so we need to init pam here too. This means we end up
calling pam_start() twice, which should be fixed, but at least the
session is always properly closed now.
2011-09-27 11:13:44 -04:00
Todd C. Miller
96cb890d53
No need to look up shadow password unless we are doing password-style
...
authentication. This moves the shadow password lookup to the auth
functions that need it.
2010-08-06 13:55:33 -04:00
Todd C. Miller
b72a530fd0
Update copyright year
2010-06-14 12:19:49 -04:00
Todd C. Miller
b2ed46652b
Clean up the sudoers auth API a bit and update the docs.
2010-05-27 14:53:11 -04:00
Todd C. Miller
27be96c9cd
Add open/close session to sudo auth, only used by PAM.
...
This allows us to open (and close) the PAM session from sudoers.
2010-05-26 17:57:47 -04:00
Todd C. Miller
d5ae4c7d87
Kill __P in sudoers
2010-03-17 19:56:27 -04:00
Todd C. Miller
9b0205846b
Initial bits of sudoers plugin; still needs work.
2010-03-14 19:58:47 -04:00
Todd C. Miller
e90fa482f9
Rework source layout in preparation for modular sudo.
2010-02-20 09:14:01 -05:00
