upstream/oracle/userland-gate: components/sudo/patches/02-pam

1790 5185544d0b6e 16446717 add Solaris adt_() auditing to sudo April Chin <april.chin@oracle.com>* parents: 1518 diff changeset	1	Fix for
5185544d0b6e 16446717 add Solaris adt_() auditing to sudo April Chin <april.chin@oracle.com>* parents: 1518 diff changeset	2	17617070 sudo does not use pam_setcred correctly to set the audit context
5185544d0b6e 16446717 add Solaris adt_() auditing to sudo April Chin <april.chin@oracle.com>* parents: 1518 diff changeset	3
5185544d0b6e 16446717 add Solaris adt_() auditing to sudo April Chin <april.chin@oracle.com>* parents: 1518 diff changeset	4	This fix will be submitted upstream to the latest sudo release,
5185544d0b6e 16446717 add Solaris adt_() auditing to sudo April Chin <april.chin@oracle.com>* parents: 1518 diff changeset	5	currently 1.8.10p2.
5185544d0b6e 16446717 add Solaris adt_() auditing to sudo April Chin <april.chin@oracle.com>* parents: 1518 diff changeset	6
1518 4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	7	diff -ru sudo-1.8.6p7-orig//plugins/sudoers/auth/pam.c sudo-1.8.6p7/plugins/sudoers/auth/pam.c
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	8	--- sudo-1.8.6p7-orig//plugins/sudoers/auth/pam.c Mon Feb 25 11:42:44 2013
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	9	+++ sudo-1.8.6p7/plugins/sudoers/auth/pam.c Mon Oct 21 13:32:27 2013
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	10	@@ -229,8 +229,10 @@
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	11	* for the setcred module. Because we haven't called pam_authenticate(),
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	12	* this is not set and so pam_setcred() returns PAM_PERM_DENIED.
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	13	* We can't call pam_acct_mgmt() with Linux-PAM for a similar reason.
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	14	+ *
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	15	+ * Reinitialize credentials when changing a user.
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	16	*/
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	17	- (void) pam_setcred(pamh, PAM_ESTABLISH_CRED);
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	18	+ (void) pam_setcred(pamh, PAM_REINITIALIZE_CRED);
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	19
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	20	#ifdef HAVE_PAM_GETENVLIST
4dc3f734af5e 17617070 sudo does not use pam_setcred correctly to set the audit context. April Chin <april.chin@oracle.com> parents: diff changeset	21	/*

author	April Chin <april.chin@oracle.com>
	Tue, 25 Mar 2014 21:42:23 -0700
changeset 1790	5185544d0b6e
parent 1518	components/sudo/patches/pam_setcred.patch@4dc3f734af5e
child 1830	93243cb310c5
permissions	-rw-r--r--