Mercurial Mercurial > upstream > oracle > userland-gate / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
19925516 proftpd unable to authenticate user after first failed attempt s11u2-sru
authorTomas Klacko <tomas.klacko@oracle.com>
Tue, 27 Jan 2015 04:31:27 -0800
branchs11u2-sru
changeset 3690 f3b44cfb95a9
parent 3664 16b3eb5fe9c6
child 3692 02f36e5121c0
19925516 proftpd unable to authenticate user after first failed attempt
components/proftpd/mod_solaris_priv.c file | annotate | diff | comparison | revisions 
--- a/components/proftpd/mod_solaris_priv.c	Wed Jan 21 12:02:00 2015 -0800
+++ b/components/proftpd/mod_solaris_priv.c	Tue Jan 27 04:31:27 2015 -0800
@@ -2,7 +2,7 @@
  * ProFTPD - FTP server daemon
  * Copyright (c) 1997, 1998 Public Flood Software
  * Copyright (c) 2003-2010 The ProFTPD Project team
- * Copyright (c) 2011, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2015, Oracle and/or its affiliates. All rights reserved.
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -242,59 +242,50 @@
   return PR_DECLINED(cmd);
 }
 
-static void log_err_permitted(const char* fn) {
-  pr_log_pri(PR_LOG_ERR, MOD_SOLARIS_PRIV_VERSION ": %s(%s): %s",
-    fn, "permitted", strerror(errno));
-}
-
 static void log_err_effective(const char* fn) {
   pr_log_pri(PR_LOG_ERR, MOD_SOLARIS_PRIV_VERSION ": %s(%s): %s",
     fn, "effective", strerror(errno));
 }
 
 MODRET solaris_priv_post_fail(cmd_rec *cmd) {
-  priv_set_t* permitted_set = NULL;
   priv_set_t* effective_set = NULL;
 
-  if ((permitted_set = priv_allocset()) == NULL) {
-    log_err_permitted("priv_allocset");
-    goto out;
-  }
   if ((effective_set = priv_allocset()) == NULL) {
     log_err_effective("priv_allocset");
     goto out;
   }
 
-  if (getppriv(PRIV_PERMITTED, permitted_set) != 0) {
-    log_err_permitted("getppriv");
-    goto out;
-  }
   if (getppriv(PRIV_EFFECTIVE, effective_set) != 0) {
     log_err_effective("getppriv");
     goto out;
   }
 
-  if (priv_addset(permitted_set, PRIV_PROC_AUDIT) != 0) {
-    log_err_permitted("priv_addset");
-    goto out;
-  }
   if (priv_addset(effective_set, PRIV_PROC_AUDIT) != 0) {
     log_err_effective("priv_addset");
     goto out;
   }
 
-  if (setppriv(PRIV_SET, PRIV_PERMITTED, permitted_set) != 0) {
-    log_err_permitted("setppriv");
+  if (priv_addset(effective_set, PRIV_SYS_AUDIT) != 0) {
+    log_err_effective("priv_addset");
     goto out;
   }
+
+  if (priv_addset(effective_set, PRIV_PROC_SETID) != 0) {
+    log_err_effective("priv_addset");
+    goto out;
+  }
+
+  if (priv_addset(effective_set, PRIV_PROC_TASKID) != 0) {
+    log_err_effective("priv_addset");
+    goto out;
+  }
+
   if (setppriv(PRIV_SET, PRIV_EFFECTIVE, effective_set) != 0) {
     log_err_effective("setppriv");
     goto out;
   }
 
 out:
-  if (permitted_set != NULL)
-    priv_freeset(permitted_set);
   if (effective_set != NULL)
     priv_freeset(effective_set);
upstream/oracle/userland-gate