From 6b4146ad739da603a298474db67824532508c3b8 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 14 Feb 2001 00:45:51 +1100 Subject: [PATCH] - (djm) Move PAM session initialisation until after fork in sshd. Patch from Nalin Dahyabhai --- ChangeLog | 4 +++- session.c | 14 +++++--------- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/ChangeLog b/ChangeLog index 20ebaa3c9..ea8215ae1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,8 @@ - (djm) Don't try to close PAM session or delete credentials if the session has not been open or credentials not set. Based on patch from Andrew Bartlett + - (djm) Move PAM session initialisation until after fork in sshd. Patch + from Nalin Dahyabhai 20010213 - (djm) Only test -S potential EGD sockets if they exist and are readable. @@ -3918,4 +3920,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.755 2001/02/13 13:43:55 djm Exp $ +$Id: ChangeLog,v 1.756 2001/02/13 13:45:51 djm Exp $ diff --git a/session.c b/session.c index 9b860c29e..7319df3d1 100644 --- a/session.c +++ b/session.c @@ -484,10 +484,6 @@ do_exec_no_pty(Session *s, const char *command, struct passwd * pw) session_proctitle(s); -#ifdef USE_PAM - do_pam_setcred(); -#endif /* USE_PAM */ - /* Fork the child. */ if ((pid = fork()) == 0) { /* Child. Reinitialize the log since the pid has changed. */ @@ -600,11 +596,6 @@ do_exec_pty(Session *s, const char *command, struct passwd * pw) ptyfd = s->ptyfd; ttyfd = s->ttyfd; -#ifdef USE_PAM - do_pam_session(pw->pw_name, s->tty); - do_pam_setcred(); -#endif /* USE_PAM */ - /* Fork the child. */ if ((pid = fork()) == 0) { /* Child. Reinitialize the log because the pid has changed. */ @@ -1156,6 +1147,11 @@ do_child(const char *command, struct passwd * pw, const char *term, shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); #endif +#ifdef USE_PAM + do_pam_session(pw->pw_name, ttyname); + do_pam_setcred(); +#endif /* USE_PAM */ + #ifdef AFS /* Try to get AFS tokens for the local cell. */ if (k_hasafs()) {