From d352636553bf85e21c697eca2e6873e78862576e Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Fri, 23 Jan 2004 14:16:26 +1100
Subject: [PATCH]  - (djm) Do pam_session processing for systems with
 HAVE_LOGIN_CAP; from    ralf.hack AT pipex.net; ok dtucker@

---
 ChangeLog | 6 +++++-
 session.c | 6 ++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 12a7f6a1b..4d9d9faa4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+20040123 
+ - (djm) Do pam_session processing for systems with HAVE_LOGIN_CAP; from 
+   ralf.hack AT pipex.net; ok dtucker@
+
 20040122
  - (dtucker) [configure.ac] Use krb5-config where available for Kerberos/
    GSSAPI detection, libs and includes.  ok djm@
@@ -1709,4 +1713,4 @@
  - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
    Report from murple@murple.net, diagnosis from dtucker@zip.com.au
 
-$Id: ChangeLog,v 1.3180 2004/01/23 00:10:03 tim Exp $
+$Id: ChangeLog,v 1.3181 2004/01/23 03:16:26 djm Exp $
diff --git a/session.c b/session.c
index 6a1cb7841..947ba5eff 100644
--- a/session.c
+++ b/session.c
@@ -1243,6 +1243,12 @@ do_setusercontext(struct passwd *pw)
 # ifdef __bsdi__
 		setpgid(0, 0);
 # endif
+# ifdef USE_PAM
+		if (options.use_pam) {
+			do_pam_session();
+			do_pam_setcred(0);
+		}
+# endif /* USE_PAM */
 		if (setusercontext(lc, pw, pw->pw_uid,
 		    (LOGIN_SETALL & ~LOGIN_SETPATH)) < 0) {
 			perror("unable to set user context");