From ff793a27b8615f500e59811fa1c43eda909c35e6 Mon Sep 17 00:00:00 2001 From: Kevin Steves Date: Wed, 21 Feb 2001 16:36:51 +0000 Subject: [PATCH] - (stevesk) session.c: back out to where we were before: - (djm) Move PAM session initialisation until after fork in sshd. Patch from Nalin Dahyabhai --- ChangeLog | 5 ++++- session.c | 14 +++++++++----- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index a28670feb..f1bf2250a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -6,6 +6,9 @@ breaks Solaris. - (djm) Move PAM session setup back to before setuid to user. fixes problems on Solaris-drived PAMs. + - (stevesk) session.c: back out to where we were before: + - (djm) Move PAM session initialisation until after fork in sshd. Patch + from Nalin Dahyabhai 20010220 - (bal) Fix mixed up params to memmove() from Jan 5th in setenv.c and @@ -4087,4 +4090,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.808 2001/02/21 05:53:33 mouring Exp $ +$Id: ChangeLog,v 1.809 2001/02/21 16:36:51 stevesk Exp $ diff --git a/session.c b/session.c index de8127f79..d771edb7a 100644 --- a/session.c +++ b/session.c @@ -481,6 +481,10 @@ do_exec_no_pty(Session *s, const char *command, struct passwd * pw) session_proctitle(s); +#ifdef USE_PAM + do_pam_setcred(); +#endif /* USE_PAM */ + /* Fork the child. */ if ((pid = fork()) == 0) { /* Child. Reinitialize the log since the pid has changed. */ @@ -593,6 +597,11 @@ do_exec_pty(Session *s, const char *command, struct passwd * pw) ptyfd = s->ptyfd; ttyfd = s->ttyfd; +#ifdef USE_PAM + do_pam_session(pw->pw_name, s->tty); + do_pam_setcred(); +#endif /* USE_PAM */ + /* Fork the child. */ if ((pid = fork()) == 0) { /* Child. Reinitialize the log because the pid has changed. */ @@ -1143,11 +1152,6 @@ do_child(const char *command, struct passwd * pw, const char *term, shell = login_getcapstr(lc, "shell", (char *)shell, (char *)shell); #endif -#ifdef USE_PAM - do_pam_session(pw->pw_name, ttyname); - do_pam_setcred(); -#endif /* USE_PAM */ - #ifdef AFS /* Try to get AFS tokens for the local cell. */ if (k_hasafs()) {