[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

rpms/pam/FC-4 pam-0.79-selinux-nofail.patch, NONE, 1.1 pam.spec, 1.81, 1.82

From: fedora-cvs-commits redhat com
To: fedora-cvs-commits redhat com
Subject: rpms/pam/FC-4 pam-0.79-selinux-nofail.patch, NONE, 1.1 pam.spec, 1.81, 1.82
Date: Tue, 19 Jul 2005 05:16:38 -0400

Author: tmraz

Update of /cvs/dist/rpms/pam/FC-4
In directory cvs.devel.redhat.com:/tmp/cvs-serv6285

Modified Files:
	pam.spec 
Added Files:
	pam-0.79-selinux-nofail.patch 
Log Message:
* Tue Jul 19 2005 Tomas Mraz <tmraz redhat com> 0.79-9.2
- fixed module tests so the pam doesn't require itself to build (#163502)
- added buildprereq for building the documentation (#163503)
- pam_selinux module shouldn't fail on broken configs unless
  policy is set to enforcing (Dan Walsh)


pam-0.79-selinux-nofail.patch:
 pam_selinux.c |   23 +++++++++++++++++------
 1 files changed, 17 insertions(+), 6 deletions(-)

--- NEW FILE pam-0.79-selinux-nofail.patch ---
--- Linux-PAM-0.79/modules/pam_selinux/pam_selinux.c.nofail	2005-07-19 11:09:04.000000000 +0200
+++ Linux-PAM-0.79/modules/pam_selinux/pam_selinux.c	2005-07-19 11:13:39.000000000 +0200
@@ -425,12 +425,21 @@
     if (has_tty) {
       user_context = manual_context(pamh,username,debug);
       if (user_context == NULL) {
-	syslog (LOG_ERR, _("Unable to get valid context for %s"), username);
-	return PAM_AUTH_ERR;
+	syslog (LOG_ERR, _("Unable to get valid context for %s"),
+		username);
+	if (security_getenforce() == 1)
+	  return PAM_AUTH_ERR;
+	else
+	  return PAM_SUCCESS;
       }
     } else {
-	syslog (LOG_ERR, _("Unable to get valid context for %s, No valid tty"), username);
-	return PAM_AUTH_ERR;
+	syslog (LOG_ERR,
+		_("Unable to get valid context for %s, No valid tty"),
+		username);
+	if (security_getenforce() == 1)
+	  return PAM_AUTH_ERR;
+	else
+	  return PAM_SUCCESS;
     }
   }
   if (getexeccon(&prev_user_context)<0) {
@@ -467,8 +476,10 @@
   if (ret) {
     syslog(LOG_ERR, _("Error!  Unable to set %s executable context %s."),
            username, user_context);
-    freecon(user_context);
-    return PAM_AUTH_ERR;
+    if (security_getenforce() == 1) {
+      freecon(user_context);
+      return PAM_AUTH_ERR;
+    }
   } else {
     if (debug)
       syslog(LOG_NOTICE, _("%s: set %s security context to %s"),MODULE, 


Index: pam.spec
===================================================================
RCS file: /cvs/dist/rpms/pam/FC-4/pam.spec,v
retrieving revision 1.81
retrieving revision 1.82
diff -u -r1.81 -r1.82
--- pam.spec	19 Jul 2005 09:07:57 -0000	1.81
+++ pam.spec	19 Jul 2005 09:16:35 -0000	1.82
@@ -30,7 +30,7 @@
 Patch34: pam-0.77-dbpam.patch
 Patch60: pam-0.78-selinux.patch
 Patch61: pam-pwdbselinux.patch
-Patch62: pam-0.80-selinux-nofail.patch
+Patch62: pam-0.79-selinux-nofail.patch
 Patch65: pam-0.77-audit.patch
 Patch70: pam-0.79-tally-null-data.patch
 Patch71: pam-0.79-unix-nis.patch

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]