rpms/at/devel at-3.1.8-pam_fail_close_session.patch, NONE, 1.1 at.spec, 1.25, 1.26
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Apr 5 15:55:21 UTC 2005
- Previous message (by thread): rpms/mkinitrd/devel .cvsignore, 1.55, 1.56 mkinitrd.spec, 1.55, 1.56 sources, 1.57, 1.58
- Next message (by thread): rpms/amanda/devel amanda-2.4.4p4-bug144052.patch, NONE, 1.1 amanda.spec, 1.20, 1.21
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /cvs/dist/rpms/at/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv16114
Modified Files:
at.spec
Added Files:
at-3.1.8-pam_fail_close_session.patch
Log Message:
always call pam_close_session before pam_end
at-3.1.8-pam_fail_close_session.patch:
atd.c | 2 ++
perm.c | 2 ++
2 files changed, 4 insertions(+)
--- NEW FILE at-3.1.8-pam_fail_close_session.patch ---
--- at-3.1.8/atd.c.pam_fail_close_session 2005-04-05 11:26:54.325653000 -0400
+++ at-3.1.8/atd.c 2005-04-05 11:29:06.069777000 -0400
@@ -102,6 +102,7 @@
#define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \
fprintf(stderr,"\n%s\n",pam_strerror(pamh, retcode)); \
syslog(LOG_ERR,"%s",pam_strerror(pamh, retcode)); \
+ pam_close_session(pamh, PAM_SILENT); \
pam_end(pamh, retcode); exit(1); \
}
#endif
@@ -535,6 +536,7 @@
PRIV_END
#ifdef WITH_PAM
+ pam_close_session(pamh, PAM_SILENT);
pam_end(pamh, PAM_ABORT);
if ( ( nenvp != &nul ) && (pam_envp != 0L) && (*pam_envp != 0L))
{
--- at-3.1.8/perm.c.pam_fail_close_session 2005-04-05 11:26:54.403575000 -0400
+++ at-3.1.8/perm.c 2005-04-05 11:31:00.703029000 -0400
@@ -140,6 +140,7 @@
# define PAM_FAIL_CHECK if (retcode != PAM_SUCCESS) { \
fprintf(stderr,"PAM authentication failure: %s\n",pam_strerror(pamh, retcode)); \
+ pam_close_session(pamh,PAM_SILENT); \
pam_end(pamh, retcode); \
setregid(gid,egid); \
setreuid(uid,euid); \
@@ -156,6 +157,7 @@
retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED | PAM_SILENT);
PAM_FAIL_CHECK;
+ pam_close_session(pamh,PAM_SILENT);
pam_end(pamh, PAM_ABORT);
setregid(gid,egid);
Index: at.spec
===================================================================
RCS file: /cvs/dist/rpms/at/devel/at.spec,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- at.spec 8 Mar 2005 19:30:06 -0000 1.25
+++ at.spec 5 Apr 2005 15:55:18 -0000 1.26
@@ -7,7 +7,7 @@
Summary: Job spooling tools.
Name: at
Version: 3.1.8
-Release: 68_FC4
+Release: 70_FC4
License: GPL
Group: System Environment/Daemons
Source: http://ftp.debian.org/debian/pool/main/a/at/at_3.1.8-11.tar.gz
@@ -36,6 +36,8 @@
Patch26: at-3.1.8-fix_no_export.patch
Patch27: at-3.1.8-pam.patch
Patch28: at-3.1.8-pam_perms.patch
+Patch29: at-3.1.8-pam_fail_close_session.patch
+
Prereq: fileutils chkconfig /etc/init.d
BuildPrereq: flex bison autoconf
%if %{WITH_SELINUX}
@@ -100,6 +102,7 @@
%patch26 -p1 -b .fix_no_export
%patch27 -p1 -b .pam
%patch28 -p1 -b .pam_perms
+%patch29 -p1 -b .pam_fail_close_session
%build
# patch10 touches configure.in
@@ -187,6 +190,9 @@
%attr(4755,root,root) %{_bindir}/at
%changelog
+* Tue Apr 05 2005 Jason Vas Dias <jvdias at redhat.com> 3.1.8-70
+- always call pam_close_session on PAM_FAIL or pam_end
+
* Tue Mar 08 2005 Jason Vas Dias <jvdias at redhat.com> 3.1.8-68
- Put PAM authentication check in 'check_permissions()', so
- user can know when using at(1) if PAM permission is denied.
- Previous message (by thread): rpms/mkinitrd/devel .cvsignore, 1.55, 1.56 mkinitrd.spec, 1.55, 1.56 sources, 1.57, 1.58
- Next message (by thread): rpms/amanda/devel amanda-2.4.4p4-bug144052.patch, NONE, 1.1 amanda.spec, 1.20, 1.21
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list