New upstream version 1.3.0

1 files changed, 7 insertions, 17 deletions

diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c
index e0d5e30b..d02ea09e 100644
--- a/modules/pam_namespace/pam_namespace.c
+++ b/modules/pam_namespace/pam_namespace.c
@@ -1205,6 +1205,11 @@ static int inst_init(const struct polydir_s *polyptr, const char *ipath,
 						_exit(1);
 				}
 #endif
+				/* Pass maximum privs when we exec() */
+				if (setuid(geteuid()) < 0) {
+					/* ignore failures, they don't matter */
+				}
+
 				if (execle(init_script, init_script,
 					polyptr->dir, ipath, newdir?"1":"0", idata->user, NULL, envp) < 0)
 					_exit(1);
@@ -2003,7 +2008,7 @@ static int get_user_data(struct instance_data *idata)
 /*
  * Entry point from pam_open_session call.
  */
-PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
+int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
                                    int argc, const char **argv)
 {
     int i, retval;
@@ -2099,7 +2104,7 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
 /*
  * Entry point from pam_close_session call.
  */
-PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
+int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
                                     int argc, const char **argv)
 {
     int i, retval;
@@ -2178,18 +2183,3 @@ PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
 
     return PAM_SUCCESS;
 }
-
-#ifdef PAM_STATIC
-
-/* static module data */
-
-struct pam_module _pam_namespace_modstruct = {
-     "pam_namespace",
-     NULL,
-     NULL,
-     NULL,
-     pam_sm_open_session,
-     pam_sm_close_session,
-     NULL
-};
-#endif