diff options
| author | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 21:22:21 -0800 |
|---|---|---|
| committer | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 21:22:45 -0800 |
| commit | 795badba7f95e737f979917859cd32c9bd47bcad (patch) | |
| tree | 212a6a00baa11e9d0ca7bc27b12420d1dce6f07c /modules/pam_namespace/pam_namespace.h | |
| parent | c55c14c5c6762139ec6695d84ea0e2e917da5264 (diff) | |
| parent | ba315ae8effdcad591608c99452dad05c4cf20ab (diff) | |
| download | pam-795badba7f95e737f979917859cd32c9bd47bcad.tar.gz pam-795badba7f95e737f979917859cd32c9bd47bcad.tar.bz2 pam-795badba7f95e737f979917859cd32c9bd47bcad.zip | |
New upstream version 1.1.8
Diffstat (limited to 'modules/pam_namespace/pam_namespace.h')
| -rw-r--r-- | modules/pam_namespace/pam_namespace.h | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/modules/pam_namespace/pam_namespace.h b/modules/pam_namespace/pam_namespace.h index c49995c0..47ebcc33 100644 --- a/modules/pam_namespace/pam_namespace.h +++ b/modules/pam_namespace/pam_namespace.h @@ -1,5 +1,5 @@ /****************************************************************************** - * A module for Linux-PAM that will set the default namespace after + * A module for Linux-PAM that will set the default namespace after * establishing a session via PAM. * * (C) Copyright IBM Corporation 2005 @@ -81,6 +81,10 @@ #ifndef MS_PRIVATE #define MS_PRIVATE (1<<18) #endif +#ifndef MS_SLAVE +#define MS_SLAVE (1<<19) +#endif + /* * Module defines @@ -101,7 +105,7 @@ #define PAMNS_GEN_HASH 0x00002000 /* Generate md5 hash for inst names */ #define PAMNS_IGN_CONFIG_ERR 0x00004000 /* Ignore format error in conf file */ #define PAMNS_IGN_INST_PARENT_MODE 0x00008000 /* Ignore instance parent mode */ -#define PAMNS_NO_UNMOUNT_ON_CLOSE 0x00010000 /* no unmount at session close */ +#define PAMNS_UNMOUNT_ON_CLOSE 0x00010000 /* Unmount at session close */ #define PAMNS_USE_CURRENT_CONTEXT 0x00020000 /* use getcon instead of getexeccon */ #define PAMNS_USE_DEFAULT_CONTEXT 0x00040000 /* use get_default_context instead of getexeccon */ #define PAMNS_MOUNT_PRIVATE 0x00080000 /* Make the polydir mounts private */ @@ -112,6 +116,7 @@ #define POLYDIR_NOINIT 0x00000004 /* no init script */ #define POLYDIR_SHARED 0x00000008 /* share context/level instances among users */ #define POLYDIR_ISCRIPT 0x00000010 /* non default init script */ +#define POLYDIR_MNTOPTS 0x00000020 /* mount options for tmpfs mount */ #define NAMESPACE_MAX_DIR_LEN 80 @@ -134,9 +139,9 @@ enum polymethod { /* * Depending on the application using this namespace module, we * may need to unmount priviously bind mounted instance directory. - * Applications such as login and sshd, that establish a new + * Applications such as login and sshd, that establish a new * session unmount of instance directory is not needed. For applications - * such as su and newrole, that switch the identity, this module + * such as su and newrole, that switch the identity, this module * has to unmount previous instance directory first and re-mount * based on the new indentity. For other trusted applications that * just want to undo polyinstantiation, only unmount of previous @@ -160,6 +165,7 @@ struct polydir_s { uid_t *uid; /* list of override uids */ unsigned int flags; /* polydir flags */ char *init_script; /* path to init script */ + char *mount_opts; /* mount options for tmpfs mount */ uid_t owner; /* user which should own the polydir */ gid_t group; /* group which should own the polydir */ mode_t mode; /* mode of the polydir */ @@ -182,4 +188,3 @@ struct instance_data { uid_t ruid; /* The uid of the requesting user */ unsigned long flags; /* Flags for debug, selinux etc */ }; - |