diff options
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/pam_selinux/pam_selinux.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/modules/pam_selinux/pam_selinux.c b/modules/pam_selinux/pam_selinux.c index b96cc236..b2a75e02 100644 --- a/modules/pam_selinux/pam_selinux.c +++ b/modules/pam_selinux/pam_selinux.c @@ -491,12 +491,17 @@ compute_exec_context(pam_handle_t *pamh, module_data_t *data, char *level = NULL; security_context_t *contextlist = NULL; int num_contexts = 0; + const struct passwd *pwd; if (!(username = get_item(pamh, PAM_USER))) { pam_syslog(pamh, LOG_ERR, "Cannot obtain the user name"); return PAM_USER_UNKNOWN; } + if ((pwd = pam_modutil_getpwnam(pamh, username)) != NULL) { + username = pwd->pw_name; + } /* ignore error and keep using original username */ + /* compute execute context */ #ifdef HAVE_GETSEUSER if (!(service = get_item(pamh, PAM_SERVICE))) { |