aboutsummaryrefslogtreecommitdiff
path: root/patches-applied/hurd_no_setfsuid
diff options
context:
space:
mode:
Diffstat (limited to 'patches-applied/hurd_no_setfsuid')
-rw-r--r--patches-applied/hurd_no_setfsuid110
1 files changed, 0 insertions, 110 deletions
diff --git a/patches-applied/hurd_no_setfsuid b/patches-applied/hurd_no_setfsuid
deleted file mode 100644
index 71ae5d77..00000000
--- a/patches-applied/hurd_no_setfsuid
+++ /dev/null
@@ -1,110 +0,0 @@
-On systems without setfsuid(), use setreuid() instead.
-
-Authors: Steve Langasek <vorlon@debian.org>
-
-Upstream status: superseded by pam_modutil_set_euid proposal
-
-Index: Linux-PAM/modules/pam_xauth/pam_xauth.c
-===================================================================
---- Linux-PAM/modules/pam_xauth/pam_xauth.c.orig
-+++ Linux-PAM/modules/pam_xauth/pam_xauth.c
-@@ -35,7 +35,9 @@
-
- #include "config.h"
- #include <sys/types.h>
-+#ifdef HAVE_SYS_FSUID_H
- #include <sys/fsuid.h>
-+#endif /* HAVE_SYS_FSUID_H */
- #include <sys/wait.h>
- #include <errno.h>
- #include <fnmatch.h>
-@@ -210,6 +212,9 @@
- FILE *fp;
- int i;
- uid_t euid;
-+#ifndef HAVE_SYS_FSUID_H
-+ uid_t uid;
-+#endif
- /* Check this user's <sense> file. */
- pwd = pam_modutil_getpwnam(pamh, this_user);
- if (pwd == NULL) {
-@@ -226,9 +231,34 @@
- return PAM_SESSION_ERR;
- }
- euid = geteuid();
-+#ifdef HAVE_SYS_FSUID_H
- setfsuid(pwd->pw_uid);
-+#else
-+ uid = getuid();
-+ if (uid == pwd->pw_uid)
-+ setreuid(euid, uid);
-+ else {
-+ setreuid(0, -1);
-+ if (setreuid(-1, uid) == -1) {
-+ setreuid(-1, 0);
-+ setreuid(0, -1);
-+ if (setreuid(-1, pwd->pw_uid))
-+ return PAM_CRED_INSUFFICIENT;
-+ }
-+ }
-+#endif
- fp = fopen(path, "r");
-+#ifdef HAVE_SYS_FSUID_H
- setfsuid(euid);
-+#else
-+ if (uid == pwd->pw_uid)
-+ setreuid(uid, euid);
-+ else {
-+ if (setreuid(-1, 0) == -1)
-+ setreuid(uid, -1);
-+ setreuid(-1, euid);
-+ }
-+#endif
- if (fp != NULL) {
- char buf[LINE_MAX], *tmp;
- /* Scan the file for a list of specs of users to "trust". */
-@@ -297,6 +327,9 @@
- int fd, i, debug = 0;
- int retval = PAM_SUCCESS;
- uid_t systemuser = 499, targetuser = 0, euid;
-+#ifndef HAVE_SYS_FSUID_H
-+ uid_t uid;
-+#endif
-
- /* Parse arguments. We don't understand many, so no sense in breaking
- * this into a separate function. */
-@@ -541,9 +574,34 @@
-
- /* Generate a new file to hold the data. */
- euid = geteuid();
-+#ifdef HAVE_SYS_FSUID_H
- setfsuid(tpwd->pw_uid);
-+#else
-+ uid = getuid();
-+ if (uid == tpwd->pw_uid)
-+ setreuid(euid, uid);
-+ else {
-+ setreuid(0, -1);
-+ if (setreuid(-1, uid) == -1) {
-+ setreuid(-1, 0);
-+ setreuid(0, -1);
-+ if (setreuid(-1, tpwd->pw_uid))
-+ return PAM_CRED_INSUFFICIENT;
-+ }
-+ }
-+#endif
- fd = mkstemp(xauthority + strlen(XAUTHENV) + 1);
-+#ifdef HAVE_SYS_FSUID_H
- setfsuid(euid);
-+#else
-+ if (uid == tpwd->pw_uid)
-+ setreuid(uid, euid);
-+ else {
-+ if (setreuid(-1, 0) == -1)
-+ setreuid(uid, -1);
-+ setreuid(-1, euid);
-+ }
-+#endif
- if (fd == -1) {
- pam_syslog(pamh, LOG_ERR,
- "error creating temporary file `%s': %m",
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-11 05:00:28 +0000