From 52f517dd540bdd12c5fa239bd7f60b51aaea9326 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Tue, 22 Apr 2008 19:21:37 +0000 Subject: Relevant BUGIDs: rhbz#443667 Purpose of commit: bugfix Commit summary: --------------- 2008-04-22 Tomas Mraz * modules/pam_selinux/pam_selinux.c(pam_sm_close_sesion): Fix regression from the change from 2008-03-20. setexeccon() must be called also with NULL prev_context. --- ChangeLog | 6 ++++++ modules/pam_selinux/pam_selinux.c | 14 +++++++------- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index c8901a4d..f1537404 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2008-04-22 Tomas Mraz + + * modules/pam_selinux/pam_selinux.c(pam_sm_close_sesion): Fix + regression from the change from 2008-03-20. setexeccon() must be + called also with NULL prev_context. + 2008-04-21 Thorsten Kukuk * modules/pam_access/access.conf.5.xml: Document changed behavior diff --git a/modules/pam_selinux/pam_selinux.c b/modules/pam_selinux/pam_selinux.c index f679e33d..da49f3f9 100644 --- a/modules/pam_selinux/pam_selinux.c +++ b/modules/pam_selinux/pam_selinux.c @@ -702,21 +702,21 @@ pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED, free(ttyn); ttyn=NULL; } - if (prev_user_context) { - if (setexeccon(prev_user_context)) { + + if (setexeccon(prev_user_context)) { pam_syslog(pamh, LOG_ERR, "Unable to restore executable context %s.", - prev_user_context); + prev_user_context ? prev_user_context : ""); if (security_getenforce() == 1) status = PAM_AUTH_ERR; else status = PAM_SUCCESS; - } + } else if (debug) + pam_syslog(pamh, LOG_NOTICE, "Executable context back to original"); + + if (prev_user_context) { freecon(prev_user_context); prev_user_context = NULL; } - if (debug) - pam_syslog(pamh, LOG_NOTICE, "setcontext back to orginal"); - return status; } -- cgit v1.2.3