From 29b63ae08f071aee5b1b901e6fb8f8131b82032d Mon Sep 17 00:00:00 2001 From: Robin Hack Date: Mon, 25 Aug 2014 17:33:21 +0200 Subject: pam_keyinit: Check return value of setregid. modules/pam_keyinit/pam_keyinit.c (pam_sm_open_session): Log if setregid() fails. --- modules/pam_keyinit/pam_keyinit.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'modules/pam_keyinit') diff --git a/modules/pam_keyinit/pam_keyinit.c b/modules/pam_keyinit/pam_keyinit.c index 8d0501e0..f82eead2 100644 --- a/modules/pam_keyinit/pam_keyinit.c +++ b/modules/pam_keyinit/pam_keyinit.c @@ -218,7 +218,8 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED, if (uid != old_uid && setreuid(uid, -1) < 0) { error(pamh, "Unable to change UID to %d temporarily\n", uid); - setregid(old_gid, -1); + if (setregid(old_gid, -1) < 0) + error(pamh, "Unable to change GID back to %d\n", old_gid); return PAM_SESSION_ERR; } -- cgit v1.2.3