From ba315ae8effdcad591608c99452dad05c4cf20ab Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <kukuk@thkukuk.de>
Date: Mon, 16 Sep 2013 11:48:12 +0200
Subject: Check return value of setuid to remove glibc warnings.

* modules/pam_unix/pam_unix_acct.c: Check setuid return value.
* modules/pam_unix/support.c: Likewise.
---
 modules/pam_unix/support.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'modules/pam_unix/support.c')

diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c
index 9284dbaa..19d72e66 100644
--- a/modules/pam_unix/support.c
+++ b/modules/pam_unix/support.c
@@ -586,7 +586,10 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd,
 	if (geteuid() == 0) {
           /* must set the real uid to 0 so the helper will not error
 	     out if pam is called from setuid binary (su, sudo...) */
-	  setuid(0);
+	  if (setuid(0) == -1) {
+             D(("setuid failed"));
+	     _exit(PAM_AUTHINFO_UNAVAIL);
+          }
 	}
 
 	/* exec binary helper */
-- 
cgit v1.2.3