From 5797bc877cde349492afb3403998754ff53ed852 Mon Sep 17 00:00:00 2001
From: Jonathan Bauer
Date: Wed, 4 Dec 2013 17:43:05 +0100
Subject: [pam] check if pam_script_ses_open is actually being called by root

---
 remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'remote/modules')

diff --git a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
index 8533f421..84a51473 100755
--- a/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
+++ b/remote/modules/pam/data/opt/openslx/scripts/pam_script_ses_open
@@ -10,6 +10,9 @@ PERSISTENT_HOME_DIR="/home/${PAM_USER}/PERSISTENT"
 # NSA needs to know
 slxlog "session-open" "$PAM_USER logged in on $PAM_TTY"
 
+# check if the script runs as root
+[ "x$(whoami)" != "xroot" ] && exit 0
+
 # check if PAM_USER is root and skip if it is the case
 [ "x${PAM_USER}" == "xroot" ] && exit 0
 
-- 
cgit v1.2.3-55-g7522