diff options
author | Karel Zak | 2007-03-06 15:08:58 +0100 |
---|---|---|
committer | Karel Zak | 2007-03-07 10:14:13 +0100 |
commit | f2c7ae1ddd5973c578d73ec929f29205e84aa47a (patch) | |
tree | 6fc5873f4080e12f238f34fd394e87974f6fb917 /login-utils/login.c | |
parent | chsh: remove tailing wihit-spaces and use PATH_BSHELL (diff) | |
download | kernel-qcow2-util-linux-f2c7ae1ddd5973c578d73ec929f29205e84aa47a.tar.gz kernel-qcow2-util-linux-f2c7ae1ddd5973c578d73ec929f29205e84aa47a.tar.xz kernel-qcow2-util-linux-f2c7ae1ddd5973c578d73ec929f29205e84aa47a.zip |
login: close PAM session after failed pam_setcred
If for some reason the pam set credential call fails, it does not close the pam
session. pam open can mount drives, so calling pam close is important.
From: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'login-utils/login.c')
-rw-r--r-- | login-utils/login.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/login-utils/login.c b/login-utils/login.c index fb3847d08..a9a06b1e1 100644 --- a/login-utils/login.c +++ b/login-utils/login.c @@ -624,6 +624,8 @@ main(int argc, char **argv) PAM_FAIL_CHECK; retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED); + if (retcode != PAM_SUCCESS) + pam_close_session(pamh, 0); PAM_FAIL_CHECK; #else /* ! HAVE_SECURITY_PAM_MISC_H */ |