diff options
author | Karel Zak | 2011-09-13 12:45:48 +0200 |
---|---|---|
committer | Karel Zak | 2011-10-26 23:17:16 +0200 |
commit | 59a184d93a7e3a82fbb0064e8158d5ad1731fd6e (patch) | |
tree | 0677899ba552e7e874c678cb6bad53df9722efa7 /login-utils/login.c | |
parent | login: PAM account checks refactoring (diff) | |
download | kernel-qcow2-util-linux-59a184d93a7e3a82fbb0064e8158d5ad1731fd6e.tar.gz kernel-qcow2-util-linux-59a184d93a7e3a82fbb0064e8158d5ad1731fd6e.tar.xz kernel-qcow2-util-linux-59a184d93a7e3a82fbb0064e8158d5ad1731fd6e.zip |
login: PAM session initialization refactoring
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'login-utils/login.c')
-rw-r--r-- | login-utils/login.c | 29 |
1 files changed, 20 insertions, 9 deletions
diff --git a/login-utils/login.c b/login-utils/login.c index 828117850..d318e120c 100644 --- a/login-utils/login.c +++ b/login-utils/login.c @@ -705,6 +705,22 @@ static void loginpam_acct(struct login_context *cxt) } } +static void loginpam_session(struct login_context *cxt) +{ + int rc; + pam_handle_t *pamh = cxt->pamh; + + rc = pam_open_session(pamh, 0); + if (is_pam_failure(rc)) + loginpam_err(pamh, rc); + + rc = pam_setcred(pamh, PAM_ESTABLISH_CRED); + if (is_pam_failure(rc)) { + pam_close_session(pamh, 0); + loginpam_err(pamh, rc); + } +} + /* * We need to check effective UID/GID. For example $HOME could be on root * squashed NFS or on NFS with UID mapping and access(2) uses real UID/GID. @@ -980,15 +996,10 @@ int main(int argc, char **argv) exit(EXIT_FAILURE); } - retcode = pam_open_session(pamh, 0); - if (is_pam_failure(retcode)) - loginpam_err(pamh, retcode); - - retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED); - if (is_pam_failure(retcode)) { - pam_close_session(pamh, 0); - loginpam_err(pamh, retcode); - } + /* + * Open PAM session (after successful authentication and account check) + */ + loginpam_session(&cxt); /* committed to login -- turn off timeout */ alarm((unsigned int)0); |