diff options
author | Karel Zak | 2012-08-29 17:34:26 +0200 |
---|---|---|
committer | Karel Zak | 2012-09-04 17:00:31 +0200 |
commit | 7ec6adb1cc00719b10b21a732474fc444acaac95 (patch) | |
tree | 87e0d1910afdea7216f7b887fc3b79e4cea19687 /login-utils/runuser.c | |
parent | su: move generic su code to su-common.c (diff) | |
download | kernel-qcow2-util-linux-7ec6adb1cc00719b10b21a732474fc444acaac95.tar.gz kernel-qcow2-util-linux-7ec6adb1cc00719b10b21a732474fc444acaac95.tar.xz kernel-qcow2-util-linux-7ec6adb1cc00719b10b21a732474fc444acaac95.zip |
runuser: new command (derived from su(1))
This command is based on su(1), the differences:
- based on Fedora runuser su(1) patch
- not installed with suid rights
- allowed for root users only
- don't ask for password
- uses PAM session, for example:
$ cat /etc/pam.d/runuser
auth sufficient pam_rootok.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session required pam_unix.so
$ cat /etc/pam.d/runuser-l
auth include runuser
session optional pam_keyinit.so force revoke
session include runuser
Signed-off-by: Karel Zak <kzak@redhat.com>
Diffstat (limited to 'login-utils/runuser.c')
-rw-r--r-- | login-utils/runuser.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/login-utils/runuser.c b/login-utils/runuser.c new file mode 100644 index 000000000..d761a14fc --- /dev/null +++ b/login-utils/runuser.c @@ -0,0 +1,7 @@ + +#include "su-common.h" + +int main(int argv, char **argc) +{ + return su_main(argv, argc, RUNUSER_MODE); +} |