aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorWilliam Hubbs <williamh@gentoo.org>2012-02-23 16:47:52 -0600
committerWilliam Hubbs <williamh@gentoo.org>2012-02-23 16:47:52 -0600
commit3272261479c2a3ed860f71523497f5662ada55eb (patch)
tree315c9de9c402adf053411ed2e9ef7f039dff6d2a
parent3247184d860aea7ccc2c58d399f62c088978e973 (diff)
Skip pam if running as root
Reported-by: Piotr Karbowski <piotr.karbowski@gmail.com> X-Gentoo-Bug: 386623 X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=386623
-rw-r--r--src/rc/start-stop-daemon.c44
1 files changed, 22 insertions, 22 deletions
diff --git a/src/rc/start-stop-daemon.c b/src/rc/start-stop-daemon.c
index a8a7bd3a..965b3312 100644
--- a/src/rc/start-stop-daemon.c
+++ b/src/rc/start-stop-daemon.c
@@ -1178,20 +1178,18 @@ start_stop_daemon(int argc, char **argv)
}
#ifdef HAVE_PAM
- if (changeuser != NULL)
+ if (changeuser != NULL) {
pamr = pam_start("start-stop-daemon",
changeuser, &conv, &pamh);
- else
- pamr = pam_start("start-stop-daemon",
- "nobody", &conv, &pamh);
-
- if (pamr == PAM_SUCCESS)
- pamr = pam_acct_mgmt(pamh, PAM_SILENT);
- if (pamr == PAM_SUCCESS)
- pamr = pam_open_session(pamh, PAM_SILENT);
- if (pamr != PAM_SUCCESS)
- eerrorx("%s: pam error: %s",
- applet, pam_strerror(pamh, pamr));
+
+ if (pamr == PAM_SUCCESS)
+ pamr = pam_acct_mgmt(pamh, PAM_SILENT);
+ if (pamr == PAM_SUCCESS)
+ pamr = pam_open_session(pamh, PAM_SILENT);
+ if (pamr != PAM_SUCCESS)
+ eerrorx("%s: pam error: %s",
+ applet, pam_strerror(pamh, pamr));
+ }
#endif
if (gid && setgid(gid))
@@ -1219,15 +1217,17 @@ start_stop_daemon(int argc, char **argv)
rc_stringlist_add(env_list, environ[i++]);
#ifdef HAVE_PAM
- pamenv = (const char *const *)pam_getenvlist(pamh);
- if (pamenv) {
- while (*pamenv) {
- /* Don't add strings unless they set a var */
- if (strchr(*pamenv, '='))
- putenv(xstrdup(*pamenv));
- else
- unsetenv(*pamenv);
- pamenv++;
+ if (changeuser != NULL) {
+ pamenv = (const char *const *)pam_getenvlist(pamh);
+ if (pamenv) {
+ while (*pamenv) {
+ /* Don't add strings unless they set a var */
+ if (strchr(*pamenv, '='))
+ putenv(xstrdup(*pamenv));
+ else
+ unsetenv(*pamenv);
+ pamenv++;
+ }
}
}
#endif
@@ -1304,7 +1304,7 @@ start_stop_daemon(int argc, char **argv)
setsid();
execvp(exec, argv);
#ifdef HAVE_PAM
- if (pamr == PAM_SUCCESS)
+ if (changeuser != NULL && pamr == PAM_SUCCESS)
pam_close_session(pamh, PAM_SILENT);
#endif
eerrorx("%s: failed to exec `%s': %s",