diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2010-11-05 02:36:15 +0100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2010-11-05 02:36:15 +0100 |
| commit | 920612e45ae8183226e8841ff27cdc54a8287ba2 (patch) | |
| tree | 18b9cf0af1c0c470d463b8e03cdd2504f5c3ca2f /platform.c | |
| parent | - (dtucker) [configure.ac platform.{c,h} session.c (diff) | |
| download | openssh-920612e45ae8183226e8841ff27cdc54a8287ba2.tar.xz openssh-920612e45ae8183226e8841ff27cdc54a8287ba2.zip | |
- (dtucker) [platform.c platform.h session.c] Add a platform hook to run
after the user's groups are established and move the selinux calls into it.
Diffstat (limited to 'platform.c')
| -rw-r--r-- | platform.c | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/platform.c b/platform.c index c894190b2..730e7b718 100644 --- a/platform.c +++ b/platform.c @@ -1,4 +1,4 @@ -/* $Id: platform.c,v 1.4 2010/11/05 01:03:05 dtucker Exp $ */ +/* $Id: platform.c,v 1.5 2010/11/05 01:36:15 dtucker Exp $ */ /* * Copyright (c) 2006 Darren Tucker. All rights reserved. @@ -57,9 +57,18 @@ platform_post_fork_child(void) #endif } +/* + * This gets called before switching UIDs, and is called even when sshd is + * not running as root. + */ void platform_setusercontext(struct passwd *pw) { +#ifdef WITH_SELINUX + /* Cache selinux status for later use */ + (void)ssh_selinux_enabled(); +#endif + #ifdef USE_SOLARIS_PROJECTS /* if solaris projects were detected, set the default now */ if (getuid() == 0 || geteuid() == 0) @@ -67,6 +76,18 @@ platform_setusercontext(struct passwd *pw) #endif } +/* + * This gets called after we've established the user's groups, and is only + * called if sshd is running as root. + */ +void +platform_setusercontext_post_groups(struct passwd *pw) +{ +#ifdef WITH_SELINUX + ssh_selinux_setup_exec_context(pw->pw_name); +#endif +} + char * platform_krb5_get_principal_name(const char *pw_name) { |