extra/source/pam/patches/pam-1.1.3-limits-nosetreuid.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

diff -up Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c.nosetreuid Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c
--- Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c.nosetreuid	2009-02-20 14:27:14.000000000 +0100
+++ Linux-PAM-1.1.3/modules/pam_limits/pam_limits.c	2010-11-11 12:31:04.000000000 +0100
@@ -103,7 +103,6 @@ struct pam_limit_s {
 /* argument parsing */
 
 #define PAM_DEBUG_ARG       0x0001
-#define PAM_DO_SETREUID     0x0002
 #define PAM_UTMP_EARLY      0x0004
 #define PAM_NO_AUDIT        0x0008
 
@@ -127,8 +126,6 @@ _pam_parse (const pam_handle_t *pamh, in
 	    ctrl |= PAM_DEBUG_ARG;
 	} else if (!strncmp(*argv,"conf=",5)) {
 	    pl->conf_file = *argv+5;
-	} else if (!strncmp(*argv,"change_uid",10)) {
-	    ctrl |= PAM_DO_SETREUID;
 	} else if (!strcmp(*argv,"utmp_early")) {
 	    ctrl |= PAM_UTMP_EARLY;
 	} else if (!strcmp(*argv,"noaudit")) {
@@ -777,10 +774,6 @@ out:
 	return retval;
     }
 
-    if (ctrl & PAM_DO_SETREUID) {
-	setreuid(pwd->pw_uid, -1);
-    }
-
     retval = setup_limits(pamh, pwd->pw_name, pwd->pw_uid, ctrl, pl);
     if (retval & LOGIN_ERR)
 	pam_error(pamh, _("Too many logins for '%s'."), pwd->pw_name);
diff -up Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml.nosetreuid Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml
--- Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml.nosetreuid	2009-06-01 09:03:20.000000000 +0200
+++ Linux-PAM-1.1.3/modules/pam_limits/pam_limits.8.xml	2010-11-11 12:32:35.000000000 +0100
@@ -23,9 +23,6 @@
     <cmdsynopsis id="pam_limits-cmdsynopsis">
       <command>pam_limits.so</command>
       <arg choice="opt">
-        change_uid
-      </arg>
-      <arg choice="opt">
         conf=<replaceable>/path/to/limits.conf</replaceable>
       </arg>
       <arg choice="opt">
@@ -72,19 +69,6 @@
     <variablelist>
       <varlistentry>
         <term>
-          <option>change_uid</option>
-        </term>
-        <listitem>
-          <para>
-            Change real uid to the user for who the limits are set up. Use this
-            option if you have problems like login not forking a shell for user
-            who has no processes. Be warned that something else may break when
-            you do this.
-          </para>
-        </listitem>
-      </varlistentry>
-      <varlistentry>
-        <term>
           <option>conf=<replaceable>/path/to/limits.conf</replaceable></option>
         </term>
         <listitem>