diff options
author | Lennart Poettering <lennart@poettering.net> | 2016-10-06 16:03:01 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-10-06 19:04:10 +0200 |
commit | 2d6fce8d7c397fe915230b728cb92aa749245e43 (patch) | |
tree | 26ad5d4ebabbd6fb3dee5645f5e1f80797d12dad /src/nspawn | |
parent | 729c6467df4887e55b57b4efe9541bff0d31016b (diff) |
core: leave PAM stub process around with GIDs updated
In the process execution code of PID 1, before
096424d1230e0a0339735c51b43949809e972430 the GID settings where changed before
invoking PAM, and the UID settings after. After the change both changes are
made after the PAM session hooks are run. When invoking PAM we fork once, and
leave a stub process around which will invoke the PAM session end hooks when
the session goes away. This code previously was dropping the remaining privs
(which were precisely the UID). Fix this code to do this correctly again, by
really dropping them else (i.e. the GID as well).
While we are at it, also fix error logging of this code.
Fixes: #4238
Diffstat (limited to 'src/nspawn')
0 files changed, 0 insertions, 0 deletions