diff options
| author | Lennart Poettering <lennart@poettering.net> | 2011-04-12 21:08:44 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2011-04-12 21:08:44 +0200 |
| commit | ac1234459056864aeb04053fdfe9b0001fc32590 (patch) | |
| tree | 795ad03a0a809e6454a98a59bfed7a6cf7c3f968 /src/pam-module.c | |
| parent | a7444edaf768ae3dda13c42d8fe26f78b4e63e38 (diff) | |
pam: use /proc/self/loginuid only if we have CAP_AUDIT_CONTROL
Diffstat (limited to 'src/pam-module.c')
| -rw-r--r-- | src/pam-module.c | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/src/pam-module.c b/src/pam-module.c index 6486546e6d..b4130bbdd6 100644 --- a/src/pam-module.c +++ b/src/pam-module.c @@ -24,6 +24,7 @@ #include <sys/file.h> #include <pwd.h> #include <endian.h> +#include <sys/capability.h> #include <security/pam_modules.h> #include <security/_pam_macros.h> @@ -288,15 +289,24 @@ static int get_user_data( assert(ret_username); assert(ret_pw); - if (read_one_line_file("/proc/self/loginuid", &s) >= 0) { - uint32_t u; + if (have_effective_cap(CAP_AUDIT_CONTROL)) { + /* Only use audit login uid if we are executed with + * sufficient capabilities so that pam_loginuid could + * do its job. If we are lacking the CAP_AUDIT_CONTROL + * capabality we most likely are being run in a + * container and /proc/self/loginuid is useless since + * it probably contains a uid of the host system. */ - r = safe_atou32(s, &u); - free(s); + if (read_one_line_file("/proc/self/loginuid", &s) >= 0) { + uint32_t u; - if (r >= 0 && u != (uint32_t) -1 && u > 0) { - have_loginuid = true; - pw = pam_modutil_getpwuid(handle, u); + r = safe_atou32(s, &u); + free(s); + + if (r >= 0 && u != (uint32_t) -1 && u > 0) { + have_loginuid = true; + pw = pam_modutil_getpwuid(handle, u); + } } } |