Blame ecryptfs-utils-87-fixexecgid.patch
|
 |
be2a3c |
diff -up ecryptfs-utils-87/src/pam_ecryptfs/pam_ecryptfs.c.fixexecgid ecryptfs-utils-87/src/pam_ecryptfs/pam_ecryptfs.c
|
|
|
392807 |
--- ecryptfs-utils-87/src/pam_ecryptfs/pam_ecryptfs.c.fixexecgid 2011-07-25 16:38:48.040555555 +0200
|
|
|
392807 |
+++ ecryptfs-utils-87/src/pam_ecryptfs/pam_ecryptfs.c 2011-07-25 16:52:22.751025667 +0200
|
|
|
be2a3c |
@@ -33,6 +33,7 @@
|
|
|
be2a3c |
#include <errno.h>
|
|
|
be2a3c |
#include <syslog.h>
|
|
|
be2a3c |
#include <pwd.h>
|
|
|
be2a3c |
+#include <grp.h>
|
|
|
be2a3c |
#include <sys/types.h>
|
|
|
be2a3c |
#include <sys/wait.h>
|
|
|
be2a3c |
#include <sys/types.h>
|
|
|
392807 |
@@ -303,6 +304,22 @@ static int private_dir(pam_handle_t *pam
|
|
|
be2a3c |
return 1;
|
|
|
be2a3c |
}
|
|
|
be2a3c |
if (pid == 0) {
|
|
|
be2a3c |
+ /* explicitely change group to ecryptfs if user is member of that group, changing uid is not enough */
|
|
|
392807 |
+ gid_t *groups;
|
|
|
392807 |
+ int grn = 0;
|
|
|
392807 |
+
|
|
|
392807 |
+ getgrouplist(pwd->pw_name,pwd->pw_gid,NULL,&grn;;
|
|
|
392807 |
+ groups = malloc(sizeof(gid_t)*grn);
|
|
|
392807 |
+ if (groups == NULL) {
|
|
|
392807 |
+ syslog(LOG_ERR, "Error allocating memory for group list");
|
|
|
392807 |
+ _exit(255);
|
|
|
392807 |
+ }
|
|
|
392807 |
+ getgrouplist(pwd->pw_name, pwd->pw_gid, groups, &grn;;
|
|
|
392807 |
+ if (setgroups(grn, groups) < 0) {
|
|
|
392807 |
+ syslog(LOG_ERR, "Unable to set user's supplementary groups : %m");
|
|
|
392807 |
+ _exit(255);
|
|
|
be2a3c |
+ }
|
|
|
be2a3c |
+
|
|
|
be2a3c |
if (mount == 1) {
|
|
|
be2a3c |
if ((asprintf(&recorded,
|
|
|
be2a3c |
"%s/.ecryptfs/.wrapped-passphrase.recorded",
|