Blame SOURCES/pam-1.1.8-canonicalize-username.patch

0ec004
diff -up Linux-PAM-1.1.8/modules/pam_selinux/pam_selinux.c.canonicalize Linux-PAM-1.1.8/modules/pam_selinux/pam_selinux.c
0ec004
--- Linux-PAM-1.1.8/modules/pam_selinux/pam_selinux.c.canonicalize	2013-06-18 16:11:21.000000000 +0200
0ec004
+++ Linux-PAM-1.1.8/modules/pam_selinux/pam_selinux.c	2014-03-06 12:03:54.429639972 +0100
0ec004
@@ -491,12 +491,17 @@ compute_exec_context(pam_handle_t *pamh,
0ec004
   char *level = NULL;
0ec004
   security_context_t *contextlist = NULL;
0ec004
   int num_contexts = 0;
0ec004
+  const struct passwd *pwd;
0ec004
 
0ec004
   if (!(username = get_item(pamh, PAM_USER))) {
0ec004
     pam_syslog(pamh, LOG_ERR, "Cannot obtain the user name");
0ec004
     return PAM_USER_UNKNOWN;
0ec004
   }
0ec004
 
0ec004
+  if ((pwd = pam_modutil_getpwnam(pamh, username)) != NULL) {
0ec004
+    username = pwd->pw_name;
0ec004
+  } /* ignore error and keep using original username */
0ec004
+
0ec004
   /* compute execute context */
0ec004
 #ifdef HAVE_GETSEUSER
0ec004
   if (!(service = get_item(pamh, PAM_SERVICE))) {