mirror of
https://github.com/slicer69/doas
synced 2024-09-30 05:03:36 +00:00
On FreeBSD limits set by the user's class (in /etc/login.conf) would
not be respected when running doas. The default class would always be used, ignoring both the classing class and the target user's class. This came about because FreeBSD has a "class" field in the password structure, but other supported systems like Linux do not. doas.c and env.c have been patched to support FreeBSD's class field in the password structure. Login class limits are now respected.
This commit is contained in:
parent
d291aba9b0
commit
ab3ae5ad41
2
doas.c
2
doas.c
|
@ -520,7 +520,7 @@ main(int argc, char **argv)
|
|||
|
||||
|
||||
#if defined(HAVE_LOGIN_CAP_H)
|
||||
if (setusercontext(NULL, target_pw, target, LOGIN_SETGROUP |
|
||||
if (setusercontext(NULL, target_pw, target, LOGIN_SETLOGINCLASS | LOGIN_SETGROUP |
|
||||
LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETUMASK |
|
||||
LOGIN_SETUSER) != 0)
|
||||
errx(1, "failed to set user context for target");
|
||||
|
|
3
env.c
3
env.c
|
@ -102,6 +102,9 @@ copyenvpw(struct passwd *my_static)
|
|||
new_pw->pw_passwd = strdup(my_static->pw_passwd);
|
||||
new_pw->pw_uid = my_static->pw_uid;
|
||||
new_pw->pw_gid = my_static->pw_gid;
|
||||
#if defined(__FreeBSD__)
|
||||
new_pw->pw_class = strdup(my_static->pw_class);
|
||||
#endif
|
||||
new_pw->pw_gecos = strdup(my_static->pw_gecos);
|
||||
new_pw->pw_dir = strdup(my_static->pw_dir);
|
||||
new_pw->pw_shell = strdup(my_static->pw_shell);
|
||||
|
|
Loading…
Reference in a new issue