From b9dba3310e01a378014520d23e05ed432d0f8266 Mon Sep 17 00:00:00 2001 From: David Woodhouse Date: Sun, 11 Sep 2011 23:10:16 +0100 Subject: [PATCH] Add no-drop-privs option to manage secret files as root --- libpam/pam_google_authenticator.c | 10 +++++++--- 1 files changed, 7 insertions(+), 3 deletions(-) diff --git a/libpam/pam_google_authenticator.c b/libpam/pam_google_authenticator.c index c6b8e58..1b83c38 100644 --- a/libpam/pam_google_authenticator.c +++ b/libpam/pam_google_authenticator.c @@ -60,6 +60,7 @@ typedef struct Params { const char *secret_filename_spec; int noskewadj; int echocode; + int no_drop_privs; } Params; static char oom; @@ -1083,6 +1084,8 @@ static int parse_args(pam_handle_t *pamh, int argc, const char **argv, params->noskewadj = 1; } else if (!strcmp(argv[i], "echo-verification-code")) { params->echocode = PAM_PROMPT_ECHO_ON; + } else if (!strcmp(argv[i], "no-drop-privs")) { + params->no_drop_privs = 1; } else { log_message(LOG_ERR, pamh, "Unrecognized option \"%s\"", argv[i]); return -1; @@ -1118,9 +1121,10 @@ static int google_authenticator(pam_handle_t *pamh, int flags, int updated = 0; if ((username = get_user_name(pamh)) && (secret_filename = get_secret_filename(pamh, ¶ms, username, &uid)) && - (old_uid = drop_privileges(pamh, username, uid)) >= 0 && - (fd = open_secret_file(pamh, secret_filename, username, uid, - &filesize, &mtime)) >= 0 && + (params.no_drop_privs || + (old_uid = drop_privileges(pamh, username, uid))) >= 0 && + (fd = open_secret_file(pamh, secret_filename, params.no_drop_privs?"root":username, + params.no_drop_privs?0:uid, &filesize, &mtime)) >= 0 && (buf = read_file_contents(pamh, secret_filename, &fd, filesize)) && (secret = get_shared_secret(pamh, secret_filename, buf, &secretLen)) && (rate_limit(pamh, secret_filename, &updated, &buf) >= 0) && -- 1.7.6