commit cffedb98666140013497524064d3098c11461ff1
Author: Dmitry V. Levin <ldv(a)altlinux.org>
Date: Tue Oct 19 23:34:52 2010 +0000
pam_selinux.c: add "restore" option
* modules/pam_selinux/pam_selinux.c (pam_sm_open_session): Add new
"restore" option.
modules/pam_selinux/pam_selinux.c | 9 ++++++++-
1 files changed, 8 insertions(+), 1 deletions(-)
---
diff --git a/modules/pam_selinux/pam_selinux.c b/modules/pam_selinux/pam_selinux.c
index a8f540d..d66ccb4 100644
--- a/modules/pam_selinux/pam_selinux.c
+++ b/modules/pam_selinux/pam_selinux.c
@@ -849,7 +849,7 @@ pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
int argc, const char **argv)
{
const module_data_t *data;
- int i, debug = 0, verbose = 0, close_session = 0;
+ int i, debug = 0, verbose = 0, close_session = 0, restore = 0;
/* Parse arguments. */
for (i = 0; i < argc; i++) {
@@ -862,6 +862,9 @@ pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
if (strcmp(argv[i], "close") == 0) {
close_session = 1;
}
+ if (strcmp(argv[i], "restore") == 0) {
+ restore = 1;
+ }
}
if (debug)
@@ -873,6 +876,10 @@ pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
data = get_module_data(pamh);
+ /* Is this module supposed only to restore original context? */
+ if (restore)
+ return restore_context(pamh, data, debug);
+
/* If there is a saved context, this module is supposed to set it again. */
return data ? set_context(pamh, data, debug, verbose) :
create_context(pamh, argc, argv, debug, verbose);
Show replies by date