-
Notifications
You must be signed in to change notification settings - Fork 276
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pam_xauth: use the owner of Xauthority file #556
base: master
Are you sure you want to change the base?
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks like a few unrelated changes crammed into a single PR for no particular reason,
and only one of these changes is mentioned in the commit message.
3514d95
to
dd813d3
Compare
Thank you @ldv-alt for all the reviews. Indeed, I didn't well format and explained all changes, my apologies. So, I split them in two, adding a more concrete description for each.
Hopefully this commit's description explained well all changes. |
* As it was done for pam_wheel, check if the command will be run by the effective user, and then get the UID of the remote host name RHOST, or the remote user name RUSER instead. For some programs, getuid() could provides the root ownership if the effective user is set before, and therefore could not have access to the cookiefile. The module could become extremelly slow as xauth hence it runs into a timeout if it cannot read Xauthority. * Add the `-i` argument to xauth to ignore lock on authority file. Useful when using a NFS, where program as xdm could locked it. Signed-off-by: Valentin Lefebvre <valentin.lefebvre@suse.com>
dd813d3
to
4026d42
Compare
This request was created according to the bug reported here: #272, and as said on previous comment, it is also related to this one: #22. @ldv-alt it is up to you to decline the request, I defere to your decision. |
Patch courtesy of Dr. Werner Fink.