summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch')
-rw-r--r--x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch87
1 files changed, 0 insertions, 87 deletions
diff --git a/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch b/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch
deleted file mode 100644
index f14ff7670c88..000000000000
--- a/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-From d3953e88a94ec25a87d3c5136517b3d1009cb1fd Mon Sep 17 00:00:00 2001
-From: "J. Konrad Tegtmeier-Rottach" <jktr@0x16.de>
-Date: Wed, 8 May 2019 18:58:53 +0200
-Subject: [PATCH] Revert "Honor PAM's ambient supplemental groups. (#834)"
-
-This reverts commit 1bc813d08b8130e458a6550ec47fb2bfbe6de080, which
-misuses PAM and leads to pulling in all of root's supplemental groups
-during session initialization instead of only adding PAM's extra
-groups. The problem was masked due to the root user not having any
-supplemental groups in some common contexts, like running sddm from a
-systemd unit.
----
- src/helper/UserSession.cpp | 57 --------------------------------------
- 1 file changed, 57 deletions(-)
-
-diff --git a/src/helper/UserSession.cpp b/src/helper/UserSession.cpp
-index b3aec356..f71fd358 100644
---- a/src/helper/UserSession.cpp
-+++ b/src/helper/UserSession.cpp
-@@ -150,67 +150,10 @@ namespace SDDM {
- qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " << username;
- exit(Auth::HELPER_OTHER_ERROR);
- }
--
--#ifdef USE_PAM
--
-- // fetch ambient groups from PAM's environment;
-- // these are set by modules such as pam_groups.so
-- int n_pam_groups = getgroups(0, NULL);
-- gid_t *pam_groups = NULL;
-- if (n_pam_groups > 0) {
-- pam_groups = new gid_t[n_pam_groups];
-- if ((n_pam_groups = getgroups(n_pam_groups, pam_groups)) == -1) {
-- qCritical() << "getgroups() failed to fetch supplemental"
-- << "PAM groups for user:" << username;
-- exit(Auth::HELPER_OTHER_ERROR);
-- }
-- } else {
-- n_pam_groups = 0;
-- }
--
-- // fetch session's user's groups
-- int n_user_groups = 0;
-- gid_t *user_groups = NULL;
-- if (-1 == getgrouplist(username.constData(), pw.pw_gid,
-- NULL, &n_user_groups)) {
-- user_groups = new gid_t[n_user_groups];
-- if ((n_user_groups = getgrouplist(username.constData(),
-- pw.pw_gid, user_groups,
-- &n_user_groups)) == -1 ) {
-- qCritical() << "getgrouplist(" << username << ", " << pw.pw_gid
-- << ") failed";
-- exit(Auth::HELPER_OTHER_ERROR);
-- }
-- }
--
-- // set groups to concatenation of PAM's ambient
-- // groups and the session's user's groups
-- int n_groups = n_pam_groups + n_user_groups;
-- if (n_groups > 0) {
-- gid_t *groups = new gid_t[n_groups];
-- memcpy(groups, pam_groups, (n_pam_groups * sizeof(gid_t)));
-- memcpy((groups + n_pam_groups), user_groups,
-- (n_user_groups * sizeof(gid_t)));
--
-- // setgroups(2) handles duplicate groups
-- if (setgroups(n_groups, groups) != 0) {
-- qCritical() << "setgroups() failed for user: " << username;
-- exit (Auth::HELPER_OTHER_ERROR);
-- }
-- delete[] groups;
-- }
-- delete[] pam_groups;
-- delete[] user_groups;
--
--#else
--
- if (initgroups(pw.pw_name, pw.pw_gid) != 0) {
- qCritical() << "initgroups(" << pw.pw_name << ", " << pw.pw_gid << ") failed for user: " << username;
- exit(Auth::HELPER_OTHER_ERROR);
- }
--
--#endif /* USE_PAM */
--
- if (setuid(pw.pw_uid) != 0) {
- qCritical() << "setuid(" << pw.pw_uid << ") failed for user: " << username;
- exit(Auth::HELPER_OTHER_ERROR);