diff options
| author | Robert Nagy <[email protected]> | 2017-03-28 20:31:42 +0200 |
|---|---|---|
| committer | monsta <[email protected]> | 2017-04-18 21:30:24 +0300 |
| commit | 5f70d320a0d3d1fef0bc6b7b77ef2a7c2923b990 (patch) | |
| tree | a72e9ff665cdaf39ea183c08965663a9cf5aa1c7 /src/setuid.c | |
| parent | f2567e0fe617c8cfd88bd6fd9dfe2505f497654f (diff) | |
| download | mate-screensaver-5f70d320a0d3d1fef0bc6b7b77ef2a7c2923b990.tar.bz2 mate-screensaver-5f70d320a0d3d1fef0bc6b7b77ef2a7c2923b990.tar.xz | |
Implement OpenBSD authentication using bsd_auth(3).
OpenBSD does not have nor use pam(8) for password authentication but
instead uses bsd_auth(3): add a bsd_auth authentication scheme to
make locking possible.
This has been a part of gnome-screensaver already but was probably
removed at one point. This is mostly identical to that code, with some
minor modifications.
Diffstat (limited to 'src/setuid.c')
| -rw-r--r-- | src/setuid.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/setuid.c b/src/setuid.c index 80e4659..0a065d9 100644 --- a/src/setuid.c +++ b/src/setuid.c @@ -209,6 +209,15 @@ hack_uid (char **nolock_reason, if (uid != euid || gid != egid) { +#ifdef HAVE_BSDAUTH /* we need to setgid auth to run the bsd_auth(3) login_* helpers */ + struct group *authg = getgrnam("auth"); + if (!authg || !authg->gr_name || !*authg->gr_name) { + reason = g_strdup ("no such group as \"auth\" for bsdauth."); + ret = FALSE; + goto out; + } + gid = authg->gr_gid; +#endif /* !HAVE_BSDAUTH */ if (! set_ids_by_number (uid, gid, uid_message)) { reason = g_strdup ("unable to discard privileges."); |