mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 10:07:12 +00:00
Code Issues Releases Wiki Activity

This commit teaches pam_apparmor about the current errno returned by the

Browse Source 
kernel when the hat that was passed does not exist in the profile (but
other hats exist). It also removes the very old EPERM case, which hasn't
been accurate for a while. (LP: #619521)
This commit is contained in:
Steve Beattie 2010-08-19 08:24:41 -07:00
parent 40751c2ed3
commit 6c31d0d894
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
changehat/pam_apparmor/pam_apparmor.c
View File

@ -1,10 +1,14 @@
/* pam_apparmor module */ /* pam_apparmor module */
/* /*
* $Id$ * Copyright (c) 2006
* NOVELL (All rights reserved)
*
* Copyright (c) 2010
* Canonical, Ltd. (All rights reserved)
* *
* Written by Jesse Michael <jmichael@suse.de> 2006/08/24 * Written by Jesse Michael <jmichael@suse.de> 2006/08/24
* and Steve Beattie <sbeattie@suse.de> 2006/10/25 * and Steve Beattie <sbeattie@ubuntu.com> 2006/10/25
* *
* Based off of pam_motd by: * Based off of pam_motd by:
* Ben Collins <bcollins@debian.org> 2005/10/04 * Ben Collins <bcollins@debian.org> 2005/10/04
@ -165,8 +169,8 @@ int pam_sm_open_session(pam_handle_t *pamh, int flags,
* stop attempting to use change_hat */ * stop attempting to use change_hat */
goto nodefault; goto nodefault;
break; break;
case EPERM: /* Disable when ECHILD patch gets accepted */
case EACCES: case EACCES:
case ENOENT:
/* failed to change into attempted hat, so we'll /* failed to change into attempted hat, so we'll
* jump back out and try the next one */ * jump back out and try the next one */
break; break;