[sudo-commits] sudo changeset 8922:8b86c134541a

Todd C. Miller Todd.Miller at courtesan.com
Mon Jul 29 09:33:40 MDT 2013

changeset:	8922:8b86c134541a in /home/hg/sudo
details:	http://www.sudo.ws/repos/sudo/rev/8b86c134541a
user:		Todd C. Miller <Todd.Miller at courtesan.com>
date:		Sun Jul 28 17:06:43 2013 -0600

Log Message:
	Now that the ldap code runs with the real and effective uid set to
	0, it is not possible for the gssapi libs to find the user's krb5
	credential cache file.  To work around this, we make a temporary
	copy of the user's credential cache specified by KRB5CCNAME (opened
	with the user's effective uid) and point gssapi to it.  To set the
	credential cache file name, we dynamically look up gss_krb5_ccache_name()
	and use it if available, otherwise fall back to setting KRB5CCNAME.


 plugins/sudoers/ldap.c |  226 ++++++++++++++++++++++++++++++++++++------------
 src/preload.c          |   14 +++
 2 files changed, 183 insertions(+), 57 deletions(-)

More information about the sudo-commits mailing list