[sudo-users] disabling sudo fork-ing
Ciprian Dorin, Craciun
ciprian.craciun at gmail.com
Fri Aug 20 09:30:44 EDT 2010
On Fri, Aug 20, 2010 at 16:14, Todd C. Miller <Todd.Miller at courtesan.com> wrote:
> In message <AANLkTinJbMK2WaCQNVU5Gsq4jt3Vf83CDa+H6VO3FVqq at mail.gmail.com>
> so spake "Ciprian Dorin, Craciun" (ciprian.craciun):
>
>> So PAM is enabled, but the PAM session is not and from the
>> changelog I've understood that this behaviour (forking and waiting) is
>> enabled only when using a PAM session.
>
> --disable-pam-session doesn't disable that, though arguably it
> should. I've added a patch at the end that should fix this.
>
> Try the following diff along with --disable-pam-session.
>
> - todd
>
> diff -r 616509f85d6c sudo.c
> --- a/sudo.c Wed Aug 18 15:32:30 2010 -0400
> +++ b/sudo.c Fri Aug 20 09:11:56 2010 -0400
> @@ -105,7 +105,7 @@
> # include "nonunix.h"
> #endif
>
> -#ifdef HAVE_PAM
> +#if defined(HAVE_PAM) && !defined(NO_PAM_SESSION)
> # define CMND_WAIT TRUE
> #else
> # define CMND_WAIT FALSE
Yup, it works! Thanks!
Couldn't there also be a command line argument that forces this
disabling? (Because I doubt that the upstream ArchLinux maintainer
would accept the `--disable-pam-session` in the official builds...)
Thanks again,
Ciprian.
More information about the sudo-users
mailing list