summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2012-09-18 10:54:23 +0200
committerLennart Poettering <lennart@poettering.net>2012-09-18 10:54:23 +0200
commitb7848021c3b058086243071b122077fc4fa1106e (patch)
tree68c998e738a1cec1c2ca30ff5e935c6b20088ba8
parentselinux: rework method tail, make it into a nulstr array (diff)
downloadsystemd-b7848021c3b058086243071b122077fc4fa1106e.tar.xz
systemd-b7848021c3b058086243071b122077fc4fa1106e.zip
execute: apply PAM logic only to main process if PermissionsStartOnly is set
https://bugs.freedesktop.org/show_bug.cgi?id=54176
-rw-r--r--TODO2
-rw-r--r--src/core/execute.c2
2 files changed, 1 insertions, 3 deletions
diff --git a/TODO b/TODO
index bdfbffbbf0..8addd6e291 100644
--- a/TODO
+++ b/TODO
@@ -28,8 +28,6 @@ F18:
* Retest multi-seat
-* selinux: merge systemd selinux access controls (dwalsh)
-
Features:
* instantiated target units
diff --git a/src/core/execute.c b/src/core/execute.c
index 6e2b5e48a0..cb703cbad8 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -1283,7 +1283,7 @@ int exec_spawn(ExecCommand *command,
umask(context->umask);
#ifdef HAVE_PAM
- if (context->pam_name && username) {
+ if (apply_permissions && context->pam_name && username) {
err = setup_pam(context->pam_name, username, uid, context->tty_path, &pam_env, fds, n_fds);
if (err < 0) {
r = EXIT_PAM;