summaryrefslogtreecommitdiff
path: root/usr.bin/su
diff options
context:
space:
mode:
authorHans Insulander <hin@cvs.openbsd.org>2001-06-25 21:29:32 +0000
committerHans Insulander <hin@cvs.openbsd.org>2001-06-25 21:29:32 +0000
commit466117ae9b8b38d4917b08a8588e04823c21e829 (patch)
treee239ff76a54dff2cd05ac41c7dc6aecd75b7a302 /usr.bin/su
parentba070bba6d0518c80e0bb2ce0aa50bf4b06e3d36 (diff)
Instead of trying to do clever and figure out a root instance for Kerberos,
send tell the auth program who the invoking user is, and rely on it to handle root instances for Kerberos. This makes the code much cleaner and simpler. ok millertt@
Diffstat (limited to 'usr.bin/su')
-rw-r--r--usr.bin/su/su.c17
1 files changed, 7 insertions, 10 deletions
diff --git a/usr.bin/su/su.c b/usr.bin/su/su.c
index 894d81e8418..61b74d57825 100644
--- a/usr.bin/su/su.c
+++ b/usr.bin/su/su.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: su.c,v 1.39 2001/06/25 16:18:38 millert Exp $ */
+/* $OpenBSD: su.c,v 1.40 2001/06/25 21:29:31 hin Exp $ */
/*
* Copyright (c) 1988 The Regents of the University of California.
@@ -41,7 +41,7 @@ char copyright[] =
#ifndef lint
/*static char sccsid[] = "from: @(#)su.c 5.26 (Berkeley) 7/6/91";*/
-static char rcsid[] = "$OpenBSD: su.c,v 1.39 2001/06/25 16:18:38 millert Exp $";
+static char rcsid[] = "$OpenBSD: su.c,v 1.40 2001/06/25 21:29:31 hin Exp $";
#endif /* not lint */
#include <sys/param.h>
@@ -143,6 +143,10 @@ main(argc, argv)
/* get current login name and shell */
ruid = getuid();
username = getlogin();
+
+ if(username != NULL)
+ auth_setoption(as, "invokinguser", username);
+
if (username == NULL || (pwd = getpwnam(username)) == NULL ||
pwd->pw_uid != ruid)
pwd = getpwuid(ruid);
@@ -187,14 +191,7 @@ main(argc, argv)
if ((pwd->pw_uid || !style || strcmp(style, LOGIN_DEFSTYLE)) &&
(style = login_getstyle(lc, style, "auth-su")) == NULL)
auth_errx(as, 1, "invalid authentication type");
- if (pwd->pw_uid || strcmp(user, "root") != 0)
- fullname = user;
- else {
- if ((fullname =
- malloc(strlen(username) + 6)) == NULL)
- auth_err(as, 1, NULL);
- (void)sprintf(fullname, "%s.root", username);
- }
+ fullname = user;
/*
* Let the authentication program know whether they are
* in group wheel or not (if trying to become super user)