From 061334771b143b7f47caccba8525be6e041a252f Mon Sep 17 00:00:00 2001
From: Dave Olson <olson@cumulusnetworks.com>
Date: Wed, 21 Jun 2017 20:00:05 -0700
Subject: Fix problem with sudo, su, etc. in pam_script scripts

The flat file was overwritten on su, sudo, etc.  Fixed that.

The flat file was removed on exit from su, sudo, etc.  I've
temporarily worked around that by not cleaning up.  Need to do
a better job, but this will let testing continue.
---
 pam_script_ses_open | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'pam_script_ses_open')

diff --git a/pam_script_ses_open b/pam_script_ses_open
index 6bdf57e..731e250 100755
--- a/pam_script_ses_open
+++ b/pam_script_ses_open
@@ -54,7 +54,10 @@ fi
 hdir=$(eval echo ~$PAM_USER)
 [ -d "$hdir" ] || /sbin/mkhomedir_helper $PAM_USER
 
-date +"%FT%T.%N%nuser=$PAM_USER%npid=$$%nauid=$auid%nsession=$sess%nhome=$hdir" \
+# don't overwrite if it already exists.  Happens when sudo or su
+# is run from an existing mapped session.
+[ -s $dbdir/$sess ] || \
+   date +"%FT%T.%N%nuser=$PAM_USER%npid=$$%nauid=$auid%nsession=$sess%nhome=$hdir" \
    > $dbdir/$sess
 
 # always succeed, this should not block sessions on errors
-- 
cgit v1.2.3