[Christian Sievers]
> There may be a prefered way to close pam's file descriptors that I
> don't know. A simple fix is to just unconditionally close file
> descriptor 0 again.
I believe a better way to fix this is to move the closing of the PAM
session below the point where stdin is reopened. Here is a patch to
implement that change:
--- at-3.1.10.1/atd.c 2008-01-13 13:37:41.000000000 +0100
+++ at-3.1.10/atd.c 2005-08-31 01:42:56.000000000 +0200
@@ -454,6 +454,14 @@
*/
waitpid(pid, (int *) NULL, 0);
+#ifdef HAVE_PAM
+ PRIV_START
+ pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
+ retcode = pam_close_session(pamh, PAM_SILENT);
+ pam_end(pamh, retcode);
+ PRIV_END
+#endif
+
/* Send mail. Unlink the output file after opening it, so it
* doesn't hang around after the run.
*/
@@ -463,18 +471,6 @@
unlink(filename);
-#ifdef HAVE_PAM
- /*
- * PAM can open file descriptors, so it have to be called after
- * the open() call above to make sure it does not open STDIN_FILENO.
- */
- PRIV_START
- pam_setcred(pamh, PAM_DELETE_CRED | PAM_SILENT);
- retcode = pam_close_session(pamh, PAM_SILENT);
- pam_end(pamh, retcode);
- PRIV_END
-#endif
-
/* The job is now finished. We can delete its input file.
*/
chdir(ATJOB_DIR);
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
