aboutsummaryrefslogtreecommitdiff
path: root/pam/pam.go
diff options
context:
space:
mode:
Diffstat (limited to 'pam/pam.go')
-rw-r--r--pam/pam.go8
1 files changed, 4 insertions, 4 deletions
diff --git a/pam/pam.go b/pam/pam.go
index 657e9fb..a3642cc 100644
--- a/pam/pam.go
+++ b/pam/pam.go
@@ -131,17 +131,17 @@ func (h *Handle) GetItem(i Item) (unsafe.Pointer, error) {
// StartAsPamUser sets the effective privileges to that of the PAM user, and
// configures the PAM user's keyrings to be properly linked.
func (h *Handle) StartAsPamUser() error {
- if err := security.KeyringsSetup(h.PamUser, h.OrigUser); err != nil {
- return err
+ if _, err := security.UserKeyringID(h.PamUser); err != nil {
+ log.Printf("Setting up keyrings in PAM: %v", err)
}
- return security.SetThreadPrivileges(h.PamUser, false)
+ return security.SetThreadPrivileges(h.PamUser)
}
// StopAsPamUser restores the original privileges that were running the
// PAM module (this is usually root). As this error is often ignored in a defer
// statement, any error is also logged.
func (h *Handle) StopAsPamUser() error {
- err := security.SetThreadPrivileges(h.OrigUser, false)
+ err := security.SetThreadPrivileges(h.OrigUser)
if err != nil {
log.Print(err)
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-10 16:36:34 +0000