From 6429de28d679462303a4c655e67bd0832ab7da51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Marczewski?= Date: Fri, 7 Feb 2020 13:07:57 +0100 Subject: [PATCH] agent: don't skip PAM setup outside of tests We need the PAM setup to initialize environment for user session, even if we do not actually change the user. Keep the simplified behaviour to tests. --- agent/qrexec-agent.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/agent/qrexec-agent.c b/agent/qrexec-agent.c index 5fcfa783..6e6139c7 100644 --- a/agent/qrexec-agent.c +++ b/agent/qrexec-agent.c @@ -164,12 +164,19 @@ void do_exec(char *cmd) signal(SIGCHLD, SIG_DFL); signal(SIGPIPE, SIG_DFL); - pw = getpwuid(geteuid()); - if (!pw) { - perror("getpwuid"); - exit(1); - } - if (!strcmp(pw->pw_name, user)) { + if (geteuid() != 0) { + /* We're not root, assume this is a testing environment. */ + + pw = getpwuid(geteuid()); + if (!pw) { + perror("getpwuid"); + exit(1); + } + if (strcmp(pw->pw_name, user)) { + fprintf(stderr, "requested user %s, but qrexec-agent is running as user %s\n", + user, pw->pw_name); + exit(1); + } /* call QUBESRPC if requested */ exec_qubes_rpc_if_requested(realcmd, environ);