login: close PAM session after failed pam_setcred

If for some reason the pam set credential call fails, it does not close the pam
session. pam open can mount drives, so calling pam close is important.

From: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/login-utils/login.c b/login-utils/login.c
index fb3847d083df985440c3d0626206608543bfddb6..a9a06b1e1ef3db0cb4d9f9f682153d0f05021efa 100644 (file)
--- a/login-utils/login.c
+++ b/login-utils/login.c
@@ -624,6 +624,8 @@ main(int argc, char **argv)
     PAM_FAIL_CHECK;
 
     retcode = pam_setcred(pamh, PAM_ESTABLISH_CRED);
+    if (retcode != PAM_SUCCESS)
+           pam_close_session(pamh, 0);
     PAM_FAIL_CHECK;
 
 #else /* ! HAVE_SECURITY_PAM_MISC_H */