session_proctitle(s);
#if defined(USE_PAM)
- do_pam_setcred();
+ do_pam_setcred(1);
#endif /* USE_PAM */
/* Fork the child. */
#if defined(USE_PAM)
do_pam_session(s->pw->pw_name, s->tty);
- do_pam_setcred();
+ do_pam_setcred(1);
#endif
/* Fork the child. */
exit(1);
}
endgrent();
+# ifdef USE_PAM
+ /*
+ * PAM credentials may take the form of
+ * supplementary groups. These will have been
+ * wiped by the above initgroups() call.
+ * Reestablish them here.
+ */
+ do_pam_setcred(0);
+# endif /* USE_PAM */
# ifdef WITH_IRIX_JOBS
jid = jlimit_startjob(pw->pw_name, pw->pw_uid, "interactive");
if (jid == -1) {