Comment # 26 on bug 1174593 from Josef M�llers

(In reply to Dr. Werner Fink from comment #25)
> (In reply to Josef M�llers from comment #24)
> > (In reply to Dr. Werner Fink from comment #23)
> > > On the other hand ... the pam_xauth already running as root knows about the
> > > original user and can execute the reading xauth (with option -i) as user
> > > werner
> > 
> > I'm not sure what you mean by "knows about the original user". As far as I
> > can see, it does not: PAM_USER is "root", so all traces of the previous user
> > are lost.
> 
> At least the pam_unix seems to know
> 
> Oct 02 10:46:02 boole sudo[18052]: pam_unix(sudo-i:session): session opened
> for user root by werner(uid=0)

This pam_unix gets from pam_get_item(pamh, PAM_USER, (void *) &user_name);

pam_xauth does
pam_get_user(pamh, &user, NULL)
+-->retval = pam_set_item(pamh, PAM_USER, resp->resp);
    which sets PAM_USER to the new user's name
tpwd = pam_modutil_getpwnam(pamh, user);
:
if (debug) {
        pam_syslog(pamh, LOG_DEBUG,
                   "requesting user %lu/%lu, target user %lu/%lu",
                   (unsigned long) rpwd->pw_uid, 
                   (unsigned long) rpwd->pw_gid,
                   (unsigned long) tpwd->pw_uid,
                   (unsigned long) tpwd->pw_gid);

> Oct 02 10:46:02 boole sudo[18052]: pam_xauth(sudo-i:session): requesting
> user 0/0, target user 0/0

Hm ... when collecting this stuff, it occurred to me that pam_xauth could
retrieve the old user name prior to calling pam_get_user() ... stay tuned ...

> Oct 02 10:46:02 boole sudo[18052]: pam_xauth(sudo-i:session): current and
> target user are the same, forward X11
> Oct 02 10:46:02 boole sudo[18052]: pam_xauth(sudo-i:session): reading keys
> from `/dev/shm/.xauth.j391gjD'
> Oct 02 10:46:02 boole sudo[18052]: pam_xauth(sudo-i:session): running
> "/usr/bin/xauth -f /dev/shm/.xauth.j391gjD nlist :3" as 0/0
> Oct 02 10:48:00 boole sudo[18052]: pam_xauth(sudo-i:session): no key
> 
> last line does not work as the fifo there is not open with -i