From 4d8778d0e9c5b3c548ddb0464b08baa1d870051f Mon Sep 17 00:00:00 2001
From: wrvsrx <wrvsrx@outlook.com>
Date: Sat, 6 May 2023 18:53:08 +0800
Subject: [PATCH] allow regular user use this pam module

This commit replaces `seteuid(0)` by `seteuid(prev_uid)`, which make
this module can be runned by non-root user.
---
 authfd.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/authfd.c b/authfd.c
index 01d1d89..b859fd4 100644
--- a/authfd.c
+++ b/authfd.c
@@ -105,6 +105,7 @@ int
 ssh_get_authentication_socket(uid_t uid)
 {
 	const char *authsocket;
+	uid_t prev_uid;
 	int sock;
 	struct sockaddr_un sunaddr;
     struct stat sock_st;
@@ -144,6 +145,7 @@ ssh_get_authentication_socket(uid_t uid)
 	}
 
     errno = 0; 
+    prev_uid = geteuid();
     /* To ensure a race condition is not used to circumvent the stat
        above, we will temporarily drop UID to the caller */
     if (seteuid(uid) < 0)
@@ -157,7 +159,7 @@ ssh_get_authentication_socket(uid_t uid)
 	}
 
     /* we now continue the regularly scheduled programming */
-    if (seteuid(0) < 0)
+    if (seteuid(prev_uid) < 0)
         return -1;
 
 	agent_present = 1;