From 0e95ff6b9f7627d4ac2d1fc74d8a4fa981ba7595 Mon Sep 17 00:00:00 2001
From: Robin Haberkorn <robin.haberkorn@googlemail.com>
Date: Fri, 19 Jan 2024 18:13:02 +0300
Subject: [PATCH] FreeBSD: call setuserconttext() instead of setuid() and
 setgid()

---
 makefile    |  2 +-
 src/login.c | 15 +++++++++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/makefile b/makefile
index b0f1f18..8fad2ba 100644
--- a/makefile
+++ b/makefile
@@ -14,7 +14,7 @@ ifeq ($(OS), Linux)
 endif
 ifeq ($(OS), FreeBSD)
 	FLAGS+= -D_DEFAULT_SOURCE ${CPPFLAGS} ${CFLAGS}
-	LINK+=  ${LIBS}
+	LINK+=  ${LIBS} -lutil
 endif
 
 BIND = bin
diff --git a/src/login.c b/src/login.c
index aaca98f..0da69ed 100644
--- a/src/login.c
+++ b/src/login.c
@@ -22,6 +22,10 @@
 #include <utmpx.h>
 #include <xcb/xcb.h>
 
+#include <sys/param.h>
+#include <sys/types.h>
+#include <login_cap.h>
+
 int get_free_display()
 {
 	char xlock[1024];
@@ -603,6 +607,16 @@ void auth(
 			exit(EXIT_FAILURE);
 		}
 
+		ok = setusercontext(NULL, pwd, pwd->pw_uid, LOGIN_SETALL);
+
+		if (ok != 0)
+		{
+			dgn_throw(DGN_USER_UID);
+			exit(EXIT_FAILURE);
+		}
+
+		/* This is done by setusercontext() on FreeBSD. */
+#if 0
 		ok = setgid(pwd->pw_gid);
 
 		if (ok != 0)
@@ -618,6 +632,7 @@ void auth(
 			dgn_throw(DGN_USER_UID);
 			exit(EXIT_FAILURE);
 		}
+#endif
 
 		// get a display
 		char vt[5];
-- 
2.42.0