diff --git a/ChangeLog b/ChangeLog
index 5beed08e..04cd6789 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -8,6 +8,9 @@
 	* src/su.c: Also drop the controlling terminal when PAM is not
 	used.
 	* src/su.c: Remove run_shell().
+	* src/su.c: After prepare_pam_close_session() there is no need to
+	close the session in the child. Added pam_setcred to
+	prepare_pam_close_session().
 
 2011-06-12  Nicolas François  <nicolas.francois@centraliens.net>
 
diff --git a/src/su.c b/src/su.c
index 14483327..e0a2c6d8 100644
--- a/src/su.c
+++ b/src/su.c
@@ -376,11 +376,10 @@ static void prepare_pam_close_session (void)
 		SYSLOG ((LOG_ERR, "pam_close_session: %s",
 		         pam_strerror (pamh, ret)));
 		fprintf (stderr, _("%s: %s\n"), Prog, pam_strerror (pamh, ret));
-		(void) pam_end (pamh, ret);
-		exit (1);
 	}
 
-	ret = pam_end (pamh, PAM_SUCCESS);
+	(void) pam_setcred (pamh, PAM_DELETE_CRED);
+	(void) pam_end (pamh, PAM_SUCCESS);
 
 	if (0 != caught) {
 		(void) signal (SIGALRM, kill_child);
@@ -1016,9 +1015,6 @@ int main (int argc, char **argv)
 
 	/* become the new user */
 	if (change_uid (pw) != 0) {
-		pam_close_session (pamh, 0);
-		pam_setcred (pamh, PAM_DELETE_CRED);
-		(void) pam_end (pamh, PAM_ABORT);
 		exit (1);
 	}
 #else				/* !USE_PAM */