X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Flogin%2Fpam-module.c;h=c04622c1c2abfc8e80ce098f5c96bd2ed89b566b;hb=d2df0d0ed3a88e491405b403e6022e6619750130;hp=3667425a8cabd8fd18374e7776f7a4522620f87c;hpb=ffcfcb6b2c068a5869cffad8a59d72b888bcb940;p=elogind.git diff --git a/src/login/pam-module.c b/src/login/pam-module.c index 3667425a8..c04622c1c 100644 --- a/src/login/pam-module.c +++ b/src/login/pam-module.c @@ -40,6 +40,7 @@ #include "def.h" #include "socket-util.h" #include "fileio.h" +#include "bus-error.h" static int parse_argv(pam_handle_t *handle, int argc, const char **argv, @@ -178,18 +179,21 @@ _public_ PAM_EXTERN int pam_sm_open_session( int flags, int argc, const char **argv) { - struct passwd *pw; - bool debug = false; - const char *username, *id, *object_path, *runtime_path, *service = NULL, *tty = NULL, *display = NULL, *remote_user = NULL, *remote_host = NULL, *seat = NULL, *type = NULL, *class = NULL, *class_pam = NULL, *cvtnr = NULL; - uint32_t uid, pid; - int session_fd = -1; - bool remote, existing; - uint32_t vtnr = 0; - int r; - - _cleanup_bus_unref_ sd_bus *bus = NULL; _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; _cleanup_bus_message_unref_ sd_bus_message *reply = NULL; + const char + *username, *id, *object_path, *runtime_path, + *service = NULL, + *tty = NULL, *display = NULL, + *remote_user = NULL, *remote_host = NULL, + *seat = NULL, + *type = NULL, *class = NULL, + *class_pam = NULL, *cvtnr = NULL; + _cleanup_bus_unref_ sd_bus *bus = NULL; + int session_fd = -1, existing, r; + uint32_t uid, pid, vtnr = 0; + bool debug = false, remote; + struct passwd *pw; assert(handle); @@ -203,14 +207,14 @@ _public_ PAM_EXTERN int pam_sm_open_session( if (parse_argv(handle, argc, argv, &class_pam, - &debug) < 0) { - r = PAM_SESSION_ERR; - goto finish; - } + &debug) < 0) + return PAM_SESSION_ERR; r = get_user_data(handle, &username, &pw); - if (r != PAM_SUCCESS) - goto finish; + if (r != PAM_SUCCESS) { + pam_syslog(handle, LOG_ERR, "Failed to get user data."); + return r; + } /* Make sure we don't enter a loop by talking to * systemd-logind when it is actually waiting for the @@ -317,7 +321,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( !streq(remote_host, "localhost") && !streq(remote_host, "localhost.localdomain"); - /* Talk to logind over the message bug */ + /* Talk to logind over the message bus */ r = sd_bus_open_system(&bus); if (r < 0) { @@ -352,11 +356,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( remote_host, 0); if (r < 0) { - pam_syslog(handle, LOG_ERR, "Failed to communicate with systemd-logind: %s", strerror(-r)); - if (error.name || error.message) - pam_syslog(handle, LOG_ERR, "systemd-logind returned %s: %s", - error.name ?: "unknown error", - error.message ?: "no message"); + pam_syslog(handle, LOG_ERR, "Failed to create session: %s", bus_error_message(&error, r)); return PAM_SYSTEM_ERR; } @@ -371,8 +371,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( &existing); if (r < 0) { pam_syslog(handle, LOG_ERR, "Failed to parse message: %s", strerror(-r)); - r = PAM_SESSION_ERR; - goto finish; + return PAM_SESSION_ERR; } if (debug) @@ -383,56 +382,56 @@ _public_ PAM_EXTERN int pam_sm_open_session( r = pam_misc_setenv(handle, "XDG_SESSION_ID", id, 0); if (r != PAM_SUCCESS) { pam_syslog(handle, LOG_ERR, "Failed to set session id."); - goto finish; + return r; } r = pam_misc_setenv(handle, "XDG_RUNTIME_DIR", runtime_path, 0); if (r != PAM_SUCCESS) { pam_syslog(handle, LOG_ERR, "Failed to set runtime dir."); - goto finish; + return r; } if (!isempty(seat)) { r = pam_misc_setenv(handle, "XDG_SEAT", seat, 0); if (r != PAM_SUCCESS) { pam_syslog(handle, LOG_ERR, "Failed to set seat."); - goto finish; + return r; } } if (vtnr > 0) { - char buf[11]; + char buf[DECIMAL_STR_MAX(vtnr)]; snprintf(buf, sizeof(buf), "%u", vtnr); - char_array_0(buf); r = pam_misc_setenv(handle, "XDG_VTNR", buf, 0); if (r != PAM_SUCCESS) { pam_syslog(handle, LOG_ERR, "Failed to set virtual terminal number."); - goto finish; + return r; } } r = pam_set_data(handle, "systemd.existing", INT_TO_PTR(!!existing), NULL); if (r != PAM_SUCCESS) { pam_syslog(handle, LOG_ERR, "Failed to install existing flag."); - goto finish; + return r; } if (session_fd >= 0) { + session_fd = dup(session_fd); + if (session_fd < 0) { + pam_syslog(handle, LOG_ERR, "Failed to dup session fd: %m"); + return PAM_SESSION_ERR; + } + r = pam_set_data(handle, "systemd.session-fd", INT_TO_PTR(session_fd+1), NULL); if (r != PAM_SUCCESS) { pam_syslog(handle, LOG_ERR, "Failed to install session fd."); - goto finish; + close_nointr_nofail(session_fd); + return r; } } return PAM_SUCCESS; - -finish: - if (session_fd >= 0) - close_nointr_nofail(session_fd); - - return r; } _public_ PAM_EXTERN int pam_sm_close_session( @@ -440,14 +439,12 @@ _public_ PAM_EXTERN int pam_sm_close_session( int flags, int argc, const char **argv) { + _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; + _cleanup_bus_unref_ sd_bus *bus = NULL; const void *p = NULL, *existing = NULL; const char *id; int r; - _cleanup_bus_unref_ sd_bus *bus = NULL; - _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; - _cleanup_bus_message_unref_ sd_bus_message *reply = NULL; - assert(handle); /* Only release session if it wasn't pre-existing when we @@ -481,11 +478,7 @@ _public_ PAM_EXTERN int pam_sm_close_session( id); if (r < 0) { pam_syslog(handle, LOG_ERR, - "Failed to release session: %s", strerror(-r)); - if (error.name || error.message) - pam_syslog(handle, LOG_ERR, "systemd-logind returned %s: %s", - error.name ?: "unknown error", - error.message ?: "no message"); + "Failed to release session: %s", bus_error_message(&error, r)); r = PAM_SESSION_ERR; goto finish;