unit: consider all cgroups in the name=systemd hierarchy, even when the user has...

[elogind.git] / src / pam-module.c

diff --git a/src/pam-module.c b/src/pam-module.c
index e1ad8c9bfade571dc1ea020c8bcb2d1c4910dd28..178c46940c2d41247e72f996925cac500474a82b 100644 (file)
--- a/src/pam-module.c
+++ b/src/pam-module.c
@@ -50,8 +50,6 @@ static int parse_argv(pam_handle_t *handle,
                       bool *debug) {
 
         unsigned i;
-        bool reset_controller_set = false;
-        bool kill_exclude_users_set = false;
 
         assert(argc >= 0);
         assert(argc == 0 || argv);
@@ -59,9 +57,9 @@ static int parse_argv(pam_handle_t *handle,
         for (i = 0; i < (unsigned) argc; i++) {
                 int k;
 
-                if (startswith(argv[i], "kill-processes=")) {
-                        if ((k = parse_boolean(argv[i] + 15)) < 0) {
-                                pam_syslog(handle, LOG_ERR, "Failed to parse kill-processes= argument.");
+                if (startswith(argv[i], "kill-session-processes=")) {
+                        if ((k = parse_boolean(argv[i] + 23)) < 0) {
+                                pam_syslog(handle, LOG_ERR, "Failed to parse kill-session-processes= argument.");
                                 return k;
                         }
 
@@ -107,8 +105,6 @@ static int parse_argv(pam_handle_t *handle,
                                 *reset_controllers = l;
                         }
 
-                        reset_controller_set = true;
-
                 } else if (startswith(argv[i], "kill-only-users=")) {
 
                         if (kill_only_users) {
@@ -137,8 +133,6 @@ static int parse_argv(pam_handle_t *handle,
                                 *kill_exclude_users = l;
                         }
 
-                        kill_exclude_users_set = true;
-
                 } else if (startswith(argv[i], "debug=")) {
                         if ((k = parse_boolean(argv[i] + 6)) < 0) {
                                 pam_syslog(handle, LOG_ERR, "Failed to parse debug= argument.");
@@ -159,34 +153,6 @@ static int parse_argv(pam_handle_t *handle,
                 }
         }
 
-        if (!reset_controller_set && reset_controllers) {
-                char **l;
-
-                if (!(l = strv_new("cpu", NULL))) {
-                        pam_syslog(handle, LOG_ERR, "Out of memory");
-                        return -ENOMEM;
-                }
-
-                *reset_controllers = l;
-        }
-
-        if (controllers)
-                strv_remove(*controllers, SYSTEMD_CGROUP_CONTROLLER);
-
-        if (reset_controllers)
-                strv_remove(*reset_controllers, SYSTEMD_CGROUP_CONTROLLER);
-
-        if (!kill_exclude_users_set && kill_exclude_users) {
-                char **l;
-
-                if (!(l = strv_new("root", NULL))) {
-                        pam_syslog(handle, LOG_ERR, "Out of memory");
-                        return -ENOMEM;
-                }
-
-                *kill_exclude_users = l;
-        }
-
         return 0;
 }
 
@@ -395,6 +361,13 @@ _public_ PAM_EXTERN int pam_sm_open_session(
         if (sd_booted() <= 0)
                 return PAM_SUCCESS;
 
+        /* Make sure we don't enter a loop by talking to
+         * systemd-logind when it is actually waiting for the
+         * background to finish start-up, */
+        pam_get_item(handle, PAM_SERVICE, (const void**) &service);
+        if (streq_ptr(service, "systemd-shared"))
+                return PAM_SUCCESS;
+
         if (parse_argv(handle,
                        argc, argv,
                        &controllers, &reset_controllers,
@@ -435,7 +408,6 @@ _public_ PAM_EXTERN int pam_sm_open_session(
         uid = pw->pw_uid;
         pid = getpid();
 
-        pam_get_item(handle, PAM_SERVICE, (const void**) &service);
         pam_get_item(handle, PAM_XDISPLAY, (const void**) &display);
         pam_get_item(handle, PAM_TTY, (const void**) &tty);
         pam_get_item(handle, PAM_RUSER, (const void**) &remote_user);