diff options
| author | Lennart Poettering <lennart@poettering.net> | 2011-06-24 22:55:39 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2011-06-24 22:55:39 +0200 |
| commit | 21c390ccd1b4f7bc962c16549df929ad518a1d37 (patch) | |
| tree | 68458572b17f28cd20ea560216f0eea668cefddc | |
| parent | 0771475394887e3635e67196fa6f56486fa2126c (diff) | |
logind: properly handle if two session with identical loginuids are attempted to be created
| -rw-r--r-- | src/logind-dbus.c | 50 | ||||
| -rw-r--r-- | src/logind.h | 1 | ||||
| -rw-r--r-- | src/pam-module.c | 10 |
3 files changed, 53 insertions, 8 deletions
diff --git a/src/logind-dbus.c b/src/logind-dbus.c index 2bad549fc5..d48d68c2bb 100644 --- a/src/logind-dbus.c +++ b/src/logind-dbus.c @@ -314,9 +314,53 @@ static int bus_manager_create_session(Manager *m, DBusMessage *message, DBusMess goto fail; } - if (hashmap_get(m->sessions, id)) { - r = -EEXIST; - goto fail; + session = hashmap_get(m->sessions, id); + + if (session) { + + /* Session already exists, client is probably + * something like "su" which changes uid but + * is still the same audit session */ + + reply = dbus_message_new_method_return(message); + if (!reply) { + r = -ENOMEM; + goto fail; + } + + /* Create a throw-away fd */ + if (pipe(pipe_fds) < 0) { + r = -errno; + goto fail; + } + + close_nointr_nofail(pipe_fds[0]); + pipe_fds[0] = -1; + + p = session_bus_path(session); + if (!p) { + r = -ENOMEM; + goto fail; + } + + b = dbus_message_append_args( + reply, + DBUS_TYPE_STRING, &session->id, + DBUS_TYPE_OBJECT_PATH, &p, + DBUS_TYPE_STRING, &session->user->runtime_path, + DBUS_TYPE_UNIX_FD, &pipe_fds[1], + DBUS_TYPE_INVALID); + free(p); + + if (!b) { + r = -ENOMEM; + goto fail; + } + + close_nointr_nofail(pipe_fds[1]); + *_reply = reply; + + return 0; } } else { diff --git a/src/logind.h b/src/logind.h index 2b9b702f3d..d8674e7511 100644 --- a/src/logind.h +++ b/src/logind.h @@ -40,7 +40,6 @@ * subscribe to fd HUP * D-Bus method: AttachDevice(seat, device); * D-Bus method: PermitLinger(user, bool b); - * properly handle if two sessions with the same loginuid are attempted to be created * * non-local X11 server * reboot/shutdown halt management diff --git a/src/pam-module.c b/src/pam-module.c index dc7c00166e..eba59f65f2 100644 --- a/src/pam-module.c +++ b/src/pam-module.c @@ -457,10 +457,12 @@ _public_ PAM_EXTERN int pam_sm_open_session( goto finish; } - r = pam_set_data(handle, "systemd.session-fd", INT_TO_PTR(session_fd+1), NULL); - if (r != PAM_SUCCESS) { - pam_syslog(handle, LOG_ERR, "Failed to install session fd."); - return r; + if (session_fd >= 0) { + r = pam_set_data(handle, "systemd.session-fd", INT_TO_PTR(session_fd+1), NULL); + if (r != PAM_SUCCESS) { + pam_syslog(handle, LOG_ERR, "Failed to install session fd."); + return r; + } } session_fd = -1; |