diff options
author | Auke Kok <auke-jan.h.kok@intel.com> | 2012-05-17 12:17:42 -0700 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2012-05-21 17:57:48 +0200 |
commit | 940c5210344e90428287e4f8878a9064e8869e22 (patch) | |
tree | f0d8fa8d3fac1dff09e5d5b9b04e990c963b07b4 /TODO | |
parent | 5b40d33761376354116a8cddb9b9fbdb6c4727d6 (diff) |
sd-pam: Drop uid so parent signal arrives at child.
The PAM helper thread needs to capture the death signal from the
parent, but is prohibited from doing so since when the child dies
as normal user, the kernel won't allow it to send a TERM to the
PAM helper thread which is running as root.
This causes the PAM threads to never exit, accumulating after
user sessions exit.
There is however really no need to keep the PAM threads running as
root, so, we can just setresuid() to the same user as defined in the
unit file for the parent thread (User=). This makes the TERM signal
arrive as normal. In case setresuid() fails, we ignore the error, so
we at least fall back to the current behaviour.
Diffstat (limited to 'TODO')
0 files changed, 0 insertions, 0 deletions