logind: rework session shutdown logic

Simplify the shutdown logic a bit: - Keep the session FIFO around in the PAM module, even after the session shutdown hook has been finished. This allows logind to track precisely when the PAM handler goes away. - In the ReleaseSession() call start a timer, that will stop terminate the session when elapsed. - Never fiddle with the KillMode of scopes to configure whether user processes should be killed or not. Instead, simply leave the scope units around when we terminate a session whose processes should not be killed. - When killing is enabled, stop the session scope on FIFO EOF or after the ReleaseSession() timeout. When killing is disabled, simply tell PID 1 to abandon the scope. Because the scopes stay around and hence all processes are always member of a scope, the system shutdown logic should be more robust, as the scopes can be shutdown as part of the usual shutdown logic.
author: Lennart Poettering <lennart@poettering.net> 2014-02-06 18:32:14 +0100
committer: Lennart Poettering <lennart@poettering.net> 2014-02-07 15:14:36 +0100
commit: 5f41d1f10fd97e93517b6a762b1bec247f4d1171 (patch)
tree: a599559b6177bd9fccd01c56f74fad9b81a61851 /src/login/pam-module.c
parent: a911bb9ab27ac0eb3bbf4e8b4109e5da9b88eee3 (diff)
1 files changed, 11 insertions, 17 deletions
diff --git a/src/login/pam-module.c b/src/login/pam-module.c
index 3b2966b30c..79a9042ffd 100644
--- a/src/login/pam-module.c
+++ b/src/login/pam-module.c
@@ -499,7 +499,7 @@ _public_ PAM_EXTERN int pam_sm_close_session(
 
         _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
         _cleanup_bus_unref_ sd_bus *bus = NULL;
-        const void *p = NULL, *existing = NULL;
+        const void *existing = NULL;
         const char *id;
         int r;
 
@@ -519,10 +519,8 @@ _public_ PAM_EXTERN int pam_sm_close_session(
 
                 r = sd_bus_open_system(&bus);
                 if (r < 0) {
-                        pam_syslog(handle, LOG_ERR,
-                                  "Failed to connect to system bus: %s", strerror(-r));
-                        r = PAM_SESSION_ERR;
-                        goto finish;
+                        pam_syslog(handle, LOG_ERR, "Failed to connect to system bus: %s", strerror(-r));
+                        return PAM_SESSION_ERR;
                 }
 
                 r = sd_bus_call_method(bus,
@@ -535,20 +533,16 @@ _public_ PAM_EXTERN int pam_sm_close_session(
                                        "s",
                                        id);
                 if (r < 0) {
-                        pam_syslog(handle, LOG_ERR,
-                                   "Failed to release session: %s", bus_error_message(&error, r));
-
-                        r = PAM_SESSION_ERR;
-                        goto finish;
+                        pam_syslog(handle, LOG_ERR, "Failed to release session: %s", bus_error_message(&error, r));
+                        return PAM_SESSION_ERR;
                 }
         }
 
-        r = PAM_SUCCESS;
+        /* Note that we are knowingly leaking the FIFO fd here. This
+         * way, logind can watch us die. If we closed it here it would
+         * not have any clue when that is completed. Given that one
+         * cannot really have multiple PAM sessions open from the same
+         * process this means we will leak one FD at max. */
 
-finish:
-        pam_get_data(handle, "systemd.session-fd", &p);
-        if (p)
-                close_nointr(PTR_TO_INT(p) - 1);
-
-        return r;
+        return PAM_SUCCESS;
 }
author	Lennart Poettering <lennart@poettering.net>	2014-02-06 18:32:14 +0100
committer	Lennart Poettering <lennart@poettering.net>	2014-02-07 15:14:36 +0100
commit	5f41d1f10fd97e93517b6a762b1bec247f4d1171 (patch)
tree	a599559b6177bd9fccd01c56f74fad9b81a61851 /src/login/pam-module.c
parent	a911bb9ab27ac0eb3bbf4e8b4109e5da9b88eee3 (diff)