Merge pull request #15785 from poettering/pam-sudo-fixes-part1

some simple PAM fixes split out of #15742
2020-05-12 15:54:42 +02:00 · 2020-05-12 15:54:42 +02:00 · 0289b4ec69
parent cd8fdc2c73 3d9237d666
commit 0289b4ec69
3 changed files with 18 additions and 4 deletions
--- a/3
+++ b/3
@ -22,6 +22,9 @@ Janitorial Clean-ups:

 Features:

+* move our systemd-user PAM snippet to /usr/, which PAM appears to support
+  these days
+
 * nspawn: support time namespaces

 * pid1: Move to tracking of main pid/control pid of units per pidfd
--- a/src/home/pam_systemd_home.c
+++ b/src/home/pam_systemd_home.c
@ -411,7 +411,7 @@ static int acquire_home(

        /* If we already have acquired the fd, let's shortcut this */
        r = pam_get_data(handle, "systemd-home-fd", &home_fd_ptr);
-        if (r == PAM_SUCCESS && PTR_TO_INT(home_fd_ptr) >= 0)
+        if (r == PAM_SUCCESS && PTR_TO_FD(home_fd_ptr) >= 0)
                return PAM_SUCCESS;

        r = pam_acquire_bus_connection(handle, &bus);
--- a/src/login/pam_systemd.c
+++ b/src/login/pam_systemd.c
@ -280,7 +280,6 @@ static int get_seat_from_display(const char *display, const char **seat, uint32_

 static int export_legacy_dbus_address(
                pam_handle_t *handle,
-                uid_t uid,
                const char *runtime) {

        const char *s;
@ -681,7 +680,7 @@ _public_ PAM_EXTERN int pam_sm_open_session(
                        }
                }

-                r = export_legacy_dbus_address(handle, ur->uid, rt);
+                r = export_legacy_dbus_address(handle, rt);
                if (r != PAM_SUCCESS)
                        return r;

@ -885,7 +884,7 @@ _public_ PAM_EXTERN int pam_sm_open_session(
                                return r;
                }

-                r = export_legacy_dbus_address(handle, ur->uid, runtime_path);
+                r = export_legacy_dbus_address(handle, runtime_path);
                if (r != PAM_SUCCESS)
                        return r;
        }
@ -957,11 +956,23 @@ _public_ PAM_EXTERN int pam_sm_close_session(
                int argc, const char **argv) {

        const void *existing = NULL;
+        bool debug = false;
        const char *id;
        int r;

        assert(handle);

+        if (parse_argv(handle,
+                       argc, argv,
+                       NULL,
+                       NULL,
+                       NULL,
+                       &debug) < 0)
+                return PAM_SESSION_ERR;
+
+        if (debug)
+                pam_syslog(handle, LOG_DEBUG, "pam-systemd shutting down");
+
        /* Only release session if it wasn't pre-existing when we
         * tried to create it */
        (void) pam_get_data(handle, "systemd.existing", &existing);