logind: validate /run/user/1000 before we set it
Let's be safe than sorry, in particular as logind doesn't set it up anymore, but user-runtime-dir@.service does, and logind doesn't really track success of that.
This commit is contained in:
parent
93d4cb09d5
commit
b921711248
|
@ -308,6 +308,36 @@ static int update_environment(pam_handle_t *handle, const char *key, const char
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static bool validate_runtime_directory(pam_handle_t *handle, const char *path, uid_t uid) {
|
||||||
|
struct stat st;
|
||||||
|
|
||||||
|
assert(path);
|
||||||
|
|
||||||
|
/* Just some extra paranoia: let's not set $XDG_RUNTIME_DIR if the directory we'd set it to isn't actually set
|
||||||
|
* up properly for us. */
|
||||||
|
|
||||||
|
if (lstat(path, &st) < 0) {
|
||||||
|
pam_syslog(handle, LOG_ERR, "Failed to stat() runtime directory '%s': %s", path, strerror(errno));
|
||||||
|
goto fail;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!S_ISDIR(st.st_mode)) {
|
||||||
|
pam_syslog(handle, LOG_ERR, "Runtime directory '%s' is not actually a directory.", path);
|
||||||
|
goto fail;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (st.st_uid != uid) {
|
||||||
|
pam_syslog(handle, LOG_ERR, "Runtime directory '%s' is not owned by UID " UID_FMT ", as it should.", path, uid);
|
||||||
|
goto fail;
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
|
||||||
|
fail:
|
||||||
|
pam_syslog(handle, LOG_WARNING, "Not setting $XDG_RUNTIME_DIR, as the directory is not in order.");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
_public_ PAM_EXTERN int pam_sm_open_session(
|
_public_ PAM_EXTERN int pam_sm_open_session(
|
||||||
pam_handle_t *handle,
|
pam_handle_t *handle,
|
||||||
int flags,
|
int flags,
|
||||||
|
@ -367,10 +397,12 @@ _public_ PAM_EXTERN int pam_sm_open_session(
|
||||||
if (asprintf(&rt, "/run/user/"UID_FMT, pw->pw_uid) < 0)
|
if (asprintf(&rt, "/run/user/"UID_FMT, pw->pw_uid) < 0)
|
||||||
return PAM_BUF_ERR;
|
return PAM_BUF_ERR;
|
||||||
|
|
||||||
r = pam_misc_setenv(handle, "XDG_RUNTIME_DIR", rt, 0);
|
if (validate_runtime_directory(handle, rt, pw->pw_uid)) {
|
||||||
if (r != PAM_SUCCESS) {
|
r = pam_misc_setenv(handle, "XDG_RUNTIME_DIR", rt, 0);
|
||||||
pam_syslog(handle, LOG_ERR, "Failed to set runtime dir.");
|
if (r != PAM_SUCCESS) {
|
||||||
return r;
|
pam_syslog(handle, LOG_ERR, "Failed to set runtime dir.");
|
||||||
|
return r;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return PAM_SUCCESS;
|
return PAM_SUCCESS;
|
||||||
|
@ -574,9 +606,11 @@ _public_ PAM_EXTERN int pam_sm_open_session(
|
||||||
* in privileged apps clobbering the runtime directory
|
* in privileged apps clobbering the runtime directory
|
||||||
* unnecessarily. */
|
* unnecessarily. */
|
||||||
|
|
||||||
r = update_environment(handle, "XDG_RUNTIME_DIR", runtime_path);
|
if (validate_runtime_directory(handle, runtime_path, pw->pw_uid)) {
|
||||||
if (r != PAM_SUCCESS)
|
r = update_environment(handle, "XDG_RUNTIME_DIR", runtime_path);
|
||||||
return r;
|
if (r != PAM_SUCCESS)
|
||||||
|
return r;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Most likely we got the session/type/class from environment variables, but might have gotten the data
|
/* Most likely we got the session/type/class from environment variables, but might have gotten the data
|
||||||
|
|
Loading…
Reference in a new issue