Enlightenment CVS committal
Author : sebastid
Project : e17
Module : apps/entrance
Dir : e17/apps/entrance/src/client
Modified Files:
Makefile.am entrance_auth.c entrance_auth.h entrance_login.c
entrance_session.c
Log Message:
Handle pam sessions correctly.
===================================================================
RCS file: /cvsroot/enlightenment/e17/apps/entrance/src/client/Makefile.am,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -3 -r1.15 -r1.16
--- Makefile.am 27 Jun 2004 17:05:27 -0000 1.15
+++ Makefile.am 28 May 2005 09:31:14 -0000 1.16
@@ -19,10 +19,14 @@
entrance_LDADD = @edje_libs@ @ecore_libs@ @edb_libs@ @evas_libs@ \
@esmart_libs@ -lesmart_container -lesmart_text_entry
-entrance_login_SOURCES = entrance_login.c
+entrance_login_SOURCES = \
+ entrance_login.c \
+ entrance_auth.c entrance_auth.h \
+ util.c util.h
-entrance_edit_SOURCES = entrance_edit.c \
- entrance_config.c entrance_user.c \
- util.c entrance_x_session.c entrance_smart.c
+entrance_edit_SOURCES = \
+ entrance_edit.c \
+ entrance_config.c entrance_user.c \
+ util.c entrance_x_session.c entrance_smart.c
entrance_edit_LDADD = @edje_libs@ @ecore_libs@ @edb_libs@ @evas_libs@ \
@esmart_libs@ -lesmart_container -lesmart_text_entry
===================================================================
RCS file: /cvsroot/enlightenment/e17/apps/entrance/src/client/entrance_auth.c,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -3 -r1.23 -r1.24
--- entrance_auth.c 5 Jan 2005 23:10:28 -0000 1.23
+++ entrance_auth.c 28 May 2005 09:31:14 -0000 1.24
@@ -2,7 +2,7 @@
@file entrance_auth.c
@brief Variables and data relating to system authentication
*/
-#include"entrance_auth.h"
+#include "entrance_auth.h"
#include "util.h"
static char *
@@ -87,7 +87,6 @@
#if HAVE_PAM
if (e->pam.handle)
{
- pam_close_session(e->pam.handle, 0);
pam_end(e->pam.handle, PAM_SUCCESS);
e->pam.handle = NULL;
}
@@ -144,15 +143,14 @@
memset(e->pass, 0, sizeof(e->pass));
}
-
#if HAVE_PAM
/**
- * _entrance_auth_pam_initialize - initialize PAM session, structures etc.
+ * entrance_auth_pam_initialize - initialize PAM session, structures etc.
* This function will call pam_start() and set the conversation
* function and others.
*/
-static int
-_entrance_auth_pam_initialize(Entrance_Auth * e, const char *display)
+int
+entrance_auth_pam_initialize(Entrance_Auth * e, const char *display)
{
int pamerr;
@@ -213,7 +211,7 @@
int result = AUTH_FAIL;
int pamerr;
- if (_entrance_auth_pam_initialize(e, display) != E_SUCCESS)
+ if (entrance_auth_pam_initialize(e, display) != E_SUCCESS)
return ERROR_NO_PAM_INIT;
if ((pamerr = pam_authenticate(e->pam.handle, 0)) == PAM_SUCCESS)
===================================================================
RCS file: /cvsroot/enlightenment/e17/apps/entrance/src/client/entrance_auth.h,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -3 -r1.12 -r1.13
--- entrance_auth.h 27 Dec 2004 06:45:14 -0000 1.12
+++ entrance_auth.h 28 May 2005 09:31:14 -0000 1.13
@@ -62,6 +62,10 @@
};
typedef struct _Entrance_Auth Entrance_Auth;
+#ifdef HAVE_PAM
+int entrance_auth_pam_initialize(Entrance_Auth * e, const char *display);
+#endif
+
Entrance_Auth *entrance_auth_new(void);
void entrance_auth_free(Entrance_Auth * e);
void entrance_auth_session_end(Entrance_Auth * e);
===================================================================
RCS file: /cvsroot/enlightenment/e17/apps/entrance/src/client/entrance_login.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -3 -r1.2 -r1.3
--- entrance_login.c 4 Feb 2004 20:59:35 -0000 1.2
+++ entrance_login.c 28 May 2005 09:31:14 -0000 1.3
@@ -4,16 +4,88 @@
#include <sys/types.h>
#include <sys/wait.h>
+#include "../config.h"
+
+#include "entrance_auth.h"
+
+#ifdef HAVE_PAM
+int
+entrance_end_user_session(Entrance_Auth * e)
+{
+ int pamerr;
+
+ if (!e->pam.handle)
+ return ERROR_NO_PAM_INIT;
+
+ syslog(LOG_INFO, "Ending PAM session for user \"%s\".", e->user);
+
+ if ((pamerr = pam_close_session(e->pam.handle, PAM_SILENT)) != PAM_SUCCESS)
+ {
+ syslog(LOG_CRIT, "PAM: %s.", pam_strerror(e->pam.handle, pamerr));
+ return ERROR_NO_PAM_INIT;
+ }
+
+ return E_SUCCESS;
+}
+#endif
+
int
main(int argc, char **argv)
{
- pid_t pid;
+ pid_t pid = -1;
+ char *user = NULL;
+ char *display = NULL;
+
+#ifdef HAVE_PAM
+ Entrance_Auth *e = NULL;
+#endif
+
+ openlog("entrance_login", LOG_PID, LOG_DAEMON);
- if (argc != 2)
+ if ((argc != 2) && (argc != 4))
+ {
+ syslog(LOG_CRIT, "Wrong number of arguments: %d!", argc);
return 0;
+ }
+
+ if (getuid() != 0)
+ {
+ syslog(LOG_CRIT, "Not running as root!");
+ exit(1);
+ }
pid = atoi(argv[1]);
+ if (argc == 4)
+ {
+ user = argv[2];
+ display = argv[3];
+ }
+
+#ifdef HAVE_PAM
+ if (user && display)
+ {
+ e = entrance_auth_new();
+ if (entrance_auth_user_set(e, user))
+ {
+ syslog(LOG_CRIT, "Can't set user %s!", user);
+ exit(1);
+ }
+ entrance_auth_pam_initialize(e, display);
+ }
+#endif
+
if (waitpid(pid, NULL, 0) == pid)
+ {
+#ifdef HAVE_PAM
+ if (e)
+ {
+ if (entrance_end_user_session(e) != E_SUCCESS)
+ syslog(LOG_INFO, "Error Shutting down PAM");
+ entrance_auth_free(e);
+ }
+#endif
+ closelog();
exit(0);
+ }
return -1;
}
===================================================================
RCS file:
/cvsroot/enlightenment/e17/apps/entrance/src/client/entrance_session.c,v
retrieving revision 1.70
retrieving revision 1.71
diff -u -3 -r1.70 -r1.71
--- entrance_session.c 30 Apr 2005 07:16:22 -0000 1.70
+++ entrance_session.c 28 May 2005 09:31:14 -0000 1.71
@@ -364,6 +364,7 @@
pid_t pid;
char buf[PATH_MAX];
char *shell = NULL;
+ struct passwd *pwent = NULL;
entrance_auth_setup_environment(e->auth, e->display);
if ((e->session) && (strlen(e->session) > 0))
@@ -392,6 +393,7 @@
ecore_evas_free(e->ee);
e->ee = NULL;
}
+ edje_shutdown();
ecore_evas_shutdown();
ecore_x_sync();
entrance_ipc_shutdown();
@@ -404,49 +406,67 @@
/* Tell PAM that session has begun */
if (pam_open_session(e->auth->pam.handle, 0) != PAM_SUCCESS)
{
- syslog(LOG_NOTICE, "Cannot open pam session for user \"%s\".",
e->auth->user);
+ syslog(LOG_NOTICE, "Cannot open pam session for user \"%s\".",
e->auth->user);
if (!e->config->autologin.mode)
{
syslog(LOG_CRIT, "Unable to open PAM session. Aborting.");
return;
}
}
+ syslog(LOG_INFO, "Opened PAM session. %s : %s.", e->auth->pw->pw_name,
+ e->display);
}
#endif
-
+ /* avoid doubling up pam handles before the fork */
+ pwent = struct_passwd_dup(e->auth->pw);
+ entrance_auth_free(e->auth);
+ e->auth = NULL;
switch ((pid = fork()))
{
case 0:
- if (initgroups(e->auth->pw->pw_name, e->auth->pw->pw_gid))
+ if (initgroups(pwent->pw_name, pwent->pw_gid))
syslog(LOG_CRIT,
"Unable to initialize group (is entrance running as
root?).");
- if (setgid(e->auth->pw->pw_gid))
+ if (setgid(pwent->pw_gid))
syslog(LOG_CRIT, "Unable to set group id.");
- if (setuid(e->auth->pw->pw_uid))
+ if (setuid(pwent->pw_uid))
syslog(LOG_CRIT, "Unable to set user id.");
- shell = strdup(e->auth->pw->pw_shell);
- entrance_session_free(e);
- syslog(LOG_NOTICE, "Exec session \"%s\".", buf);
- execl(shell, "-", "-c", buf, NULL);
- exit(0);
+ shell = strdup(pwent->pw_shell);
break;
case -1:
syslog(LOG_INFO, "FORK FAILED, UH OH");
exit(0);
default:
+ syslog(LOG_NOTICE, "Replacing Entrance with simple login program to
wait for session end.");
+#ifdef HAVE_PAM
+ if (e->config->auth == ENTRANCE_USE_PAM)
+ {
+ snprintf(buf, sizeof(buf), "%s/entrance_login %i %s %s",
+ PACKAGE_BIN_DIR, (int) pid, pwent->pw_name, e->display);
+ }
+ else
+#endif
+ {
+ snprintf(buf, sizeof(buf), "%s/entrance_login %i", PACKAGE_BIN_DIR,
+ (int) pid);
+ }
+ _entrance_session_user_list_fix(e);
+ shell = strdup("/bin/sh");
+ /* this bypasses a race condition where entrance loses its x
+ connection before the wm gets it and x goes and resets itself */
+ sleep(10);
+ /*
+ * FIXME These should be called!
+ ecore_x_shutdown();
+ ecore_shutdown();
+ */
break;
}
- _entrance_session_user_list_fix(e);
+ struct_passwd_free(pwent);
entrance_session_free(e);
- /* this bypasses a race condition where entrance loses its x connection */
- /* before the wm gets it and x goes and resets itself */
- sleep(10);
/* replace this rpcoess with a clean small one that just waits for its */
/* child to exit.. passed on the cmd-line */
- syslog(LOG_NOTICE, "Replacing Entrance with simple login program to wait
for session end.");
- snprintf(buf, sizeof(buf), "%s/entrance_login %i", PACKAGE_BIN_DIR,
- (int) pid);
- execl("/bin/sh", "/bin/sh", "-c", buf, NULL);
+ execl(shell, shell, "-c", buf, NULL);
}
-------------------------------------------------------
This SF.Net email is sponsored by Yahoo.
Introducing Yahoo! Search Developer Network - Create apps using Yahoo!
Search APIs Find out how you can build Yahoo! directly into your own
Applications - visit http://developer.yahoo.net/?fr=offad-ysdn-ostg-q22005
_______________________________________________
enlightenment-cvs mailing list
enlightenment-cvs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/enlightenment-cvs
