<div dir="ltr" class="gmail_msg">Yes, pam_exec passes PAM_USER env variable, and (optionally) the password as stdin.</div> <div class="gmail_quote gmail_msg"><div dir="ltr" class="gmail_msg">On Sun, Jan 15, 2017, 10:10 David Llewellyn-Jones <<a href="mailto:david@flypig.co.uk" class="gmail_msg" target="_blank">david@flypig.co.uk</a>> wrote: </div><blockquote class="gmail_quote gmail_msg" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On 15/01/17 07:46, Linus Lewandowski wrote: > If you won't find a solution, you might want to try pam_exec. Thank you for the suggestion. I suppose the approach in this case would be to pass the details needed to the external command using environment variables. The external command could then perform the dbus calls? > On Sun, Jan 15, 2017, 02:27 David Llewellyn-Jones <<a href="mailto:david@flypig.co.uk" class="gmail_msg" target="_blank">david@flypig.co.uk</a> > <mailto:<a href="mailto:david@flypig.co.uk" class="gmail_msg" target="_blank">david@flypig.co.uk</a>>> wrote: > > On 13/01/17 15:47, Bastien Nocera wrote: > > On Fri, 2017-01-13 at 14:37 +0000, David Llewellyn-Jones wrote: > >> > >> I've been experiencing strange behaviour connecting to the system bus > >> from a pam module. This is on Ubuntu 16.04 using gdbus and gdbus- > >> codegen > >> for both the caller and listening service. > >> > > [snip - gdbus details] > > >> Does anyone have any suggestion for why this might be happening? > > > > GDBus's threads and PAM really don't mix. You'll need to either use > > something like dbus-glib, which is single-threaded and sync, move your > > D-Bus code to a small helper you'd talk to over Unix sockets (yeah, I > > know...), or wait until PAM dies. > > > > FWIW, this problem is one of the reasons why fprintd (and pam_fprintd) > > is written using dbus-glib rather than GDBus. > > I've attempted to convert the pam module to use dbus-glib, using your > pam_fprintd.c code as a template (which has been very helpful, thank > you!). Unfortunately I'm still running in to problems. > > After removing all of the previous gdbus code and replacing it with the > following dbus-glib code, I now get segfaults occurring. > > ------- > GError * error = NULL; > DBusGConnection * connection; > > connection = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error); > if (connection == NULL) { > syslog(LOG_ERR, "pam_test: connection error: %s\n", error->message); > g_clear_error (&error); > } > else { > dbus_g_connection_unref (connection); > } > ------- > > Originally I had a more complete set of code following this, but I found > the above was enough to trigger the problem. > > Here's the code on github: > <a href="https://github.com/llewelld/dbus-pam-test/blob/5940e11d939f587a7c1b42c00a02d0a5cc7dc2c3/src/pam_test.c#L131" rel="noreferrer" class="gmail_msg" target="_blank">https://github.com/llewelld/dbus-pam-test/blob/5940e11d939f587a7c1b42c00a02d0a5cc7dc2c3/src/pam_test.c#L131</a> > > and here's the segfault entry from syslog: > > Jan 14 23:12:17 Owen kernel: [ 4683.886530] compiz[11249]: segfault at > 7f34cd0ac8a0 ip 00007f34f8692908 sp 00007ffe6e955970 error 4 in > libglib-2.0.so.0.4800.1[7f34f8649000+10f000] > > Am I doing something wrong? In case it's important, the segfault doesn't > occur the first time the module is run, but consistently when it's > called for a second time. Again, this is all using the Unity lockscreen > on Ubuntu 16.04. -- Website: <a href="http://www.flypig.co.uk" rel="noreferrer" class="gmail_msg" target="_blank">http://www.flypig.co.uk</a> </blockquote></div>