[systemd-bugs] [Bug 54176] New: ExecStartPre is in a PAM session even with PermissionsStartOnly

Tue Aug 28 17:01:01 PDT 2012

https://bugs.freedesktop.org/show_bug.cgi?id=54176

             Bug #: 54176
           Summary: ExecStartPre is in a PAM session even with
                    PermissionsStartOnly
    Classification: Unclassified
           Product: systemd
           Version: unspecified
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: medium
         Component: general
        AssignedTo: systemd-bugs at lists.freedesktop.org
        ReportedBy: j.witteveen at gmail.com
         QAContact: systemd-bugs at lists.freedesktop.org

One of my services contains:

[Service]
User=%I
PAMName=login
PermissionsStartOnly=true
ExecStartPre=/usr/bin/x-daemon -nolisten tcp -noreset vt1

I noticed that the execution of the x-daemon process opens a PAM session. I
feel this should not be the case: the session is for some specified user, while
the script runs as root.

Changing line 1287 of src/core/execute.c to read:
err = setup_pam(apply_permissions && context->pam_name, username, uid,
context->tty_path, &pam_env, fds, n_fds);
doesn't seem to do the trick. It looks like the process gets killed but the
only thing I am certain of is that my system hangs.

For reference, this is the contents of the x-daemon script:

#! /bin/bash

trap "exit 0" USR1
(
  trap "" USR1
  exec /usr/bin/X "$@"
) &
wait
exit 1

-- 
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA Contact for the bug.
You are the assignee for the bug.