[systemd-bugs] [Bug 62866] Users logging in gets previous user's XDG_RUNTIME_DIR

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Thu Mar 28 08:11:10 PDT 2013


https://bugs.freedesktop.org/show_bug.cgi?id=62866

Lennart Poettering <lennart at poettering.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |NOTOURBUG

--- Comment #1 from Lennart Poettering <lennart at poettering.net> ---
That sounds as if "slim" is reuse PAM contexts. That's a total no-no,
regardless whether pam_systemd is in the mix, or not.

A PAM service needs to invoke the PAM session hooks like this:

pam_open_session(h);
pid = fork();
if (pid == 0) {
        exec();
} 
waitpid(pid);
pam_close_session(h);
exit();

That's the only correct way. i.e. the PAM handle can only be used once, and
both pam_open_session() and pam_close_session() need to be called in the parent
-- not the child. Also, since the session hooks will set all kinds of stuff
like resource limits, security labels, audit info, selinux labels, yadda yadda
yadda, the parent must exit() after the close session hook.

Anyway, closing, this is almost certainly a fuckup in slim.

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-bugs/attachments/20130328/14f4af73/attachment.html>


More information about the systemd-bugs mailing list