[systemd-devel] pam: Don't use loginuid [was: Re: Fix PAM module to not clobber XDG_RUNTIME_DIR with su]

Michael Stapelberg stapelberg at debian.org
Mon Nov 18 12:59:14 PST 2013


Hi Martin,

Martin Pitt <martin.pitt at ubuntu.com> writes:

> Martin Pitt [2013-11-14 17:53 +0100]:
>> So option 1 is to update the patch to not rely on "uid", but instead
>> always get it from PAM.
>
> I went through all instances of using the uid, username, or pw, and I
> cannot find any place in the PAM module where we would actually want
> the originating user name, so I retract this.
>
>> Option 2 is to never read it from loginuid, as that's indeed not
>> what one should be concerned about in a PAM module.
>> Attached patch is doing option 2. 
>
> ... and hence I'm convinced that this is the right thing to do.
Thanks for your patch.

This is a rather pressing issue for us (it breaks GDM logins in some
cases), and we’d like to fix it by cherry-picking a patch that was
merged upstream.

Therefore, I’d like to ask people with a commit bit (Colin?) to please
have another look and merge the patch unless something is still wrong
with it :). Thanks!

-- 
Best regards,
Michael


More information about the systemd-devel mailing list