[systemd-devel] systemd pam and O_CLOEXEC problem
dedede gfgfgf trtrtrtrtrtr
s.kabanov70 at mail.ru
Mon May 12 04:27:43 PDT 2014
Fri, 09 May 2014 11:07:45 +0000 от Colin Walters <walters at verbum.org>:
>
>
>On Mon, May 5, 2014 at 6:48 AM, dedede gfgfgf trtrtrtrtrtr
>< s.kabanov70 at mail.ru > wrote:
>> Investigations showed that since in pam module we started to dup fifo
>> descriptor problem appeared. Dup does not set O_CLOEXEC flag. So
>> after fork/exec
>> all children processes have that descriptor and when parent which
>> open pam session dies, children processes continue to run.
>
>I think you should change your login program to close unnecessary FDs
>before executing children.
>
>
>
Hello Colin.
I am speaking about descriptors in systemd pam module. Application
which use pam can not control it. Because of:
session_fd = dup(session_fd);
in pam-module.c we have now descriptor which does not have O_CLOEXEC
set. So it will not be closed automatically during exec of children processes
and because of this logind will not know that process which opened pam
session exited.
Sergei
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20140512/cf29e84c/attachment.html>
More information about the systemd-devel
mailing list