[systemd-devel] systemd pam and O_CLOEXEC problem

David Herrmann dh.herrmann at gmail.com
Mon May 12 04:41:03 PDT 2014


Hi

On Mon, May 12, 2014 at 1:27 PM, dedede gfgfgf trtrtrtrtrtr
<s.kabanov70 at mail.ru> wrote:
>   Hello Colin.
>   I am speaking about descriptors in systemd pam module. Application
>   which use pam can not control it. Because of:
>   session_fd = dup(session_fd);
>
>   in pam-module.c we have now descriptor which does not have O_CLOEXEC
>   set. So it will not be closed automatically during exec of children
> processes
>   and because of this logind will not know that process which opened pam
>   session exited.

This behavior is intentional. This way we can track the main processes
of the session and get notified when they died. You should be able to
close the session by using pam_close_session().

Thanks
David


More information about the systemd-devel mailing list