diff options
author | Luca Boccassi <bluca@debian.org> | 2023-04-20 12:58:18 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2023-04-24 14:18:22 +0200 |
commit | db0c0f5e003b0a0e202dbc399d35db36087c641c (patch) | |
tree | a143a58311fcd651ee0560440d8b63e1c1ceb861 | |
parent | d5ada52fc4b5cfa54cbca7254b96ca20f4130794 (diff) | |
download | systemd-db0c0f5e003b0a0e202dbc399d35db36087c641c.tar.gz |
pam_systemd_home: clean up sd-bus when called about something else's user
acquire_home() takes a reference to a sd-bus object, which the open_session
hook cleans on success. But only when handling a user actually owned by homed,
it did not clean it up when skipping because it is being invoked on a system
user.
We need to be careful with sd-bus here as pam_sm_open_session is the last
hook before forking, and we want to clean up sd-bus before that happens, or
we'll have a broken reference (FDs are cloexec) in the child process, which
will then assert when attempting to close them, or leak the bus connection
which causes dbus to complain loudly:
dbus-daemon[62]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30020ms)
-rw-r--r-- | src/home/pam_systemd_home.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/home/pam_systemd_home.c b/src/home/pam_systemd_home.c index 8a7bfc5837..e28c95f787 100644 --- a/src/home/pam_systemd_home.c +++ b/src/home/pam_systemd_home.c @@ -727,7 +727,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( r = acquire_home(handle, /* please_authenticate = */ false, suspend_please, debug); if (r == PAM_USER_UNKNOWN) /* Not managed by us? Don't complain. */ - return PAM_SUCCESS; + goto success; /* Need to free the bus resource, as acquire_home() takes a reference. */ if (r != PAM_SUCCESS) return r; @@ -741,6 +741,7 @@ _public_ PAM_EXTERN int pam_sm_open_session( return pam_syslog_pam_error(handle, LOG_ERR, r, "Failed to set PAM environment variable $SYSTEMD_HOME_SUSPEND: @PAMERR@"); +success: /* Let's release the D-Bus connection, after all the session might live quite a long time, and we are * not going to process the bus connection in that time, so let's better close before the daemon * kicks us off because we are not processing anything. */ |