diff options
author | Luca Boccassi <bluca@debian.org> | 2023-04-16 14:55:09 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2023-04-24 14:18:50 +0200 |
commit | a2dd39b4cb19f4ed4599422e635cc019dcae6ada (patch) | |
tree | dd917c2c054971bf55775c4b5b0338069f1653de /src/home/pam_systemd_home.c | |
parent | db0c0f5e003b0a0e202dbc399d35db36087c641c (diff) | |
download | systemd-a2dd39b4cb19f4ed4599422e635cc019dcae6ada.tar.gz |
pam: cache sd-bus separately per module
sd-bus connection is cached by the two pam modules globally, but this
can lead to issues due to hashmaps (used by sd-bus) using a global
static variable for the shared hash key, which is different per module
as both modules are loaded in the same process.
This happens because the sd-bus object is create in one module, but
used in the other, so global state does not match.
Use a different pam cache identifier for the sd-bus pointer, so that
each module uses a different sd-bus connection as a workaround.
Fixes https://github.com/systemd/systemd/issues/27216
Fixes https://github.com/systemd/systemd/issues/17266
Diffstat (limited to 'src/home/pam_systemd_home.c')
-rw-r--r-- | src/home/pam_systemd_home.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/src/home/pam_systemd_home.c b/src/home/pam_systemd_home.c index e28c95f787..6a3e656035 100644 --- a/src/home/pam_systemd_home.c +++ b/src/home/pam_systemd_home.c @@ -140,7 +140,7 @@ static int acquire_user_record( _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; _cleanup_free_ char *generic_field = NULL, *json_copy = NULL; - r = pam_acquire_bus_connection(handle, &bus); + r = pam_acquire_bus_connection(handle, "pam-systemd-home", &bus); if (r != PAM_SUCCESS) return r; @@ -513,7 +513,7 @@ static int acquire_home( if (r == PAM_SUCCESS && PTR_TO_FD(home_fd_ptr) >= 0) return PAM_SUCCESS; - r = pam_acquire_bus_connection(handle, &bus); + r = pam_acquire_bus_connection(handle, "pam-systemd-home", &bus); if (r != PAM_SUCCESS) return r; @@ -745,7 +745,7 @@ success: /* Let's release the D-Bus connection, after all the session might live quite a long time, and we are * not going to process the bus connection in that time, so let's better close before the daemon * kicks us off because we are not processing anything. */ - (void) pam_release_bus_connection(handle); + (void) pam_release_bus_connection(handle, "pam-systemd-home"); return PAM_SUCCESS; } @@ -785,7 +785,7 @@ _public_ PAM_EXTERN int pam_sm_close_session( if (r != PAM_SUCCESS) return r; - r = pam_acquire_bus_connection(handle, &bus); + r = pam_acquire_bus_connection(handle, "pam-systemd-home", &bus); if (r != PAM_SUCCESS) return r; @@ -944,7 +944,7 @@ _public_ PAM_EXTERN int pam_sm_chauthtok( if (debug) pam_syslog(handle, LOG_DEBUG, "pam-systemd-homed account management"); - r = pam_acquire_bus_connection(handle, &bus); + r = pam_acquire_bus_connection(handle, "pam-systemd-home", &bus); if (r != PAM_SUCCESS) return r; |