[X2Go-Commits] libpam-x2go.git - build-main (branch) updated: 8197309d3eb2f34aafaf637e61e6c1c7a4fa804a

Sat Apr 27 13:45:34 CEST 2013

The branch, build-main has been updated
       via  8197309d3eb2f34aafaf637e61e6c1c7a4fa804a (commit)
      from  6308a3d8b0356fd523d5162b04abd99bb4abb283 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 src/pam-freerdp.c |   54 ++++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 51 insertions(+), 3 deletions(-)

The diff of changes is:

diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c
index f097ae2..4b97bb8 100644
--- a/src/pam-freerdp.c
+++ b/src/pam-freerdp.c
@@ -504,12 +504,60 @@ done:
 PAM_EXTERN int
 pam_sm_close_session (pam_handle_t *pamh, int flags, int argc, const char **argv)
 {
-	if (session_pid != 0) {
-		kill(session_pid, SIGKILL);
+	if (session_pid == 0) {
+		return PAM_IGNORE;
+	}
+
+	char * username = NULL;
+	int retval = PAM_SUCCESS;
+
+	GET_ITEM(username, PAM_USER);
+
+	struct passwd * pwdent = getpwnam(username);
+	if (pwdent == NULL) {
+		retval = PAM_SYSTEM_ERR;
+		goto done;
+	}
+
+	pid_t pid = fork();
+	if (pid == 0) {
+		if (setgid(pwdent->pw_gid) < 0 || setuid(pwdent->pw_uid) < 0 ||
+				setegid(pwdent->pw_gid) < 0 || seteuid(pwdent->pw_uid) < 0) {
+			_exit(EXIT_FAILURE);
+		}
+
+		if (setgroups(1, &pwdent->pw_gid) != 0) {
+			_exit(EXIT_FAILURE);
+		}
+
+		if (clearenv() != 0) {
+			_exit(EXIT_FAILURE);
+		}
+
+		int killval = kill(session_pid, SIGKILL);
 		session_pid = 0;
+
+		if (killval != 0) {
+			printf("Unable to kill\n");
+		}
+
+		/* NOTE: We're ignoring whether we could kill it or not.  It'd be nice to
+		   track that but there are a lot of reason that we could fail there and
+		   it's not a bad thing.  Really we're attempting a best effort to clean up
+		   we won't be able to gaurantee it. */
+		_exit(EXIT_SUCCESS);	
+	} else if (pid < 0) {
+		retval = PAM_SYSTEM_ERR;
+	} else {
+		int forkret = 0;
+
+		if (waitpid(pid, &forkret, 0) < 0) {
+			retval = PAM_SYSTEM_ERR;
+		}
 	}
 
-	return PAM_IGNORE;
+done:
+	return retval;
 }
 
 /* LightDM likes to have this function around, but we don't need it as we


hooks/post-receive
-- 
libpam-x2go.git (Remote login session via X2Go (PAM module))

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "libpam-x2go.git" (Remote login session via X2Go (PAM module)).


