[Pkg-shadow-commits] r178 - trunk/debian/patches

Nicolas FRANCOIS pkg-shadow-devel@lists.alioth.debian.org
Sat, 28 May 2005 17:24:00 +0000 

Author: nekral-guest
Date: 2005-05-28 17:23:59 +0000 (Sat, 28 May 2005)
New Revision: 178

Added:
   trunk/debian/patches/008_login_close_session_as_root
Modified:
   trunk/debian/patches/008_src.dpatch
   trunk/debian/patches/series
Log:
Extract a chunk from 008_src to 008_login_close_session_as_root.
It deals with forking (to call pam_close_session) before changing the uid.


Added: trunk/debian/patches/008_login_close_session_as_root
===================================================================
--- trunk/debian/patches/008_login_close_session_as_root	2005-05-24 11:07:39 UTC (rev 177)
+++ trunk/debian/patches/008_login_close_session_as_root	2005-05-28 17:23:59 UTC (rev 178)
@@ -0,0 +1,103 @@
+Goal: The PAM session needs to be closed as root, thus before change_uid().
+
+Status wrt upstream: It should certainly be applied upstream.
+
+Notes: The changelog reports:
+         * src/login.c: moved usage of setup_uid_gid() when PAM is enabled or
+           pam_groups.so's groups get clobbered
+           (Ben Collins 19 Sep 1999)
+
+       There was also a bug report (#53570 - login: no pam_sm_close_session
+       call as root - 28 Dec 1999). The submitter proposed to move change_uid
+       instead of the call to PAM_END.
+       
+       With both patches, the behaviour of the parent is modified (for example signal handlers).
+       I don't know if this may be a problem.
+
+Index: shadow-4.0.3/src/login.c
+===================================================================
+--- shadow-4.0.3.orig/src/login.c	2005-05-28 19:11:32.274189000 +0200
++++ shadow-4.0.3/src/login.c	2005-05-28 19:11:33.674189000 +0200
+@@ -1276,6 +1276,40 @@
+ 	login_fbtab (tty, pwent.pw_uid, pwent.pw_gid);
+ #endif
+ 
++#ifdef USE_PAM
++	/*
++	 * We must fork before setuid() because we need to call
++	 * pam_close_session() as root.
++	 *
++	 * Note: not true in other (non-Linux) PAM implementations, where
++	 * the parent process of login (init, telnetd, ...) is responsible
++	 * for calling pam_close_session(). This avoids an extra process for
++	 * each login. Maybe we should do this on Linux too? We let the
++	 * admin configure whether they need to keep login around to close
++	 * sessions.
++	 */
++	if (getdef_bool ("CLOSE_SESSIONS")) {
++		signal (SIGINT, SIG_IGN);
++		child = fork ();
++		if (child < 0) {
++			/* error in fork() */
++			fprintf (stderr,
++				 "login: failure forking: %s",
++				 strerror (errno));
++			PAM_END;
++			exit (0);
++		} else if (child) {
++			/*
++			 * parent - wait for child to finish, then cleanup
++			 * session
++			 */
++			wait (NULL);
++			PAM_END;
++			exit (0);
++		}
++		/* child */
++	}
++#endif
+ 	/* We call set_groups() above because this clobbers pam_groups.so */
+ #ifndef USE_PAM
+ 	if (setup_uid_gid (&pwent, is_console))
+@@ -1377,41 +1411,6 @@
+ 	signal (SIGTERM, SIG_DFL);	/* default terminate signal */
+ 	signal (SIGALRM, SIG_DFL);	/* default alarm signal */
+ 	signal (SIGHUP, SIG_DFL);	/* added this.  --marekm */
+-
+-#ifdef USE_PAM
+-	/*
+-	 * We must fork before setuid() because we need to call
+-	 * pam_close_session() as root.
+-	 *
+-	 * Note: not true in other (non-Linux) PAM implementations, where
+-	 * the parent process of login (init, telnetd, ...) is responsible
+-	 * for calling pam_close_session(). This avoids an extra process for
+-	 * each login. Maybe we should do this on Linux too? We let the
+-	 * admin configure whether they need to keep login around to close
+-	 * sessions.
+-	 */
+-	if (getdef_bool ("CLOSE_SESSIONS")) {
+-		signal (SIGINT, SIG_IGN);
+-		child = fork ();
+-		if (child < 0) {
+-			/* error in fork() */
+-			fprintf (stderr,
+-				 "login: failure forking: %s",
+-				 strerror (errno));
+-			PAM_END;
+-			exit (0);
+-		} else if (child) {
+-			/*
+-			 * parent - wait for child to finish, then cleanup
+-			 * session
+-			 */
+-			wait (NULL);
+-			PAM_END;
+-			exit (0);
+-		}
+-		/* child */
+-	}
+-#endif
+ 	signal (SIGINT, SIG_DFL);	/* default interrupt signal */
+ 
+ 	endpwent ();	/* stop access to password file */

Modified: trunk/debian/patches/008_src.dpatch
===================================================================
--- trunk/debian/patches/008_src.dpatch	2005-05-24 11:07:39 UTC (rev 177)
+++ trunk/debian/patches/008_src.dpatch	2005-05-28 17:23:59 UTC (rev 178)
@@ -218,90 +218,7 @@
  		if (getdef_str ("FTMP_FILE") != NULL) {
  			const char *failent_user;
  
-@@ -1208,6 +1269,40 @@
- 	login_fbtab (tty, pwent.pw_uid, pwent.pw_gid);
- #endif
- 
-+#ifdef USE_PAM
-+	/*
-+	 * We must fork before setuid() because we need to call
-+	 * pam_close_session() as root.
-+	 *
-+	 * Note: not true in other (non-Linux) PAM implementations, where
-+	 * the parent process of login (init, telnetd, ...) is responsible
-+	 * for calling pam_close_session(). This avoids an extra process for
-+	 * each login. Maybe we should do this on Linux too? We let the
-+	 * admin configure whether they need to keep login around to close
-+	 * sessions.
-+	 */
-+	if (getdef_bool ("CLOSE_SESSIONS")) {
-+		signal (SIGINT, SIG_IGN);
-+		child = fork ();
-+		if (child < 0) {
-+			/* error in fork() */
-+			fprintf (stderr,
-+				 "login: failure forking: %s",
-+				 strerror (errno));
-+			PAM_END;
-+			exit (0);
-+		} else if (child) {
-+			/*
-+			 * parent - wait for child to finish, then cleanup
-+			 * session
-+			 */
-+			wait (NULL);
-+			PAM_END;
-+			exit (0);
-+		}
-+		/* child */
-+	}
-+#endif
- 	/* We call set_groups() above because this clobbers pam_groups.so */
- #ifndef USE_PAM
- 	if (setup_uid_gid (&pwent, is_console))
-@@ -1309,41 +1404,6 @@
- 	signal (SIGTERM, SIG_DFL);	/* default terminate signal */
- 	signal (SIGALRM, SIG_DFL);	/* default alarm signal */
- 	signal (SIGHUP, SIG_DFL);	/* added this.  --marekm */
--
--#ifdef USE_PAM
--	/*
--	 * We must fork before setuid() because we need to call
--	 * pam_close_session() as root.
--	 *
--	 * Note: not true in other (non-Linux) PAM implementations, where
--	 * the parent process of login (init, telnetd, ...) is responsible
--	 * for calling pam_close_session(). This avoids an extra process for
--	 * each login. Maybe we should do this on Linux too? We let the
--	 * admin configure whether they need to keep login around to close
--	 * sessions.
--	 */
--	if (getdef_bool ("CLOSE_SESSIONS")) {
--		signal (SIGINT, SIG_IGN);
--		child = fork ();
--		if (child < 0) {
--			/* error in fork() */
--			fprintf (stderr,
--				 "login: failure forking: %s",
--				 strerror (errno));
--			PAM_END;
--			exit (0);
--		} else if (child) {
--			/*
--			 * parent - wait for child to finish, then cleanup
--			 * session
--			 */
--			wait (NULL);
--			PAM_END;
--			exit (0);
--		}
--		/* child */
--	}
--#endif
- 	signal (SIGINT, SIG_DFL);	/* default interrupt signal */
- 
- 	endpwent ();	/* stop access to password file */
-@@ -1357,7 +1417,11 @@
+@@ -1357,7 +1418,11 @@
  	if (pwent.pw_uid == 0)
  		SYSLOG ((LOG_NOTICE, "ROOT LOGIN %s", fromhost));
  	else if (getdef_bool ("LOG_OK_LOGINS"))

Modified: trunk/debian/patches/series
===================================================================
--- trunk/debian/patches/series	2005-05-24 11:07:39 UTC (rev 177)
+++ trunk/debian/patches/series	2005-05-28 17:23:59 UTC (rev 178)
@@ -8,6 +8,7 @@
 008_grpck_add_prune_option
 008_login_stop_checking_args_after--
 008_login_opt-f_with_username_after--
+008_login_close_session_as_root
 008_usermod_warn_old_home_not_removed
 008_userdel_remove_group_from_gshadow
 008_newgrp_preserve_env