Return and use the potentially changed home directory from the sessio…

…n child

Return the home directory from the session child to the daemon which may have
been changed by PAM.
Use the returned home directory in the daemon when running script
hooks.

src/seat.c

@@ -365,7 +365,7 @@ seat_get_allow_guest (Seat *seat)
 }
 
 static gboolean
-run_script (Seat *seat, DisplayServer *display_server, const gchar *script_name, User *user)
+run_script (Seat *seat, DisplayServer *display_server, const gchar *script_name, User *user, const gchar *home_directory)
 {
     g_autoptr(Process) script = process_new (NULL, NULL);
 
@@ -392,7 +392,7 @@ run_script (Seat *seat, DisplayServer *display_server, const gchar *script_name,
     {
         process_set_env (script, "USER", user_get_name (user));
         process_set_env (script, "LOGNAME", user_get_name (user));
-        process_set_env (script, "HOME", user_get_home_directory (user));
+        process_set_env (script, "HOME", home_directory ? home_directory : user_get_home_directory (user));
     }
     else
         process_set_env (script, "HOME", "/");
@@ -457,7 +457,7 @@ display_server_stopped_cb (DisplayServer *display_server, Seat *seat)
     /* Run a script right after stopping the display server */
     const gchar *script = seat_get_string_property (seat, "display-stopped-script");
     if (script)
-        run_script (seat, NULL, script, NULL);
+        run_script (seat, NULL, script, NULL, NULL);
 
     g_signal_handlers_disconnect_matched (display_server, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, seat);
     priv->display_servers = g_list_remove (priv->display_servers, display_server);
@@ -654,7 +654,7 @@ run_session (Seat *seat, Session *session)
         script = seat_get_string_property (seat, "greeter-setup-script");
     else
         script = seat_get_string_property (seat, "session-setup-script");
-    if (script && !run_script (seat, session_get_display_server (session), script, session_get_user (session)))
+    if (script && !run_script (seat, session_get_display_server (session), script, session_get_user (session), session_get_home_directory (session)))
     {
         l_debug (seat, "Switching to greeter due to failed setup script");
         switch_to_greeter_from_failed_session (seat, session);
@@ -778,7 +778,7 @@ session_stopped_cb (Session *session, Seat *seat)
     {
         const gchar *script = seat_get_string_property (seat, "session-cleanup-script");
         if (script)
-            run_script (seat, display_server, script, session_get_user (session));
+            run_script (seat, display_server, script, session_get_user (session), session_get_home_directory (session));
     }
 
     if (priv->stopping)
@@ -1324,7 +1324,7 @@ display_server_ready_cb (DisplayServer *display_server, Seat *seat)
 {
     /* Run setup script */
     const gchar *script = seat_get_string_property (seat, "display-setup-script");
-    if (script && !run_script (seat, display_server, script, NULL))
+    if (script && !run_script (seat, display_server, script, NULL, NULL))
     {
         l_debug (seat, "Stopping display server due to failed setup script");
         display_server_stop (display_server);

src/session-child.c

@@ -546,6 +546,8 @@ session_child_run (int argc, char **argv)
     if (!home_directory) {
         home_directory = user_get_home_directory (user);
     }
+    if (version >= 4)
+        write_string (home_directory);
 
     /* Open a connection to the system bus for ConsoleKit - we must keep it open or CK will close the session */
     g_autoptr(GError) error = NULL;

src/session.c

@@ -59,6 +59,9 @@ typedef struct
     /* User to authenticate as */
     gchar *username;
 
+    /* Home directory of the authenticating user */
+    gchar *home_directory;
+
     /* TRUE if is a guest account */
     gboolean is_guest;
 
@@ -644,7 +647,7 @@ session_real_start (Session *session)
     close (from_child_input);
 
     /* Indicate what version of the protocol we are using */
-    int version = 3;
+    int version = 4;
     write_data (session, &version, sizeof (version));
 
     /* Send configuration */
@@ -671,6 +674,14 @@ session_get_username (Session *session)
     return priv->username;
 }
 
+const gchar *
+session_get_home_directory (Session *session)
+{
+    SessionPrivate *priv = session_get_instance_private (session);
+    g_return_val_if_fail (session != NULL, NULL);
+    return priv->home_directory;
+}
+
 const gchar *
 session_get_login1_session_id (Session *session)
 {
@@ -863,6 +874,14 @@ session_real_run (Session *session)
     for (gsize i = 0; i < argc; i++)
         write_string (session, priv->argv[i]);
 
+    /* Get the home directory of the user currently being authenticated (may change after opening PAM session) */
+    g_autofree gchar *home_directory = read_string_from_child (session);
+    if (g_strcmp0 (home_directory, priv->home_directory) != 0)
+    {
+        g_free (priv->home_directory);
+        priv->home_directory = g_steal_pointer (&home_directory);
+    }
+
     priv->login1_session_id = read_string_from_child (session);
     priv->console_kit_cookie = read_string_from_child (session);
 }
@@ -1005,6 +1024,7 @@ session_finalize (GObject *object)
     if (priv->child_watch)
         g_source_remove (priv->child_watch);
     g_clear_pointer (&priv->username, g_free);
+    g_clear_pointer (&priv->home_directory, g_free);
     g_clear_object (&priv->user);
     g_clear_pointer (&priv->pam_service, g_free);
     for (size_t i = 0; i < priv->messages_length; i++)

src/session.h

@@ -118,6 +118,8 @@ gboolean session_get_is_started (Session *session);
 
 const gchar *session_get_username (Session *session);
 
+const gchar *session_get_home_directory (Session *session);
+
 const gchar *session_get_login1_session_id (Session *session);
 
 const gchar *session_get_console_kit_cookie (Session *session);