From 2e1d7eb6080644928a22d992a4ff1f844334cf3d Mon Sep 17 00:00:00 2001 From: Guido Berhoerster Date: Mon, 9 Oct 2023 08:51:16 +0200 Subject: [PATCH] Return and use the potentially changed home directory from the session child Return the home directory from the session child to the daemon which may have been changed by PAM. Use the returned home directory in the daemon when running script hooks. --- src/seat.c | 12 ++++++------ src/session-child.c | 2 ++ src/session.c | 22 +++++++++++++++++++++- src/session.h | 2 ++ 4 files changed, 31 insertions(+), 7 deletions(-) diff --git a/src/seat.c b/src/seat.c index 998acdbb..8e09026c 100644 --- a/src/seat.c +++ b/src/seat.c @@ -365,7 +365,7 @@ seat_get_allow_guest (Seat *seat) } static gboolean -run_script (Seat *seat, DisplayServer *display_server, const gchar *script_name, User *user) +run_script (Seat *seat, DisplayServer *display_server, const gchar *script_name, User *user, const gchar *home_directory) { g_autoptr(Process) script = process_new (NULL, NULL); @@ -392,7 +392,7 @@ run_script (Seat *seat, DisplayServer *display_server, const gchar *script_name, { process_set_env (script, "USER", user_get_name (user)); process_set_env (script, "LOGNAME", user_get_name (user)); - process_set_env (script, "HOME", user_get_home_directory (user)); + process_set_env (script, "HOME", home_directory ? home_directory : user_get_home_directory (user)); } else process_set_env (script, "HOME", "/"); @@ -457,7 +457,7 @@ display_server_stopped_cb (DisplayServer *display_server, Seat *seat) /* Run a script right after stopping the display server */ const gchar *script = seat_get_string_property (seat, "display-stopped-script"); if (script) - run_script (seat, NULL, script, NULL); + run_script (seat, NULL, script, NULL, NULL); g_signal_handlers_disconnect_matched (display_server, G_SIGNAL_MATCH_DATA, 0, 0, NULL, NULL, seat); priv->display_servers = g_list_remove (priv->display_servers, display_server); @@ -654,7 +654,7 @@ run_session (Seat *seat, Session *session) script = seat_get_string_property (seat, "greeter-setup-script"); else script = seat_get_string_property (seat, "session-setup-script"); - if (script && !run_script (seat, session_get_display_server (session), script, session_get_user (session))) + if (script && !run_script (seat, session_get_display_server (session), script, session_get_user (session), session_get_home_directory (session))) { l_debug (seat, "Switching to greeter due to failed setup script"); switch_to_greeter_from_failed_session (seat, session); @@ -778,7 +778,7 @@ session_stopped_cb (Session *session, Seat *seat) { const gchar *script = seat_get_string_property (seat, "session-cleanup-script"); if (script) - run_script (seat, display_server, script, session_get_user (session)); + run_script (seat, display_server, script, session_get_user (session), session_get_home_directory (session)); } if (priv->stopping) @@ -1324,7 +1324,7 @@ display_server_ready_cb (DisplayServer *display_server, Seat *seat) { /* Run setup script */ const gchar *script = seat_get_string_property (seat, "display-setup-script"); - if (script && !run_script (seat, display_server, script, NULL)) + if (script && !run_script (seat, display_server, script, NULL, NULL)) { l_debug (seat, "Stopping display server due to failed setup script"); display_server_stop (display_server); diff --git a/src/session-child.c b/src/session-child.c index cda81269..4e04137d 100644 --- a/src/session-child.c +++ b/src/session-child.c @@ -546,6 +546,8 @@ session_child_run (int argc, char **argv) if (!home_directory) { home_directory = user_get_home_directory (user); } + if (version >= 4) + write_string (home_directory); /* Open a connection to the system bus for ConsoleKit - we must keep it open or CK will close the session */ g_autoptr(GError) error = NULL; diff --git a/src/session.c b/src/session.c index 40bed8dd..d0d8a235 100644 --- a/src/session.c +++ b/src/session.c @@ -59,6 +59,9 @@ typedef struct /* User to authenticate as */ gchar *username; + /* Home directory of the authenticating user */ + gchar *home_directory; + /* TRUE if is a guest account */ gboolean is_guest; @@ -644,7 +647,7 @@ session_real_start (Session *session) close (from_child_input); /* Indicate what version of the protocol we are using */ - int version = 3; + int version = 4; write_data (session, &version, sizeof (version)); /* Send configuration */ @@ -671,6 +674,14 @@ session_get_username (Session *session) return priv->username; } +const gchar * +session_get_home_directory (Session *session) +{ + SessionPrivate *priv = session_get_instance_private (session); + g_return_val_if_fail (session != NULL, NULL); + return priv->home_directory; +} + const gchar * session_get_login1_session_id (Session *session) { @@ -863,6 +874,14 @@ session_real_run (Session *session) for (gsize i = 0; i < argc; i++) write_string (session, priv->argv[i]); + /* Get the home directory of the user currently being authenticated (may change after opening PAM session) */ + g_autofree gchar *home_directory = read_string_from_child (session); + if (g_strcmp0 (home_directory, priv->home_directory) != 0) + { + g_free (priv->home_directory); + priv->home_directory = g_steal_pointer (&home_directory); + } + priv->login1_session_id = read_string_from_child (session); priv->console_kit_cookie = read_string_from_child (session); } @@ -1005,6 +1024,7 @@ session_finalize (GObject *object) if (priv->child_watch) g_source_remove (priv->child_watch); g_clear_pointer (&priv->username, g_free); + g_clear_pointer (&priv->home_directory, g_free); g_clear_object (&priv->user); g_clear_pointer (&priv->pam_service, g_free); for (size_t i = 0; i < priv->messages_length; i++) diff --git a/src/session.h b/src/session.h index e1130e83..ed9bacf4 100644 --- a/src/session.h +++ b/src/session.h @@ -118,6 +118,8 @@ gboolean session_get_is_started (Session *session); const gchar *session_get_username (Session *session); +const gchar *session_get_home_directory (Session *session); + const gchar *session_get_login1_session_id (Session *session); const gchar *session_get_console_kit_cookie (Session *session);