if (s->started)
return 0;
+ r = user_start(s->user);
+ if (r < 0)
+ return r;
+
log_info("New session %s of user %s.", s->id, s->user->name);
/* Create cgroup */
static bool session_shall_kill(Session *s) {
assert(s);
- return s->kill_processes;
+ if (!s->kill_processes)
+ return false;
+
+ if (strv_contains(s->manager->kill_exclude_users, s->user->name))
+ return false;
+
+ if (strv_isempty(s->manager->kill_only_users))
+ return true;
+
+ return strv_contains(s->manager->kill_only_users, s->user->name);
}
static int session_kill_cgroup(Session *s) {
assert(s);
- if (!s->started)
- return 0;
-
- log_info("Removed session %s.", s->id);
+ if (s->started)
+ log_info("Removed session %s.", s->id);
/* Kill cgroup */
k = session_kill_cgroup(s);
unlink(s->state_file);
session_add_to_gc_queue(s);
+ user_add_to_gc_queue(s->user);
- session_send_signal(s, false);
+ if (s->started)
+ session_send_signal(s, false);
if (s->seat) {
if (s->seat->active == s)
if (u->started)
return 0;
+ log_info("New user %s logged in.", u->name);
+
/* Make XDG_RUNTIME_DIR */
r = user_mkdir_runtime_path(u);
if (r < 0)
static int user_shall_kill(User *u) {
assert(u);
- return u->manager->kill_user_processes;
+ if (!u->manager->kill_user_processes)
+ return false;
+
+ if (strv_contains(u->manager->kill_exclude_users, u->name))
+ return false;
+
+ if (strv_isempty(u->manager->kill_only_users))
+ return true;
+
+ return strv_contains(u->manager->kill_only_users, u->name);
}
static int user_kill_cgroup(User *u) {
int r = 0, k;
assert(u);
- if (!u->started)
- return 0;
+ if (u->started)
+ log_info("User %s logged out.", u->name);
LIST_FOREACH(sessions_by_user, s, u->sessions) {
k = session_stop(s);
r = k;
}
- user_send_signal(u, false);
-
/* Kill systemd */
k = user_stop_service(u);
if (k < 0)
unlink(u->state_file);
user_add_to_gc_queue(u);
+ if (u->started)
+ user_send_signal(u, false);
+
u->started = false;
return r;
if (startswith(argv[i], "kill-processes=")) {
if ((k = parse_boolean(argv[i] + 15)) < 0) {
- pam_syslog(handle, LOG_ERR, "Failed to parse kill-session= argument.");
+ pam_syslog(handle, LOG_ERR, "Failed to parse kill-processes= argument.");
return k;
}
int flags,
int argc, const char **argv) {
- const char *username = NULL;
struct passwd *pw;
bool kill_processes = false, debug = false;
+ const char *username, *id, *object_path, *runtime_path, *service = NULL, *tty = NULL, *display = NULL, *remote_user = NULL, *remote_host = NULL, *seat = NULL, *type;
char **controllers = NULL, **reset_controllers = NULL, **kill_only_users = NULL, **kill_exclude_users = NULL;
- int r;
DBusError error;
uint32_t uid, pid;
DBusMessageIter iter;
dbus_bool_t kp;
- const char *id, *object_path, *runtime_path, *service = NULL, *tty = NULL, *display = NULL, *remote_user = NULL, *remote_host = NULL, *seat = NULL, *type;
int session_fd = -1;
DBusConnection *bus = NULL;
DBusMessage *m = NULL, *reply = NULL;
dbus_bool_t remote;
+ int r;
assert(handle);
dbus_error_init(&error);
- pam_syslog(handle, LOG_ERR, "pam-systemd initializing");
+ /* pam_syslog(handle, LOG_INFO, "pam-systemd initializing"); */
/* Make this a NOP on non-systemd systems */
if (sd_booted() <= 0)
argc, argv,
&controllers, &reset_controllers,
&kill_processes, &kill_only_users, &kill_exclude_users,
- &debug) < 0)
- return PAM_SESSION_ERR;
+ &debug) < 0) {
+ r = PAM_SESSION_ERR;
+ goto finish;
+ }
r = get_user_data(handle, &username, &pw);
if (r != PAM_SUCCESS)
if (kill_processes)
kill_processes = check_user_lists(handle, pw->pw_uid, kill_only_users, kill_exclude_users);
+ dbus_connection_set_change_sigpipe(FALSE);
+
bus = dbus_bus_get_private(DBUS_BUS_SYSTEM, &error);
if (!bus) {
pam_syslog(handle, LOG_ERR, "Failed to connect to system bus: %s", bus_error_message(&error));
pam_get_item(handle, PAM_TTY, (const void**) &tty);
pam_get_item(handle, PAM_RUSER, (const void**) &remote_user);
pam_get_item(handle, PAM_RHOST, (const void**) &remote_host);
+ seat = pam_getenv(handle, "XDG_SEAT");
- if (isempty(tty))
- service = "";
- if (isempty(tty))
- tty = "";
- if (isempty(display))
- display = "";
- if (isempty(remote_user))
- remote_user = "";
- if (isempty(remote_host))
- remote_host = "";
- seat = "";
+ service = strempty(service);
+ tty = strempty(tty);
+ display = strempty(display);
+ remote_user = strempty(remote_user);
+ remote_host = strempty(remote_host);
+ seat = strempty(seat);
type = !isempty(display) ? "x11" :
!isempty(tty) ? "tty" : "other";
dbus_connection_unref(bus);
}
- if (reply)
- dbus_message_unref(reply);
-
if (m)
dbus_message_unref(m);
+ if (reply)
+ dbus_message_unref(reply);
+
if (session_fd >= 0)
close_nointr_nofail(session_fd);