Date: Thu, 1 Oct 2015 11:58:53 -0700 From: Bryan Drewery <bdrewery@FreeBSD.org> To: freebsd-arch@FreeBSD.org Subject: login -f changing session getlogin(2) Message-ID: <560D826D.7000302@FreeBSD.org>
next in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --NmnlDEdgGU4JG0JOmDpl1tPPuDsQNbsP9 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable This issue has bothered me forever. As root running 'login -f someuser' and then exit, logname(1) and getlogin(2) will forever return that user's name, rather than root. The issue is that login(1) uses setlogin(2) without ever restoring the login from the parent when it exits. This is easily fixed by something like: Index: usr.bin/login/login.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D --- usr.bin/login/login.c (revision 288456) +++ usr.bin/login/login.c (working copy) @@ -166,6 +166,7 @@ gid_t egid; char *term; char *p, *ttyn; + char oldlogname[MAXLOGNAME]; char tname[sizeof(_PATH_TTY) + 10]; char *arg0; const char *tp; @@ -545,6 +546,9 @@ } pam_session_established =3D 1; + if (getlogin_r(oldlogname, sizeof(oldlogname)) !=3D 0) + oldlogname[0] =3D '\0'; + /* * We must fork() before setuid() because we need to call * pam_close_session() as root. @@ -567,6 +571,8 @@ (void)sigprocmask(SIG_SETMASK, &omask, NULL); waitpid(pid, &status, 0); (void)sigprocmask(SIG_BLOCK, &mask, NULL); + if (oldlogname[0] !=3D '\0') + setlogin(oldlogname); bail(NO_SLEEP_EXIT, 0); } I'm not sure this is the right way though. My initial instinct was to use setsid(2) in the child but that clobbers the terminal. It makes me wonder if there's bigger architectural issues here that need addressing with session and login. Perhaps login -f is just a special case though. Thanks, Bryan Drewery --NmnlDEdgGU4JG0JOmDpl1tPPuDsQNbsP9 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJWDYJzAAoJEDXXcbtuRpfPJEAIALFb3CcBqgRH3lodHOeyu2S+ K8ABbLaz2jybHg85YD3ACvlSt0dilWcjhbxxI9x98URKLZ9Clu9XWrykXnL5xr7h dkt4RmD9wVRKCpis4bXIHLpNrT9Zw4CAWkXxKt7a2EVkX+Y1gZSpGokrll5xLM7j ks4LqrxbboLPqDeqMZ+1/9oD5PqJ62OpEzPWzlh8u0OVtSrI7yKisYpr6EGvLdAA j1Z9cwRdB43K1aESWU+b/RuGehXK/HoJ6Icr7WoLhQAI7g+VLk3w+EkZ3iFyu5rc oC6kYgJIfNtdQ89Qf8+uTQH1fXR4CiOkDJw4W047QyVkiFYfkqBsf0xUIHHKhxE= =ECmn -----END PGP SIGNATURE----- --NmnlDEdgGU4JG0JOmDpl1tPPuDsQNbsP9--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?560D826D.7000302>