[thirdparty/systemd.git] / src / pam-module.c

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <errno.h>
#include <fcntl.h>
#include <sys/file.h>
#include <pwd.h>
#include <endian.h>
#include <sys/capability.h>

#include <security/pam_modules.h>
#include <security/_pam_macros.h>
#include <security/pam_modutil.h>
#include <security/pam_ext.h>
#include <security/pam_misc.h>

#include "util.h"
#include "macro.h"
#include "sd-daemon.h"
#include "strv.h"
#include "dbus-common.h"
#include "def.h"

static int parse_argv(pam_handle_t *handle,
                      int argc, const char **argv,
                      char ***controllers,
                      char ***reset_controllers,
                      bool *kill_processes,
                      char ***kill_only_users,
                      char ***kill_exclude_users,
                      bool *debug) {

        unsigned i;
        bool reset_controller_set = false;
        bool kill_exclude_users_set = false;

        assert(argc >= 0);
        assert(argc == 0 || argv);

        for (i = 0; i < (unsigned) argc; i++) {
                int k;

                if (startswith(argv[i], "kill-processes=")) {
                        if ((k = parse_boolean(argv[i] + 15)) < 0) {
                                pam_syslog(handle, LOG_ERR, "Failed to parse kill-session= argument.");
                                return k;
                        }

                        if (kill_processes)
                                *kill_processes = k;

                } else if (startswith(argv[i], "kill-session=")) {
                        /* As compatibility for old versions */

                        if ((k = parse_boolean(argv[i] + 13)) < 0) {
                                pam_syslog(handle, LOG_ERR, "Failed to parse kill-session= argument.");
                                return k;
                        }

                        if (kill_processes)
                                *kill_processes = k;

                } else if (startswith(argv[i], "controllers=")) {

                        if (controllers) {
                                char **l;

                                if (!(l = strv_split(argv[i] + 12, ","))) {
                                        pam_syslog(handle, LOG_ERR, "Out of memory.");
                                        return -ENOMEM;
                                }

                                strv_free(*controllers);
                                *controllers = l;
                        }

                } else if (startswith(argv[i], "reset-controllers=")) {

                        if (reset_controllers) {
                                char **l;

                                if (!(l = strv_split(argv[i] + 18, ","))) {
                                        pam_syslog(handle, LOG_ERR, "Out of memory.");
                                        return -ENOMEM;
                                }

                                strv_free(*reset_controllers);
                                *reset_controllers = l;
                        }

                        reset_controller_set = true;

                } else if (startswith(argv[i], "kill-only-users=")) {

                        if (kill_only_users) {
                                char **l;

                                if (!(l = strv_split(argv[i] + 16, ","))) {
                                        pam_syslog(handle, LOG_ERR, "Out of memory.");
                                        return -ENOMEM;
                                }

                                strv_free(*kill_only_users);
                                *kill_only_users = l;
                        }

                } else if (startswith(argv[i], "kill-exclude-users=")) {

                        if (kill_exclude_users) {
                                char **l;

                                if (!(l = strv_split(argv[i] + 19, ","))) {
                                        pam_syslog(handle, LOG_ERR, "Out of memory.");
                                        return -ENOMEM;
                                }

                                strv_free(*kill_exclude_users);
                                *kill_exclude_users = l;
                        }

                        kill_exclude_users_set = true;

                } else if (startswith(argv[i], "debug=")) {
                        if ((k = parse_boolean(argv[i] + 6)) < 0) {
                                pam_syslog(handle, LOG_ERR, "Failed to parse debug= argument.");
                                return k;
                        }

                        if (debug)
                                *debug = k;

                } else if (startswith(argv[i], "create-session=") ||
                           startswith(argv[i], "kill-user=")) {

                        pam_syslog(handle, LOG_WARNING, "Option %s not supported anymore, ignoring.", argv[i]);

                } else {
                        pam_syslog(handle, LOG_ERR, "Unknown parameter '%s'.", argv[i]);
                        return -EINVAL;
                }
        }

        if (!reset_controller_set && reset_controllers) {
                char **l;

                if (!(l = strv_new("cpu", NULL))) {
                        pam_syslog(handle, LOG_ERR, "Out of memory");
                        return -ENOMEM;
                }

                *reset_controllers = l;
        }

        if (controllers)
                strv_remove(*controllers, SYSTEMD_CGROUP_CONTROLLER);

        if (reset_controllers)
                strv_remove(*reset_controllers, SYSTEMD_CGROUP_CONTROLLER);

        if (!kill_exclude_users_set && kill_exclude_users) {
                char **l;

                if (!(l = strv_new("root", NULL))) {
                        pam_syslog(handle, LOG_ERR, "Out of memory");
                        return -ENOMEM;
                }

                *kill_exclude_users = l;
        }

        return 0;
}

static int get_user_data(
                pam_handle_t *handle,
                const char **ret_username,
                struct passwd **ret_pw) {

        const char *username = NULL;
        struct passwd *pw = NULL;
        int r;
        bool have_loginuid = false;
        char *s;

        assert(handle);
        assert(ret_username);
        assert(ret_pw);

        if (have_effective_cap(CAP_AUDIT_CONTROL) > 0) {
                /* Only use audit login uid if we are executed with
                 * sufficient capabilities so that pam_loginuid could
                 * do its job. If we are lacking the CAP_AUDIT_CONTROL
                 * capabality we most likely are being run in a
                 * container and /proc/self/loginuid is useless since
                 * it probably contains a uid of the host system. */

                if (read_one_line_file("/proc/self/loginuid", &s) >= 0) {
                        uint32_t u;

                        r = safe_atou32(s, &u);
                        free(s);

                        if (r >= 0 && u != (uint32_t) -1 && u > 0) {
                                have_loginuid = true;
                                pw = pam_modutil_getpwuid(handle, u);
                        }
                }
        }

        if (!have_loginuid) {
                if ((r = pam_get_user(handle, &username, NULL)) != PAM_SUCCESS) {
                        pam_syslog(handle, LOG_ERR, "Failed to get user name.");
                        return r;
                }

                if (!username || !*username) {
                        pam_syslog(handle, LOG_ERR, "User name not valid.");
                        return PAM_AUTH_ERR;
                }

                pw = pam_modutil_getpwnam(handle, username);
        }

        if (!pw) {
                pam_syslog(handle, LOG_ERR, "Failed to get user data.");
                return PAM_USER_UNKNOWN;
        }

        *ret_pw = pw;
        *ret_username = username ? username : pw->pw_name;

        return PAM_SUCCESS;
}

static bool check_user_lists(
                pam_handle_t *handle,
                uid_t uid,
                char **kill_only_users,
                char **kill_exclude_users) {

        const char *name = NULL;
        char **l;

        assert(handle);

        if (uid == 0)
                name = "root"; /* Avoid obvious NSS requests, to suppress network traffic */
        else {
                struct passwd *pw;

                pw = pam_modutil_getpwuid(handle, uid);
                if (pw)
                        name = pw->pw_name;
        }

        STRV_FOREACH(l, kill_exclude_users) {
                uint32_t id;

                if (safe_atou32(*l, &id) >= 0)
                        if ((uid_t) id == uid)
                                return false;

                if (name && streq(name, *l))
                        return false;
        }

        if (strv_isempty(kill_only_users))
                return true;

        STRV_FOREACH(l, kill_only_users) {
                uint32_t id;

                if (safe_atou32(*l, &id) >= 0)
                        if ((uid_t) id == uid)
                                return true;

                if (name && streq(name, *l))
                        return true;
        }

        return false;
}

_public_ PAM_EXTERN int pam_sm_open_session(
                pam_handle_t *handle,
                int flags,
                int argc, const char **argv) {

        const char *username = NULL;
        struct passwd *pw;
        bool kill_processes = false, debug = false;
        char **controllers = NULL, **reset_controllers = NULL, **kill_only_users = NULL, **kill_exclude_users = NULL;
        int r;
        DBusError error;
        uint32_t uid, pid;
        DBusMessageIter iter;
        dbus_bool_t kp;
        const char *id, *object_path, *runtime_path, *service = NULL, *tty = NULL, *display = NULL, *remote_user = NULL, *remote_host = NULL, *seat = NULL, *type;
        int session_fd = -1;
        DBusConnection *bus = NULL;
        DBusMessage *m = NULL, *reply = NULL;
        dbus_bool_t remote;

        assert(handle);

        dbus_error_init(&error);

        pam_syslog(handle, LOG_ERR, "pam-systemd initializing");

        /* Make this a NOP on non-systemd systems */
        if (sd_booted() <= 0)
                return PAM_SUCCESS;

        if (parse_argv(handle,
                       argc, argv,
                       &controllers, &reset_controllers,
                       &kill_processes, &kill_only_users, &kill_exclude_users,
                       &debug) < 0)
                return PAM_SESSION_ERR;

        r = get_user_data(handle, &username, &pw);
        if (r != PAM_SUCCESS)
                goto finish;

        if (kill_processes)
                kill_processes = check_user_lists(handle, pw->pw_uid, kill_only_users, kill_exclude_users);

        bus = dbus_bus_get_private(DBUS_BUS_SYSTEM, &error);
        if (!bus) {
                pam_syslog(handle, LOG_ERR, "Failed to connect to system bus: %s", bus_error_message(&error));
                r = PAM_SESSION_ERR;
                goto finish;
        }

        m = dbus_message_new_method_call(
                        "org.freedesktop.login1",
                        "/org/freedesktop/login1",
                        "org.freedesktop.login1.Manager",
                        "CreateSession");

        if (!m) {
                pam_syslog(handle, LOG_ERR, "Could not allocate create session message.");
                r = PAM_BUF_ERR;
                goto finish;
        }

        uid = pw->pw_uid;
        pid = getpid();

        pam_get_item(handle, PAM_SERVICE, (const void**) &service);
        pam_get_item(handle, PAM_XDISPLAY, (const void**) &display);
        pam_get_item(handle, PAM_TTY, (const void**) &tty);
        pam_get_item(handle, PAM_RUSER, (const void**) &remote_user);
        pam_get_item(handle, PAM_RHOST, (const void**) &remote_host);

        if (isempty(tty))
                service = "";
        if (isempty(tty))
                tty = "";
        if (isempty(display))
                display = "";
        if (isempty(remote_user))
                remote_user = "";
        if (isempty(remote_host))
                remote_host = "";
        seat = "";

        type = !isempty(display) ? "x11" :
                   !isempty(tty) ? "tty" : "other";

        remote = !isempty(remote_host) && !streq(remote_host, "localhost") && !streq(remote_host, "localhost.localdomain");

        if (!dbus_message_append_args(m,
                                      DBUS_TYPE_UINT32, &uid,
                                      DBUS_TYPE_UINT32, &pid,
                                      DBUS_TYPE_STRING, &service,
                                      DBUS_TYPE_STRING, &type,
                                      DBUS_TYPE_STRING, &seat,
                                      DBUS_TYPE_STRING, &tty,
                                      DBUS_TYPE_STRING, &display,
                                      DBUS_TYPE_BOOLEAN, &remote,
                                      DBUS_TYPE_STRING, &remote_user,
                                      DBUS_TYPE_STRING, &remote_host,
                                      DBUS_TYPE_INVALID)) {
                pam_syslog(handle, LOG_ERR, "Could not attach parameters to message.");
                r = PAM_BUF_ERR;
                goto finish;
        }

        dbus_message_iter_init_append(m, &iter);

        r = bus_append_strv_iter(&iter, controllers);
        if (r < 0) {
                pam_syslog(handle, LOG_ERR, "Could not attach parameter to message.");
                r = PAM_BUF_ERR;
                goto finish;
        }

        r = bus_append_strv_iter(&iter, reset_controllers);
        if (r < 0) {
                pam_syslog(handle, LOG_ERR, "Could not attach parameter to message.");
                r = PAM_BUF_ERR;
                goto finish;
        }

        kp = kill_processes;
        if (!dbus_message_iter_append_basic(&iter, DBUS_TYPE_BOOLEAN, &kp)) {
                pam_syslog(handle, LOG_ERR, "Could not attach parameter to message.");
                r = PAM_BUF_ERR;
                goto finish;
        }

        reply = dbus_connection_send_with_reply_and_block(bus, m, -1, &error);
        if (!reply) {
                pam_syslog(handle, LOG_ERR, "Failed to create session: %s", bus_error_message(&error));
                r = PAM_SESSION_ERR;
                goto finish;
        }

        if (!dbus_message_get_args(reply, &error,
                                   DBUS_TYPE_STRING, &id,
                                   DBUS_TYPE_OBJECT_PATH, &object_path,
                                   DBUS_TYPE_STRING, &runtime_path,
                                   DBUS_TYPE_UNIX_FD, &session_fd,
                                   DBUS_TYPE_INVALID)) {
                pam_syslog(handle, LOG_ERR, "Failed to parse message: %s", bus_error_message(&error));
                r = PAM_SESSION_ERR;
                goto finish;
        }

        r = pam_misc_setenv(handle, "XDG_SESSION_ID", id, 0);
        if (r != PAM_SUCCESS) {
                pam_syslog(handle, LOG_ERR, "Failed to set session id.");
                goto finish;
        }

        r = pam_misc_setenv(handle, "XDG_RUNTIME_DIR", runtime_path, 0);
        if (r != PAM_SUCCESS) {
                pam_syslog(handle, LOG_ERR, "Failed to set runtime dir.");
                goto finish;
        }

        r = pam_set_data(handle, "systemd.session-fd", INT_TO_PTR(session_fd+1), NULL);
        if (r != PAM_SUCCESS) {
                pam_syslog(handle, LOG_ERR, "Failed to install session fd.");
                return r;
        }

        session_fd = -1;

        r = PAM_SUCCESS;

finish:
        strv_free(controllers);
        strv_free(reset_controllers);
        strv_free(kill_only_users);
        strv_free(kill_exclude_users);

        dbus_error_free(&error);

        if (bus) {
                dbus_connection_close(bus);
                dbus_connection_unref(bus);
        }

        if (reply)
                dbus_message_unref(reply);

        if (m)
                dbus_message_unref(m);

        if (session_fd >= 0)
                close_nointr_nofail(session_fd);

        return r;
}

_public_ PAM_EXTERN int pam_sm_close_session(
                pam_handle_t *handle,
                int flags,
                int argc, const char **argv) {

        const void *p = NULL;

        pam_get_data(handle, "systemd.session-fd", &p);

        if (p)
                close_nointr(PTR_TO_INT(p) - 1);

        return PAM_SUCCESS;
}
Commit	Line	Data
d6c9574f	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
8c6db833 LP	2
	3	/***
	4	This file is part of systemd.
	5
	6	Copyright 2010 Lennart Poettering
	7
	8	systemd is free software; you can redistribute it and/or modify it
	9	under the terms of the GNU General Public License as published by
	10	the Free Software Foundation; either version 2 of the License, or
	11	(at your option) any later version.
	12
	13	systemd is distributed in the hope that it will be useful, but
	14	WITHOUT ANY WARRANTY; without even the implied warranty of
	15	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	16	General Public License for more details.
	17
	18	You should have received a copy of the GNU General Public License
	19	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	20	***/
	21
	22	#include <errno.h>
	23	#include <fcntl.h>
	24	#include <sys/file.h>
	25	#include <pwd.h>
a838e6a1	26	#include <endian.h>
ac123445	27	#include <sys/capability.h>
8c6db833 LP	28
	29	#include <security/pam_modules.h>
	30	#include <security/_pam_macros.h>
	31	#include <security/pam_modutil.h>
	32	#include <security/pam_ext.h>
	33	#include <security/pam_misc.h>
	34
8c6db833	35	#include "util.h"
8c6db833 LP	36	#include "macro.h"
8c6db833 LP	37	#include "sd-daemon.h"
74fe1fe3	38	#include "strv.h"
98a28fef LP	39	#include "dbus-common.h"
98a28fef LP	40	#include "def.h"
8c6db833 LP	41
	42	static int parse_argv(pam_handle_t *handle,
	43	int argc, const char **argv,
b20c6be6	44	char ***controllers,
e9fbc77c	45	char ***reset_controllers,
98a28fef	46	bool *kill_processes,
e9fbc77c	47	char ***kill_only_users,
0e318cad MS	48	char ***kill_exclude_users,
0e318cad MS	49	bool *debug) {
8c6db833 LP	50
8c6db833 LP	51	unsigned i;
b20c6be6	52	bool reset_controller_set = false;
e9fbc77c	53	bool kill_exclude_users_set = false;
8c6db833 LP	54
	55	assert(argc >= 0);
	56	assert(argc == 0 \|\| argv);
	57
	58	for (i = 0; i < (unsigned) argc; i++) {
	59	int k;
	60
98a28fef	61	if (startswith(argv[i], "kill-processes=")) {
8c6db833	62	if ((k = parse_boolean(argv[i] + 15)) < 0) {
98a28fef	63	pam_syslog(handle, LOG_ERR, "Failed to parse kill-session= argument.");
8c6db833 LP	64	return k;
	65	}
	66
98a28fef LP	67	if (kill_processes)
98a28fef LP	68	*kill_processes = k;
74fe1fe3	69
8c6db833	70	} else if (startswith(argv[i], "kill-session=")) {
98a28fef LP	71	/* As compatibility for old versions */
98a28fef LP	72
8c6db833 LP	73	if ((k = parse_boolean(argv[i] + 13)) < 0) {
	74	pam_syslog(handle, LOG_ERR, "Failed to parse kill-session= argument.");
	75	return k;
	76	}
	77
98a28fef LP	78	if (kill_processes)
98a28fef LP	79	*kill_processes = k;
74fe1fe3 LP	80
	81	} else if (startswith(argv[i], "controllers=")) {
	82
	83	if (controllers) {
	84	char **l;
	85
	86	if (!(l = strv_split(argv[i] + 12, ","))) {
	87	pam_syslog(handle, LOG_ERR, "Out of memory.");
	88	return -ENOMEM;
	89	}
	90
	91	strv_free(*controllers);
	92	*controllers = l;
	93	}
	94
b20c6be6 LP	95	} else if (startswith(argv[i], "reset-controllers=")) {
	96
	97	if (reset_controllers) {
	98	char **l;
	99
	100	if (!(l = strv_split(argv[i] + 18, ","))) {
	101	pam_syslog(handle, LOG_ERR, "Out of memory.");
	102	return -ENOMEM;
	103	}
	104
	105	strv_free(*reset_controllers);
	106	*reset_controllers = l;
	107	}
	108
	109	reset_controller_set = true;
74fe1fe3	110
e9fbc77c LP	111	} else if (startswith(argv[i], "kill-only-users=")) {
	112
	113	if (kill_only_users) {
	114	char **l;
	115
	116	if (!(l = strv_split(argv[i] + 16, ","))) {
	117	pam_syslog(handle, LOG_ERR, "Out of memory.");
	118	return -ENOMEM;
	119	}
	120
	121	strv_free(*kill_only_users);
	122	*kill_only_users = l;
	123	}
	124
	125	} else if (startswith(argv[i], "kill-exclude-users=")) {
	126
	127	if (kill_exclude_users) {
	128	char **l;
	129
	130	if (!(l = strv_split(argv[i] + 19, ","))) {
	131	pam_syslog(handle, LOG_ERR, "Out of memory.");
	132	return -ENOMEM;
	133	}
	134
	135	strv_free(*kill_exclude_users);
	136	*kill_exclude_users = l;
	137	}
	138
	139	kill_exclude_users_set = true;
	140
0e318cad MS	141	} else if (startswith(argv[i], "debug=")) {
	142	if ((k = parse_boolean(argv[i] + 6)) < 0) {
	143	pam_syslog(handle, LOG_ERR, "Failed to parse debug= argument.");
	144	return k;
	145	}
	146
	147	if (debug)
	148	*debug = k;
	149
98a28fef LP	150	} else if (startswith(argv[i], "create-session=") \|\|
	151	startswith(argv[i], "kill-user=")) {
	152
	153	pam_syslog(handle, LOG_WARNING, "Option %s not supported anymore, ignoring.", argv[i]);
	154
8c6db833 LP	155	} else {
	156	pam_syslog(handle, LOG_ERR, "Unknown parameter '%s'.", argv[i]);
	157	return -EINVAL;
	158	}
	159	}
	160
b20c6be6	161	if (!reset_controller_set && reset_controllers) {
74fe1fe3 LP	162	char **l;
	163
	164	if (!(l = strv_new("cpu", NULL))) {
	165	pam_syslog(handle, LOG_ERR, "Out of memory");
	166	return -ENOMEM;
	167	}
	168
b20c6be6	169	*reset_controllers = l;
74fe1fe3 LP	170	}
	171
	172	if (controllers)
98a28fef	173	strv_remove(*controllers, SYSTEMD_CGROUP_CONTROLLER);
74fe1fe3	174
b20c6be6	175	if (reset_controllers)
98a28fef	176	strv_remove(*reset_controllers, SYSTEMD_CGROUP_CONTROLLER);
8c6db833	177
e9fbc77c LP	178	if (!kill_exclude_users_set && kill_exclude_users) {
	179	char **l;
	180
	181	if (!(l = strv_new("root", NULL))) {
	182	pam_syslog(handle, LOG_ERR, "Out of memory");
	183	return -ENOMEM;
	184	}
	185
	186	*kill_exclude_users = l;
	187	}
	188
8c6db833 LP	189	return 0;
	190	}
	191
8c6db833 LP	192	static int get_user_data(
	193	pam_handle_t *handle,
	194	const char **ret_username,
	195	struct passwd **ret_pw) {
	196
d90b9d27 LP	197	const char *username = NULL;
d90b9d27 LP	198	struct passwd *pw = NULL;
8c6db833	199	int r;
d90b9d27 LP	200	bool have_loginuid = false;
d90b9d27 LP	201	char *s;
8c6db833 LP	202
	203	assert(handle);
	204	assert(ret_username);
	205	assert(ret_pw);
	206
81481c99	207	if (have_effective_cap(CAP_AUDIT_CONTROL) > 0) {
ac123445 LP	208	/* Only use audit login uid if we are executed with
	209	* sufficient capabilities so that pam_loginuid could
	210	* do its job. If we are lacking the CAP_AUDIT_CONTROL
	211	* capabality we most likely are being run in a
	212	* container and /proc/self/loginuid is useless since
	213	* it probably contains a uid of the host system. */
d90b9d27	214
ac123445 LP	215	if (read_one_line_file("/proc/self/loginuid", &s) >= 0) {
ac123445 LP	216	uint32_t u;
d90b9d27	217
ac123445 LP	218	r = safe_atou32(s, &u);
	219	free(s);
	220
	221	if (r >= 0 && u != (uint32_t) -1 && u > 0) {
	222	have_loginuid = true;
	223	pw = pam_modutil_getpwuid(handle, u);
	224	}
d90b9d27	225	}
8c6db833 LP	226	}
8c6db833 LP	227
d90b9d27 LP	228	if (!have_loginuid) {
	229	if ((r = pam_get_user(handle, &username, NULL)) != PAM_SUCCESS) {
	230	pam_syslog(handle, LOG_ERR, "Failed to get user name.");
	231	return r;
	232	}
	233
	234	if (!username \|\| !*username) {
	235	pam_syslog(handle, LOG_ERR, "User name not valid.");
	236	return PAM_AUTH_ERR;
	237	}
	238
	239	pw = pam_modutil_getpwnam(handle, username);
8c6db833 LP	240	}
8c6db833 LP	241
d90b9d27	242	if (!pw) {
8c6db833 LP	243	pam_syslog(handle, LOG_ERR, "Failed to get user data.");
	244	return PAM_USER_UNKNOWN;
	245	}
	246
	247	*ret_pw = pw;
d90b9d27	248	*ret_username = username ? username : pw->pw_name;
8c6db833 LP	249
	250	return PAM_SUCCESS;
	251	}
	252
e9fbc77c LP	253	static bool check_user_lists(
	254	pam_handle_t *handle,
	255	uid_t uid,
	256	char **kill_only_users,
	257	char **kill_exclude_users) {
	258
	259	const char *name = NULL;
	260	char **l;
	261
	262	assert(handle);
	263
	264	if (uid == 0)
	265	name = "root"; /* Avoid obvious NSS requests, to suppress network traffic */
	266	else {
	267	struct passwd *pw;
	268
98a28fef LP	269	pw = pam_modutil_getpwuid(handle, uid);
98a28fef LP	270	if (pw)
e9fbc77c LP	271	name = pw->pw_name;
	272	}
	273
	274	STRV_FOREACH(l, kill_exclude_users) {
	275	uint32_t id;
	276
	277	if (safe_atou32(*l, &id) >= 0)
	278	if ((uid_t) id == uid)
	279	return false;
	280
	281	if (name && streq(name, *l))
	282	return false;
	283	}
	284
	285	if (strv_isempty(kill_only_users))
	286	return true;
	287
	288	STRV_FOREACH(l, kill_only_users) {
	289	uint32_t id;
	290
	291	if (safe_atou32(*l, &id) >= 0)
	292	if ((uid_t) id == uid)
	293	return true;
	294
	295	if (name && streq(name, *l))
	296	return true;
	297	}
	298
	299	return false;
	300	}
	301
98a28fef	302	_public_ PAM_EXTERN int pam_sm_open_session(
8c6db833 LP	303	pam_handle_t *handle,
	304	int flags,
	305	int argc, const char **argv) {
	306
	307	const char *username = NULL;
8c6db833	308	struct passwd *pw;
98a28fef LP	309	bool kill_processes = false, debug = false;
	310	char controllers = NULL, reset_controllers = NULL, kill_only_users = NULL, kill_exclude_users = NULL;
	311	int r;
	312	DBusError error;
	313	uint32_t uid, pid;
	314	DBusMessageIter iter;
	315	dbus_bool_t kp;
	316	const char id, object_path, runtime_path, service = NULL, tty = NULL, display = NULL, remote_user = NULL, remote_host = NULL, seat = NULL, type;
	317	int session_fd = -1;
	318	DBusConnection *bus = NULL;
	319	DBusMessage m = NULL, reply = NULL;
	320	dbus_bool_t remote;
8c6db833 LP	321
	322	assert(handle);
	323
98a28fef LP	324	dbus_error_init(&error);
	325
	326	pam_syslog(handle, LOG_ERR, "pam-systemd initializing");
	327
8c6db833 LP	328	/* Make this a NOP on non-systemd systems */
	329	if (sd_booted() <= 0)
	330	return PAM_SUCCESS;
	331
e9fbc77c LP	332	if (parse_argv(handle,
e9fbc77c LP	333	argc, argv,
98a28fef LP	334	&controllers, &reset_controllers,
	335	&kill_processes, &kill_only_users, &kill_exclude_users,
	336	&debug) < 0)
74fe1fe3 LP	337	return PAM_SESSION_ERR;
74fe1fe3 LP	338
98a28fef LP	339	r = get_user_data(handle, &username, &pw);
98a28fef LP	340	if (r != PAM_SUCCESS)
8c6db833 LP	341	goto finish;
8c6db833 LP	342
98a28fef LP	343	if (kill_processes)
98a28fef LP	344	kill_processes = check_user_lists(handle, pw->pw_uid, kill_only_users, kill_exclude_users);
1f73f0f1	345
98a28fef LP	346	bus = dbus_bus_get_private(DBUS_BUS_SYSTEM, &error);
	347	if (!bus) {
	348	pam_syslog(handle, LOG_ERR, "Failed to connect to system bus: %s", bus_error_message(&error));
	349	r = PAM_SESSION_ERR;
8c6db833 LP	350	goto finish;
	351	}
	352
98a28fef LP	353	m = dbus_message_new_method_call(
	354	"org.freedesktop.login1",
	355	"/org/freedesktop/login1",
	356	"org.freedesktop.login1.Manager",
	357	"CreateSession");
74fe1fe3	358
98a28fef LP	359	if (!m) {
98a28fef LP	360	pam_syslog(handle, LOG_ERR, "Could not allocate create session message.");
8c6db833 LP	361	r = PAM_BUF_ERR;
	362	goto finish;
	363	}
	364
98a28fef LP	365	uid = pw->pw_uid;
	366	pid = getpid();
	367
	368	pam_get_item(handle, PAM_SERVICE, (const void**) &service);
	369	pam_get_item(handle, PAM_XDISPLAY, (const void**) &display);
	370	pam_get_item(handle, PAM_TTY, (const void**) &tty);
	371	pam_get_item(handle, PAM_RUSER, (const void**) &remote_user);
	372	pam_get_item(handle, PAM_RHOST, (const void**) &remote_host);
	373
	374	if (isempty(tty))
	375	service = "";
	376	if (isempty(tty))
	377	tty = "";
	378	if (isempty(display))
	379	display = "";
	380	if (isempty(remote_user))
	381	remote_user = "";
	382	if (isempty(remote_host))
	383	remote_host = "";
	384	seat = "";
	385
	386	type = !isempty(display) ? "x11" :
	387	!isempty(tty) ? "tty" : "other";
	388
	389	remote = !isempty(remote_host) && !streq(remote_host, "localhost") && !streq(remote_host, "localhost.localdomain");
	390
	391	if (!dbus_message_append_args(m,
	392	DBUS_TYPE_UINT32, &uid,
	393	DBUS_TYPE_UINT32, &pid,
	394	DBUS_TYPE_STRING, &service,
	395	DBUS_TYPE_STRING, &type,
	396	DBUS_TYPE_STRING, &seat,
	397	DBUS_TYPE_STRING, &tty,
	398	DBUS_TYPE_STRING, &display,
	399	DBUS_TYPE_BOOLEAN, &remote,
	400	DBUS_TYPE_STRING, &remote_user,
	401	DBUS_TYPE_STRING, &remote_host,
	402	DBUS_TYPE_INVALID)) {
	403	pam_syslog(handle, LOG_ERR, "Could not attach parameters to message.");
	404	r = PAM_BUF_ERR;
	405	goto finish;
	406	}
8c6db833	407
98a28fef	408	dbus_message_iter_init_append(m, &iter);
8c6db833	409
98a28fef LP	410	r = bus_append_strv_iter(&iter, controllers);
	411	if (r < 0) {
	412	pam_syslog(handle, LOG_ERR, "Could not attach parameter to message.");
	413	r = PAM_BUF_ERR;
	414	goto finish;
	415	}
672c48cc	416
98a28fef LP	417	r = bus_append_strv_iter(&iter, reset_controllers);
	418	if (r < 0) {
	419	pam_syslog(handle, LOG_ERR, "Could not attach parameter to message.");
	420	r = PAM_BUF_ERR;
	421	goto finish;
	422	}
672c48cc	423
98a28fef LP	424	kp = kill_processes;
	425	if (!dbus_message_iter_append_basic(&iter, DBUS_TYPE_BOOLEAN, &kp)) {
	426	pam_syslog(handle, LOG_ERR, "Could not attach parameter to message.");
	427	r = PAM_BUF_ERR;
	428	goto finish;
	429	}
8c6db833	430
98a28fef LP	431	reply = dbus_connection_send_with_reply_and_block(bus, m, -1, &error);
	432	if (!reply) {
	433	pam_syslog(handle, LOG_ERR, "Failed to create session: %s", bus_error_message(&error));
	434	r = PAM_SESSION_ERR;
	435	goto finish;
	436	}
74fe1fe3	437
98a28fef LP	438	if (!dbus_message_get_args(reply, &error,
	439	DBUS_TYPE_STRING, &id,
	440	DBUS_TYPE_OBJECT_PATH, &object_path,
	441	DBUS_TYPE_STRING, &runtime_path,
	442	DBUS_TYPE_UNIX_FD, &session_fd,
	443	DBUS_TYPE_INVALID)) {
	444	pam_syslog(handle, LOG_ERR, "Failed to parse message: %s", bus_error_message(&error));
	445	r = PAM_SESSION_ERR;
	446	goto finish;
	447	}
74fe1fe3	448
98a28fef LP	449	r = pam_misc_setenv(handle, "XDG_SESSION_ID", id, 0);
	450	if (r != PAM_SUCCESS) {
	451	pam_syslog(handle, LOG_ERR, "Failed to set session id.");
	452	goto finish;
8c6db833 LP	453	}
8c6db833 LP	454
98a28fef LP	455	r = pam_misc_setenv(handle, "XDG_RUNTIME_DIR", runtime_path, 0);
	456	if (r != PAM_SUCCESS) {
	457	pam_syslog(handle, LOG_ERR, "Failed to set runtime dir.");
	458	goto finish;
	459	}
8c6db833	460
98a28fef LP	461	r = pam_set_data(handle, "systemd.session-fd", INT_TO_PTR(session_fd+1), NULL);
	462	if (r != PAM_SUCCESS) {
	463	pam_syslog(handle, LOG_ERR, "Failed to install session fd.");
	464	return r;
	465	}
8c6db833	466
98a28fef	467	session_fd = -1;
8c6db833	468
98a28fef	469	r = PAM_SUCCESS;
8c6db833	470
98a28fef LP	471	finish:
	472	strv_free(controllers);
	473	strv_free(reset_controllers);
	474	strv_free(kill_only_users);
	475	strv_free(kill_exclude_users);
8c6db833	476
98a28fef	477	dbus_error_free(&error);
35d2e7ec	478
98a28fef LP	479	if (bus) {
	480	dbus_connection_close(bus);
	481	dbus_connection_unref(bus);
8c6db833 LP	482	}
8c6db833 LP	483
98a28fef LP	484	if (reply)
98a28fef LP	485	dbus_message_unref(reply);
8c6db833	486
98a28fef LP	487	if (m)
98a28fef LP	488	dbus_message_unref(m);
8c6db833	489
98a28fef LP	490	if (session_fd >= 0)
98a28fef LP	491	close_nointr_nofail(session_fd);
672c48cc	492
98a28fef LP	493	return r;
98a28fef LP	494	}
8c6db833	495
98a28fef LP	496	_public_ PAM_EXTERN int pam_sm_close_session(
	497	pam_handle_t *handle,
	498	int flags,
	499	int argc, const char **argv) {
8c6db833	500
98a28fef	501	const void *p = NULL;
8c6db833	502
98a28fef	503	pam_get_data(handle, "systemd.session-fd", &p);
74fe1fe3	504
98a28fef LP	505	if (p)
98a28fef LP	506	close_nointr(PTR_TO_INT(p) - 1);
1f73f0f1	507
98a28fef	508	return PAM_SUCCESS;
8c6db833	509	}