r = bus_call_method(bus, bus_home_mgr, "GetUserRecordByName", &error, &reply, "s", username);
if (r < 0) {
if (bus_error_is_unknown_service(&error)) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "systemd-homed is not available: %s", bus_error_message(&error, r));
+ pam_debug_syslog(handle, debug,
+ "systemd-homed is not available: %s",
+ bus_error_message(&error, r));
goto user_unknown;
}
if (sd_bus_error_has_name(&error, BUS_ERROR_NO_SUCH_HOME)) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "Not a user managed by systemd-homed: %s", bus_error_message(&error, r));
+ pam_debug_syslog(handle, debug,
+ "Not a user managed by systemd-homed: %s",
+ bus_error_message(&error, r));
goto user_unknown;
}
- pam_syslog(handle, LOG_ERR, "Failed to query user record: %s", bus_error_message(&error, r));
+ pam_syslog(handle, LOG_ERR,
+ "Failed to query user record: %s", bus_error_message(&error, r));
return PAM_SERVICE_ERR;
}
return PAM_CONV_ERR; /* no logging here */
if (isempty(newp)) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "Password request aborted.");
+ pam_debug_syslog(handle, debug, "Password request aborted.");
return PAM_AUTHTOK_ERR;
}
return PAM_CONV_ERR; /* no logging here */
if (isempty(newp)) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "Recovery key request aborted.");
+ pam_debug_syslog(handle, debug, "Recovery key request aborted.");
return PAM_AUTHTOK_ERR;
}
return PAM_CONV_ERR; /* no logging here */
if (isempty(newp)) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "Password request aborted.");
+ pam_debug_syslog(handle, debug, "Password request aborted.");
return PAM_AUTHTOK_ERR;
}
return PAM_CONV_ERR; /* no logging here */
if (isempty(newp)) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "PIN request aborted.");
+ pam_debug_syslog(handle, debug, "PIN request aborted.");
return PAM_AUTHTOK_ERR;
}
return PAM_CONV_ERR; /* no logging here */
if (isempty(newp)) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "PIN request aborted.");
+ pam_debug_syslog(handle, debug, "PIN request aborted.");
return PAM_AUTHTOK_ERR;
}
return PAM_CONV_ERR; /* no logging here */
if (isempty(newp)) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "PIN request aborted.");
+ pam_debug_syslog(handle, debug, "PIN request aborted.");
return PAM_AUTHTOK_ERR;
}
return PAM_CONV_ERR; /* no logging here */
if (isempty(newp)) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "PIN request aborted.");
+ pam_debug_syslog(handle, debug, "PIN request aborted.");
return PAM_AUTHTOK_ERR;
}
&debug) < 0)
return PAM_AUTH_ERR;
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "pam-systemd-homed authenticating");
+ pam_debug_syslog(handle, debug, "pam-systemd-homed authenticating");
return acquire_home(handle, /* please_authenticate= */ true, suspend_please, debug, NULL);
}
&debug) < 0)
return PAM_SESSION_ERR;
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "pam-systemd-homed session start");
+ pam_debug_syslog(handle, debug, "pam-systemd-homed session start");
r = acquire_home(handle, /* please_authenticate = */ false, suspend_please, debug, &d);
if (r == PAM_USER_UNKNOWN) /* Not managed by us? Don't complain. */
&debug) < 0)
return PAM_SESSION_ERR;
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "pam-systemd-homed session end");
+ pam_debug_syslog(handle, debug, "pam-systemd-homed session end");
r = pam_get_user(handle, &username, NULL);
if (r != PAM_SUCCESS)
r = sd_bus_call(bus, m, HOME_SLOW_BUS_CALL_TIMEOUT_USEC, &error, NULL);
if (r < 0) {
- if (sd_bus_error_has_name(&error, BUS_ERROR_HOME_BUSY))
- pam_syslog(handle, LOG_NOTICE, "Not deactivating home directory of %s, as it is still used.", username);
- else
+ if (!sd_bus_error_has_name(&error, BUS_ERROR_HOME_BUSY))
return pam_syslog_pam_error(handle, LOG_ERR, PAM_SESSION_ERR,
"Failed to release user home: %s", bus_error_message(&error, r));
+
+ pam_syslog(handle, LOG_NOTICE, "Not deactivating home directory of %s, as it is still used.", username);
}
return PAM_SUCCESS;
&debug) < 0)
return PAM_AUTH_ERR;
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "pam-systemd-homed account management");
+ pam_debug_syslog(handle, debug, "pam-systemd-homed account management");
r = acquire_home(handle, /* please_authenticate = */ false, please_suspend, debug, NULL);
if (r != PAM_SUCCESS)
&debug) < 0)
return PAM_AUTH_ERR;
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "pam-systemd-homed account management");
+ pam_debug_syslog(handle, debug, "pam-systemd-homed account management");
r = pam_acquire_bus_connection(handle, "pam-systemd-home", &bus, NULL);
if (r != PAM_SUCCESS)
return pam_syslog_pam_error(handle, LOG_ERR, r, "Failed to get new password: @PAMERR@");
if (isempty(new_password)) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "Password request aborted.");
+ pam_debug_syslog(handle, debug, "Password request aborted.");
return PAM_AUTHTOK_ERR;
}
return pam_syslog_pam_error(handle, LOG_ERR, r,
"Failed to set PAM environment variable %s: @PAMERR@", e);
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "PAM environment variable %s set based on user record.", e);
+ pam_debug_syslog(handle, debug, "PAM environment variable %s set based on user record.", e);
return PAM_SUCCESS;
}
if (ur->umask != MODE_INVALID) {
umask(ur->umask);
-
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "Set user umask to %04o based on user record.", ur->umask);
+ pam_debug_syslog(handle, debug, "Set user umask to %04o based on user record.", ur->umask);
}
STRV_FOREACH(i, ur->environment) {
return pam_log_oom(handle);
if (pam_getenv(handle, n)) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "PAM environment variable $%s already set, not changing based on record.", *i);
+ pam_debug_syslog(handle, debug,
+ "PAM environment variable $%s already set, not changing based on record.", *i);
continue;
}
}
if (ur->email_address) {
- if (pam_getenv(handle, "EMAIL")) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "PAM environment variable $EMAIL already set, not changing based on user record.");
- } else {
+ if (pam_getenv(handle, "EMAIL"))
+ pam_debug_syslog(handle, debug,
+ "PAM environment variable $EMAIL already set, not changing based on user record.");
+ else {
_cleanup_free_ char *joined = NULL;
joined = strjoin("EMAIL=", ur->email_address);
}
if (ur->time_zone) {
- if (pam_getenv(handle, "TZ")) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "PAM environment variable $TZ already set, not changing based on user record.");
- } else if (!timezone_is_valid(ur->time_zone, LOG_DEBUG)) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "Time zone specified in user record is not valid locally, not setting $TZ.");
- } else {
+ if (pam_getenv(handle, "TZ"))
+ pam_debug_syslog(handle, debug,
+ "PAM environment variable $TZ already set, not changing based on user record.");
+ else if (!timezone_is_valid(ur->time_zone, LOG_DEBUG))
+ pam_debug_syslog(handle, debug,
+ "Time zone specified in user record is not valid locally, not setting $TZ.");
+ else {
_cleanup_free_ char *joined = NULL;
joined = strjoin("TZ=:", ur->time_zone);
}
if (ur->preferred_language) {
- if (pam_getenv(handle, "LANG")) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "PAM environment variable $LANG already set, not changing based on user record.");
- } else if (locale_is_installed(ur->preferred_language) <= 0) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "Preferred language specified in user record is not valid or not installed, not setting $LANG.");
- } else {
+ if (pam_getenv(handle, "LANG"))
+ pam_debug_syslog(handle, debug,
+ "PAM environment variable $LANG already set, not changing based on user record.");
+ else if (locale_is_installed(ur->preferred_language) <= 0)
+ pam_debug_syslog(handle, debug,
+ "Preferred language specified in user record is not valid or not installed, not setting $LANG.");
+ else {
_cleanup_free_ char *joined = NULL;
joined = strjoin("LANG=", ur->preferred_language);
if (nice(ur->nice_level) < 0)
pam_syslog_errno(handle, LOG_ERR, errno,
"Failed to set nice level to %i, ignoring: %m", ur->nice_level);
- else if (debug)
- pam_syslog(handle, LOG_DEBUG,
- "Nice level set to %i, based on user record.", ur->nice_level);
+ else
+ pam_debug_syslog(handle, debug,
+ "Nice level set to %i, based on user record.", ur->nice_level);
}
for (int rl = 0; rl < _RLIMIT_MAX; rl++) {
if (r < 0)
pam_syslog_errno(handle, LOG_ERR, r,
"Failed to set resource limit %s, ignoring: %m", rlimit_to_string(rl));
- else if (debug)
- pam_syslog(handle, LOG_DEBUG,
- "Resource limit %s set, based on user record.", rlimit_to_string(rl));
+ else
+ pam_debug_syslog(handle, debug,
+ "Resource limit %s set, based on user record.", rlimit_to_string(rl));
}
uint64_t a, b;
&default_capability_ambient_set) < 0)
return PAM_SESSION_ERR;
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "pam-systemd initializing");
+ pam_debug_syslog(handle, debug, "pam-systemd initializing");
r = acquire_user_record(handle, &ur);
if (r != PAM_SUCCESS)
}
if (seat && !streq(seat, "seat0") && vtnr != 0) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "Ignoring vtnr %"PRIu32" for %s which is not seat0", vtnr, seat);
+ pam_debug_syslog(handle, debug, "Ignoring vtnr %"PRIu32" for %s which is not seat0", vtnr, seat);
vtnr = 0;
}
if (r != PAM_SUCCESS)
return r;
- if (debug) {
- pam_syslog(handle, LOG_DEBUG, "Asking logind to create session: "
- "uid="UID_FMT" pid="PID_FMT" service=%s type=%s class=%s desktop=%s seat=%s vtnr=%"PRIu32" tty=%s display=%s remote=%s remote_user=%s remote_host=%s",
- ur->uid, getpid_cached(),
- strempty(service),
- type, class, strempty(desktop),
- strempty(seat), vtnr, strempty(tty), strempty(display),
- yes_no(remote), strempty(remote_user), strempty(remote_host));
- pam_syslog(handle, LOG_DEBUG, "Session limits: "
- "memory_max=%s tasks_max=%s cpu_weight=%s io_weight=%s runtime_max_sec=%s",
- strna(memory_max), strna(tasks_max), strna(cpu_weight), strna(io_weight), strna(runtime_max_sec));
- }
+ pam_debug_syslog(handle, debug,
+ "Asking logind to create session: "
+ "uid="UID_FMT" pid="PID_FMT" service=%s type=%s class=%s desktop=%s seat=%s vtnr=%"PRIu32" tty=%s display=%s remote=%s remote_user=%s remote_host=%s",
+ ur->uid, getpid_cached(),
+ strempty(service),
+ type, class, strempty(desktop),
+ strempty(seat), vtnr, strempty(tty), strempty(display),
+ yes_no(remote), strempty(remote_user), strempty(remote_host));
+ pam_debug_syslog(handle, debug,
+ "Session limits: "
+ "memory_max=%s tasks_max=%s cpu_weight=%s io_weight=%s runtime_max_sec=%s",
+ strna(memory_max), strna(tasks_max), strna(cpu_weight), strna(io_weight), strna(runtime_max_sec));
r = bus_message_new_method_call(bus, &m, bus_login_mgr, "CreateSession");
if (r < 0)
r = sd_bus_call(bus, m, LOGIN_SLOW_BUS_CALL_TIMEOUT_USEC, &error, &reply);
if (r < 0) {
if (sd_bus_error_has_name(&error, BUS_ERROR_SESSION_BUSY)) {
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "Not creating session: %s", bus_error_message(&error, r));
-
+ pam_debug_syslog(handle, debug,
+ "Not creating session: %s", bus_error_message(&error, r));
/* We are already in a session, don't do anything */
goto success;
} else {
- pam_syslog(handle, LOG_ERR, "Failed to create session: %s", bus_error_message(&error, r));
+ pam_syslog(handle, LOG_ERR,
+ "Failed to create session: %s", bus_error_message(&error, r));
return PAM_SESSION_ERR;
}
}
if (r < 0)
return pam_bus_log_parse_error(handle, r);
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "Reply from logind: "
- "id=%s object_path=%s runtime_path=%s session_fd=%d seat=%s vtnr=%u original_uid=%u",
- id, object_path, runtime_path, session_fd, seat, vtnr, original_uid);
+ pam_debug_syslog(handle, debug,
+ "Reply from logind: "
+ "id=%s object_path=%s runtime_path=%s session_fd=%d seat=%s vtnr=%u original_uid=%u",
+ id, object_path, runtime_path, session_fd, seat, vtnr, original_uid);
r = update_environment(handle, "XDG_SESSION_ID", id);
if (r != PAM_SUCCESS)
NULL) < 0)
return PAM_SESSION_ERR;
- if (debug)
- pam_syslog(handle, LOG_DEBUG, "pam-systemd shutting down");
+ pam_debug_syslog(handle, debug, "pam-systemd shutting down");
/* Only release session if it wasn't pre-existing when we
* tried to create it */
projects / thirdparty / systemd.git / commitdiff
