rpm/pam_kwallet
SHA256
1
0
Fork 0
forked from pool/pam_kwallet
Code Pull Requests Activity
51db465ce5
pam_kwallet/0003-Check-for-a-graphical-session.patch
Fabian Vogt 51db465ce5 - Add various patches (pending upstream review) to fix several 
issues:
  * 0001-Several-cleanups.patch
  * 0002-Avoid-dropping-privileges-by-initializing-gcrypt-sec.patch
  * 0003-Check-for-a-graphical-session.patch

OBS-URL: https://build.opensuse.org/package/show/KDE:Frameworks5/pam_kwallet?expand=0&rev=38
2017-08-09 08:40:05 +00:00

73 lines
2.4 KiB
Diff
Raw Blame History

From f5f27799e1b6875be7f34edac3a9f98a2b550b2c Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fabian@ritter-vogt.de>
Date: Thu, 3 Aug 2017 09:50:30 +0200
Subject: [PATCH 3/3] Check for a graphical session
Avoid running if it detects a text session. This can be overridden by adding
"force_run" as argument.
---
pam_kwallet.c | 26 ++++++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/pam_kwallet.c b/pam_kwallet.c
index dc61115..34bc045 100644
--- a/pam_kwallet.c
+++ b/pam_kwallet.c
@@ -72,6 +72,7 @@ const static char *kwalletd = NULL;
const static char *socketPath = NULL;
const static char *kwalletPamDataKey = NULL;
const static char *logPrefix = NULL;
+static int force_run = 0;
#ifdef KWALLET5
const static char *envVar = "PAM_KWALLET5_LOGIN";
@@ -98,6 +99,8 @@ static void parseArguments(int argc, const char **argv)
kwalletd = argv[x] + 9;
} else if (strstr(argv[x], "socketPath=") != NULL) {
socketPath= argv[x] + 11;
+ } else if (strcmp(argv[x], "force_run") == 0) {
+ force_run = 1;
}
}
#ifdef KWALLET5
@@ -241,6 +244,24 @@ cleanup:
return result;
}
+static int is_graphical_session(pam_handle_t *pamh)
+{
+ //Detect a graphical session
+ const char *pam_tty = NULL, *pam_xdisplay = NULL,
+ *xdg_session_type = NULL, *display = NULL;
+
+ pam_get_item(pamh, PAM_TTY, (const void**) &pam_tty);
+#ifdef PAM_XDISPLAY
+ pam_get_item(pamh, PAM_XDISPLAY, (const void**) &pam_xdisplay);
+#endif
+ xdg_session_type = get_env(pamh, "XDG_SESSION_TYPE");
+
+ return (pam_xdisplay && strlen(pam_xdisplay) != 0)
+ || (pam_tty && pam_tty[0] == ':')
+ || (xdg_session_type && strcmp(xdg_session_type, "x11") == 0)
+ || (xdg_session_type && strcmp(xdg_session_type, "wayland") == 0);
+}
+
static void cleanup_free(pam_handle_t *pamh, void *ptr, int error_status)
{
free(ptr);
@@ -537,6 +558,11 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, cons
parseArguments(argc, argv);
+ if (!force_run && !is_graphical_session(pamh)) {
+ pam_syslog(pamh, LOG_INFO, "%s: not a graphical session, skipping. Use force_run parameter to ignore this.", logPrefix);
+ return PAM_IGNORE;
+ }
+
int result;
result = pam_set_data(pamh, "sm_open_session", "1", NULL);
if (result != PAM_SUCCESS) {
--
2.13.2
View Git Blame Copy Permalink