ports/133793 [PATCH] gdm: missing call to setusercontext
Thomas Quinot
thomas at FreeBSD.ORG
Sat May 23 17:20:03 UTC 2009
The following reply was made to PR ports/133793; it has been noted by GNATS.
From: Thomas Quinot <thomas at FreeBSD.ORG>
To: bug-followup at freebsd.org
Cc: mickey242 at gmx.net
Subject: Re: ports/133793 [PATCH] gdm: missing call to setusercontext
Date: Sat, 23 May 2009 19:18:26 +0200
--HcAYCG3uE/tztfnV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
* Thomas Quinot, 2009-05-23 :
> Another issue that may be related: with gdm-2.24.1_6, not only the PATH
> setting from /etc/login.conf is ignored, but also setlogin(2) is not
> called during session setup, and getlogin(2) thus always returns "root"
> in GDM sessions.
The attached patch appears to fix both problems for me. Note, you'll
also need to patch daemon/Makefile to add -lutil to the ld command line
for gdm-session-worker.
Thomas.
--HcAYCG3uE/tztfnV
Content-Type: text/x-diff; charset=us-ascii
Content-Disposition: attachment; filename="gdm-2.26.1-20090523.diff"
--- daemon/gdm-session-worker.c.orig 2009-05-23 18:37:51.000000000 +0200
+++ daemon/gdm-session-worker.c 2009-05-23 19:09:38.000000000 +0200
@@ -31,6 +31,9 @@
#include <errno.h>
#include <grp.h>
#include <pwd.h>
+#ifdef HAVE_LOGINCAP
+#include <login_cap.h>
+#endif
#include <security/pam_appl.h>
@@ -1757,11 +1760,12 @@
char **environment;
char *home_dir;
int fd;
+#ifdef HAVE_LOGINCAP
+ char *login = worker->priv->username;
+ struct passwd *pwent = getpwnam (login);
+#endif
- if (setuid (worker->priv->uid) < 0) {
- g_debug ("GdmSessionWorker: could not reset uid - %s", g_strerror (errno));
- _exit (1);
- }
+ /* Call setsid() before setusercontext() */
if (setsid () < 0) {
g_debug ("GdmSessionWorker: could not set pid '%u' as leader of new session and process group - %s",
@@ -1769,6 +1773,28 @@
_exit (2);
}
+#ifdef HAVE_LOGINCAP
+ if (setusercontext (NULL, pwent, pwent->pw_uid,
+ LOGIN_SETLOGIN | LOGIN_SETPATH |
+ LOGIN_SETPRIORITY | LOGIN_SETRESOURCES |
+ LOGIN_SETUMASK | LOGIN_SETUSER |
+ LOGIN_SETENV) < 0) {
+ g_debug ("%s: setusercontext () failed for %s. "
+ "Aborting.", "gdm_session_worker_start_user_session",
+ login ? login : "(null)");
+ }
+
+ /* Propagate PATH environment variable from user context to child processes */
+
+ gdm_session_worker_set_environment_variable (worker, "PATH", getenv ("PATH"));
+
+#else
+ if (setuid (worker->priv->uid) < 0) {
+ g_debug ("GdmSessionWorker: could not reset uid - %s", g_strerror (errno));
+ _exit (1);
+ }
+#endif
+
environment = gdm_session_worker_get_environment (worker);
g_assert (geteuid () == getuid ());
--HcAYCG3uE/tztfnV--
More information about the freebsd-gnome
mailing list