diff options
Diffstat (limited to 'session.c')
-rw-r--r-- | session.c | 23 |
1 files changed, 18 insertions, 5 deletions
@@ -92,6 +92,7 @@ | |||
92 | #include "kex.h" | 92 | #include "kex.h" |
93 | #include "monitor_wrap.h" | 93 | #include "monitor_wrap.h" |
94 | #include "sftp.h" | 94 | #include "sftp.h" |
95 | #include "consolekit.h" | ||
95 | 96 | ||
96 | #if defined(KRB5) && defined(USE_AFS) | 97 | #if defined(KRB5) && defined(USE_AFS) |
97 | #include <kafs.h> | 98 | #include <kafs.h> |
@@ -1132,6 +1133,9 @@ do_setup_env(Session *s, const char *shell) | |||
1132 | #if !defined (HAVE_LOGIN_CAP) && !defined (HAVE_CYGWIN) | 1133 | #if !defined (HAVE_LOGIN_CAP) && !defined (HAVE_CYGWIN) |
1133 | char *path = NULL; | 1134 | char *path = NULL; |
1134 | #endif | 1135 | #endif |
1136 | #ifdef USE_CONSOLEKIT | ||
1137 | const char *ckcookie = NULL; | ||
1138 | #endif /* USE_CONSOLEKIT */ | ||
1135 | 1139 | ||
1136 | /* Initialize the environment. */ | 1140 | /* Initialize the environment. */ |
1137 | envsize = 100; | 1141 | envsize = 100; |
@@ -1276,6 +1280,11 @@ do_setup_env(Session *s, const char *shell) | |||
1276 | child_set_env(&env, &envsize, "KRB5CCNAME", | 1280 | child_set_env(&env, &envsize, "KRB5CCNAME", |
1277 | s->authctxt->krb5_ccname); | 1281 | s->authctxt->krb5_ccname); |
1278 | #endif | 1282 | #endif |
1283 | #ifdef USE_CONSOLEKIT | ||
1284 | ckcookie = PRIVSEP(consolekit_register(s, s->display)); | ||
1285 | if (ckcookie) | ||
1286 | child_set_env(&env, &envsize, "XDG_SESSION_COOKIE", ckcookie); | ||
1287 | #endif /* USE_CONSOLEKIT */ | ||
1279 | #ifdef USE_PAM | 1288 | #ifdef USE_PAM |
1280 | /* | 1289 | /* |
1281 | * Pull in any environment variables that may have | 1290 | * Pull in any environment variables that may have |
@@ -1474,7 +1483,7 @@ safely_chroot(const char *path, uid_t uid) | |||
1474 | 1483 | ||
1475 | /* Set login name, uid, gid, and groups. */ | 1484 | /* Set login name, uid, gid, and groups. */ |
1476 | void | 1485 | void |
1477 | do_setusercontext(struct passwd *pw) | 1486 | do_setusercontext(struct passwd *pw, const char *role) |
1478 | { | 1487 | { |
1479 | char *chroot_path, *tmp; | 1488 | char *chroot_path, *tmp; |
1480 | 1489 | ||
@@ -1502,7 +1511,7 @@ do_setusercontext(struct passwd *pw) | |||
1502 | endgrent(); | 1511 | endgrent(); |
1503 | #endif | 1512 | #endif |
1504 | 1513 | ||
1505 | platform_setusercontext_post_groups(pw); | 1514 | platform_setusercontext_post_groups(pw, role); |
1506 | 1515 | ||
1507 | if (options.chroot_directory != NULL && | 1516 | if (options.chroot_directory != NULL && |
1508 | strcasecmp(options.chroot_directory, "none") != 0) { | 1517 | strcasecmp(options.chroot_directory, "none") != 0) { |
@@ -1646,7 +1655,7 @@ do_child(Session *s, const char *command) | |||
1646 | 1655 | ||
1647 | /* Force a password change */ | 1656 | /* Force a password change */ |
1648 | if (s->authctxt->force_pwchange) { | 1657 | if (s->authctxt->force_pwchange) { |
1649 | do_setusercontext(pw); | 1658 | do_setusercontext(pw, s->authctxt->role); |
1650 | child_close_fds(); | 1659 | child_close_fds(); |
1651 | do_pwchange(s); | 1660 | do_pwchange(s); |
1652 | exit(1); | 1661 | exit(1); |
@@ -1673,7 +1682,7 @@ do_child(Session *s, const char *command) | |||
1673 | /* When PAM is enabled we rely on it to do the nologin check */ | 1682 | /* When PAM is enabled we rely on it to do the nologin check */ |
1674 | if (!options.use_pam) | 1683 | if (!options.use_pam) |
1675 | do_nologin(pw); | 1684 | do_nologin(pw); |
1676 | do_setusercontext(pw); | 1685 | do_setusercontext(pw, s->authctxt->role); |
1677 | /* | 1686 | /* |
1678 | * PAM session modules in do_setusercontext may have | 1687 | * PAM session modules in do_setusercontext may have |
1679 | * generated messages, so if this in an interactive | 1688 | * generated messages, so if this in an interactive |
@@ -2084,7 +2093,7 @@ session_pty_req(Session *s) | |||
2084 | tty_parse_modes(s->ttyfd, &n_bytes); | 2093 | tty_parse_modes(s->ttyfd, &n_bytes); |
2085 | 2094 | ||
2086 | if (!use_privsep) | 2095 | if (!use_privsep) |
2087 | pty_setowner(s->pw, s->tty); | 2096 | pty_setowner(s->pw, s->tty, s->authctxt->role); |
2088 | 2097 | ||
2089 | /* Set window size from the packet. */ | 2098 | /* Set window size from the packet. */ |
2090 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); | 2099 | pty_change_window_size(s->ptyfd, s->row, s->col, s->xpixel, s->ypixel); |
@@ -2320,6 +2329,10 @@ session_pty_cleanup2(Session *s) | |||
2320 | 2329 | ||
2321 | debug("session_pty_cleanup: session %d release %s", s->self, s->tty); | 2330 | debug("session_pty_cleanup: session %d release %s", s->self, s->tty); |
2322 | 2331 | ||
2332 | #ifdef USE_CONSOLEKIT | ||
2333 | consolekit_unregister(s); | ||
2334 | #endif /* USE_CONSOLEKIT */ | ||
2335 | |||
2323 | /* Record that the user has logged out. */ | 2336 | /* Record that the user has logged out. */ |
2324 | if (s->pid != 0) | 2337 | if (s->pid != 0) |
2325 | record_logout(s->pid, s->tty, s->pw->pw_name); | 2338 | record_logout(s->pid, s->tty, s->pw->pw_name); |