aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/openrc-pam/openrc-pam.c10
-rw-r--r--src/openrc/rc.c27
-rw-r--r--src/shared/misc.c2
3 files changed, 22 insertions, 17 deletions
diff --git a/src/openrc-pam/openrc-pam.c b/src/openrc-pam/openrc-pam.c
index 51dafb17..a9b2e36b 100644
--- a/src/openrc-pam/openrc-pam.c
+++ b/src/openrc-pam/openrc-pam.c
@@ -9,7 +9,7 @@
#include "einfo.h"
-static bool exec_openrc(pam_handle_t *pamh, const char *runlevel) {
+static bool exec_openrc(pam_handle_t *pamh, const char *runlevel, bool lock) {
char *cmd = NULL;
const char *username;
struct passwd *pw = NULL;
@@ -26,7 +26,7 @@ static bool exec_openrc(pam_handle_t *pamh, const char *runlevel) {
elog(LOG_INFO, "Executing %s runlevel for user %s", runlevel, username);
- xasprintf(&cmd, "openrc --user %s", runlevel);
+ xasprintf(&cmd, "openrc --user %s %s", lock ? "--lock" : "--unlock", runlevel);
switch (fork()) {
case 0:
setgid(pw->pw_gid);
@@ -58,8 +58,7 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, cons
setenv("EINFO_LOG", "openrc-pam", 1);
elog(LOG_INFO, "Opening openrc session");
- setenv("RC_PAM_STARTING", "YES", true);
- if (exec_openrc(pamh, runlevel)) {
+ if (exec_openrc(pamh, runlevel, true)) {
elog(LOG_INFO, "Openrc session opened");
unsetenv("RC_PAM_STARTING");
unsetenv("EINFO_LOG");
@@ -79,8 +78,7 @@ PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, con
setenv("EINFO_LOG", "openrc-pam", 1);
elog(LOG_INFO, "Closing openrc session");
- setenv("RC_PAM_STOPPING", "YES", true);
- if (exec_openrc(pamh, runlevel)) {
+ if (exec_openrc(pamh, runlevel, false)) {
elog(LOG_INFO, "Openrc session closed");
unsetenv("RC_PAM_STOPPING");
unsetenv("EINFO_LOG");
diff --git a/src/openrc/rc.c b/src/openrc/rc.c
index 819f6d73..e1625887 100644
--- a/src/openrc/rc.c
+++ b/src/openrc/rc.c
@@ -50,7 +50,7 @@
#include "helpers.h"
const char *extraopts = NULL;
-const char getoptstring[] = "a:no:s:S" getoptstring_COMMON
+const char getoptstring[] = "a:no:s:Slu" getoptstring_COMMON
#ifdef RC_USER_SERVICES
getoptstring_USER_SERVICES
#endif
@@ -61,6 +61,8 @@ const struct option longopts[] = {
{ "override", 1, NULL, 'o' },
{ "service", 1, NULL, 's' },
{ "sys", 0, NULL, 'S' },
+ { "lock", 0, NULL, 'l' },
+ { "unlock", 0, NULL, 'u' },
#ifdef RC_USER_SERVICES
longopts_USER_SERVICES
#endif
@@ -859,6 +861,8 @@ int main(int argc, char **argv)
char *svcdir = NULL;
#ifdef RC_USER_SERVICES
int locknum = 0;
+ int lockval = 0;
+ bool lock = false;
#endif
#ifdef __linux__
char *proc;
@@ -930,6 +934,14 @@ int main(int argc, char **argv)
printf("%s\n", systype);
exit(EXIT_SUCCESS);
/* NOTREACHED */
+ case 'l':
+ lock = true;
+ lockval = 1;
+ break;
+ case 'u':
+ lock = true;
+ lockval = -1;
+ break;
#ifdef RC_USER_SERVICES
case_RC_USER_SERVICES
#endif
@@ -964,16 +976,13 @@ int main(int argc, char **argv)
free(pidstr);
#ifdef RC_USER_SERVICES
- if (rc_is_user()) {
- if (rc_yesno(getenv("RC_PAM_STARTING"))) {
- /* the lockfile count -1 because we don't want to count ourselves */
- locknum = inc_dec_lockfile(1) - 1;
- } else if (rc_yesno(getenv("RC_PAM_STOPPING"))) {
- locknum = inc_dec_lockfile(-1);
- }
+ if (rc_is_user() && lock) {
+ /* if we are locking, reduce the count by 1,
+ * because we don't want to count ourselves */
+ locknum = inc_dec_lockfile(lockval) - lockval > 0 ? 1 : 0;
if (locknum > 0) {
- einfov("lock set, skipping");
+ einfov("Lock set, skipping");
return EXIT_SUCCESS;
}
}
diff --git a/src/shared/misc.c b/src/shared/misc.c
index b6001d77..abc7dfd5 100644
--- a/src/shared/misc.c
+++ b/src/shared/misc.c
@@ -75,8 +75,6 @@ static const char *const userenv_whitelist[] = {
"XDG_CONFIG_HOME",
"XDG_CACHE_HOME",
"RC_USER_SERVICES",
- "RC_PAM_STARTING",
- "RC_PAM_STOPPING",
};
#endif