diff options
-rw-r--r-- | src/openrc-pam/openrc-pam.c | 10 | ||||
-rw-r--r-- | src/openrc/rc.c | 27 | ||||
-rw-r--r-- | src/shared/misc.c | 2 |
3 files changed, 22 insertions, 17 deletions
diff --git a/src/openrc-pam/openrc-pam.c b/src/openrc-pam/openrc-pam.c index 51dafb17..a9b2e36b 100644 --- a/src/openrc-pam/openrc-pam.c +++ b/src/openrc-pam/openrc-pam.c @@ -9,7 +9,7 @@ #include "einfo.h" -static bool exec_openrc(pam_handle_t *pamh, const char *runlevel) { +static bool exec_openrc(pam_handle_t *pamh, const char *runlevel, bool lock) { char *cmd = NULL; const char *username; struct passwd *pw = NULL; @@ -26,7 +26,7 @@ static bool exec_openrc(pam_handle_t *pamh, const char *runlevel) { elog(LOG_INFO, "Executing %s runlevel for user %s", runlevel, username); - xasprintf(&cmd, "openrc --user %s", runlevel); + xasprintf(&cmd, "openrc --user %s %s", lock ? "--lock" : "--unlock", runlevel); switch (fork()) { case 0: setgid(pw->pw_gid); @@ -58,8 +58,7 @@ PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, cons setenv("EINFO_LOG", "openrc-pam", 1); elog(LOG_INFO, "Opening openrc session"); - setenv("RC_PAM_STARTING", "YES", true); - if (exec_openrc(pamh, runlevel)) { + if (exec_openrc(pamh, runlevel, true)) { elog(LOG_INFO, "Openrc session opened"); unsetenv("RC_PAM_STARTING"); unsetenv("EINFO_LOG"); @@ -79,8 +78,7 @@ PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, con setenv("EINFO_LOG", "openrc-pam", 1); elog(LOG_INFO, "Closing openrc session"); - setenv("RC_PAM_STOPPING", "YES", true); - if (exec_openrc(pamh, runlevel)) { + if (exec_openrc(pamh, runlevel, false)) { elog(LOG_INFO, "Openrc session closed"); unsetenv("RC_PAM_STOPPING"); unsetenv("EINFO_LOG"); diff --git a/src/openrc/rc.c b/src/openrc/rc.c index 819f6d73..e1625887 100644 --- a/src/openrc/rc.c +++ b/src/openrc/rc.c @@ -50,7 +50,7 @@ #include "helpers.h" const char *extraopts = NULL; -const char getoptstring[] = "a:no:s:S" getoptstring_COMMON +const char getoptstring[] = "a:no:s:Slu" getoptstring_COMMON #ifdef RC_USER_SERVICES getoptstring_USER_SERVICES #endif @@ -61,6 +61,8 @@ const struct option longopts[] = { { "override", 1, NULL, 'o' }, { "service", 1, NULL, 's' }, { "sys", 0, NULL, 'S' }, + { "lock", 0, NULL, 'l' }, + { "unlock", 0, NULL, 'u' }, #ifdef RC_USER_SERVICES longopts_USER_SERVICES #endif @@ -859,6 +861,8 @@ int main(int argc, char **argv) char *svcdir = NULL; #ifdef RC_USER_SERVICES int locknum = 0; + int lockval = 0; + bool lock = false; #endif #ifdef __linux__ char *proc; @@ -930,6 +934,14 @@ int main(int argc, char **argv) printf("%s\n", systype); exit(EXIT_SUCCESS); /* NOTREACHED */ + case 'l': + lock = true; + lockval = 1; + break; + case 'u': + lock = true; + lockval = -1; + break; #ifdef RC_USER_SERVICES case_RC_USER_SERVICES #endif @@ -964,16 +976,13 @@ int main(int argc, char **argv) free(pidstr); #ifdef RC_USER_SERVICES - if (rc_is_user()) { - if (rc_yesno(getenv("RC_PAM_STARTING"))) { - /* the lockfile count -1 because we don't want to count ourselves */ - locknum = inc_dec_lockfile(1) - 1; - } else if (rc_yesno(getenv("RC_PAM_STOPPING"))) { - locknum = inc_dec_lockfile(-1); - } + if (rc_is_user() && lock) { + /* if we are locking, reduce the count by 1, + * because we don't want to count ourselves */ + locknum = inc_dec_lockfile(lockval) - lockval > 0 ? 1 : 0; if (locknum > 0) { - einfov("lock set, skipping"); + einfov("Lock set, skipping"); return EXIT_SUCCESS; } } diff --git a/src/shared/misc.c b/src/shared/misc.c index b6001d77..abc7dfd5 100644 --- a/src/shared/misc.c +++ b/src/shared/misc.c @@ -75,8 +75,6 @@ static const char *const userenv_whitelist[] = { "XDG_CONFIG_HOME", "XDG_CACHE_HOME", "RC_USER_SERVICES", - "RC_PAM_STARTING", - "RC_PAM_STOPPING", }; #endif |