Light Display Manager

Merge lp:~robert-ancell/lightdm/setcred-on-unlock into lp:lightdm

  1. setcred-on-unlock
  2. Merge into trunk
Proposed by Robert Ancell
Status: Merged
Merged at revision: 1954
Proposed branch: lp:~robert-ancell/lightdm/setcred-on-unlock
Merge into: lp:lightdm
Diff against target: 667 lines (+321/-51)
9 files modified
src/session-child.c (+23/-0)
src/session.c (+16/-0)
tests/Makefile.am (+5/-3)
tests/scripts/autologin-pam.conf (+16/-3)
tests/scripts/login-pam.conf (+28/-7)
tests/scripts/switch-to-greeter-return-session-pam.conf (+102/-0)
tests/src/libsystem.c (+128/-37)
tests/test-autologin-pam (+1/-1)
tests/test-switch-to-greeter-return-session-pam (+2/-0)
To merge this branch: bzr merge lp:~robert-ancell/lightdm/setcred-on-unlock
Reviewer Review Type Date Requested Status
Robert Ancell Approve
PS Jenkins bot continuous-integration Approve
Review via email: mp+212337@code.launchpad.net

Commit message

When switching to an existing session refresh PAM credentials and end session cleanly so no resources leak.

To post a comment you must log in.
Revision history for this message
Robert Ancell (robert-ancell) wrote :

Awaiting confirmation from reporters in bug 1296276

lp:~robert-ancell/lightdm/setcred-on-unlock updated
1945. By Robert Ancell

Use PAM_REINITIALIZE_CRED instead of PAM_REFRESH_CRED as that's what GDM/gnome-screensaver do

Revision history for this message
PS Jenkins bot (ps-jenkins) wrote :

PASSED: Continuous integration, rev:1944
http://jenkins.qa.ubuntu.com/job/lightdm-ci/262/
Executed test runs:
    SUCCESS: http://jenkins.qa.ubuntu.com/job/lightdm-trusty-amd64-ci/56
    SUCCESS: http://jenkins.qa.ubuntu.com/job/lightdm-trusty-armhf-ci/56

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/lightdm-ci/262/rebuild

review: Approve (continuous-integration)
lp:~robert-ancell/lightdm/setcred-on-unlock updated
1946. By Robert Ancell

Call pam_end after reinitializing credentials

Revision history for this message
PS Jenkins bot (ps-jenkins) wrote :

PASSED: Continuous integration, rev:1945
http://jenkins.qa.ubuntu.com/job/lightdm-ci/263/
Executed test runs:
    SUCCESS: http://jenkins.qa.ubuntu.com/job/lightdm-trusty-amd64-ci/57
    SUCCESS: http://jenkins.qa.ubuntu.com/job/lightdm-trusty-armhf-ci/57

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/lightdm-ci/263/rebuild

review: Approve (continuous-integration)
Revision history for this message
PS Jenkins bot (ps-jenkins) wrote :

PASSED: Continuous integration, rev:1946
http://jenkins.qa.ubuntu.com/job/lightdm-ci/264/
Executed test runs:
    SUCCESS: http://jenkins.qa.ubuntu.com/job/lightdm-trusty-amd64-ci/58
    SUCCESS: http://jenkins.qa.ubuntu.com/job/lightdm-trusty-armhf-ci/58

Click here to trigger a rebuild:
http://s-jenkins.ubuntu-ci:8080/job/lightdm-ci/264/rebuild

review: Approve (continuous-integration)
Revision history for this message
Robert Ancell (robert-ancell) wrote :

Committing to trunk, this should probably also go into lp:lightdm/1.10

review: Approve
Revision history for this message
Robert Ancell (robert-ancell) wrote :

MP for 1.10: https://code.launchpad.net/~robert-ancell/lightdm/setcred-on-unlock-1.10/+merge/214660

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'src/session-child.c'
2--- src/session-child.c 2014-03-10 23:44:49 +0000
3+++ src/session-child.c 2014-03-23 23:35:47 +0000
4@@ -353,7 +353,10 @@
5
6 /* See what user we ended up as */
7 if (pam_get_item (pam_handle, PAM_USER, (const void **) &new_username) != PAM_SUCCESS)
8+ {
9+ pam_end (pam_handle, 0);
10 return EXIT_FAILURE;
11+ }
12 g_free (username);
13 username = g_strdup (new_username);
14
15@@ -438,12 +441,16 @@
16 if (!username)
17 {
18 g_printerr ("No user selected during authentication\n");
19+ pam_end (pam_handle, 0);
20 return EXIT_FAILURE;
21 }
22
23 /* Stop if we didn't authenticated */
24 if (authentication_result != PAM_SUCCESS)
25+ {
26+ pam_end (pam_handle, 0);
27 return EXIT_FAILURE;
28+ }
29
30 /* Get the command to run (blocks) */
31 log_filename = read_string ();
32@@ -470,6 +477,14 @@
33 command_argv[i] = read_string ();
34 command_argv[i] = NULL;
35
36+ /* If nothing to run just refresh credentials because we successfully authenticated */
37+ if (command_argc == 0)
38+ {
39+ pam_setcred (pam_handle, PAM_REINITIALIZE_CRED);
40+ pam_end (pam_handle, 0);
41+ return EXIT_SUCCESS;
42+ }
43+
44 /* Redirect stderr to a log file */
45 if (log_filename)
46 {
47@@ -506,6 +521,7 @@
48 if (result != PAM_SUCCESS)
49 {
50 g_printerr ("Failed to establish PAM credentials: %s\n", pam_strerror (pam_handle, result));
51+ pam_end (pam_handle, 0);
52 return EXIT_FAILURE;
53 }
54
55@@ -514,6 +530,7 @@
56 if (result != PAM_SUCCESS)
57 {
58 g_printerr ("Failed to open PAM session: %s\n", pam_strerror (pam_handle, result));
59+ pam_end (pam_handle, 0);
60 return EXIT_FAILURE;
61 }
62
63@@ -522,7 +539,10 @@
64 if (error)
65 g_printerr ("Unable to contact system bus: %s", error->message);
66 if (!bus)
67+ {
68+ pam_end (pam_handle, 0);
69 return EXIT_FAILURE;
70+ }
71
72 if (login1_is_running ())
73 {
74@@ -580,7 +600,10 @@
75 g_printerr ("Error writing X authority: %s\n", error->message);
76 g_clear_error (&error);
77 if (!result)
78+ {
79+ pam_end (pam_handle, 0);
80 return EXIT_FAILURE;
81+ }
82
83 value = g_strdup_printf ("XAUTHORITY=%s", x_authority_filename);
84 pam_putenv (pam_handle, value);
85
86=== modified file 'src/session.c'
87--- src/session.c 2014-03-17 16:02:32 +0000
88+++ src/session.c 2014-03-23 23:35:47 +0000
89@@ -846,6 +846,22 @@
90 {
91 g_return_if_fail (session != NULL);
92
93+ /* If can cleanly stop then do that */
94+ if (session_get_is_authenticated (session) && !session->priv->command_run)
95+ {
96+ gsize n = 0;
97+
98+ session->priv->command_run = TRUE;
99+ write_string (session, NULL); // log filename
100+ write_string (session, NULL); // tty
101+ write_string (session, NULL); // xauth filename
102+ write_string (session, NULL); // xdisplay
103+ write_xauth (session, NULL); // xauth
104+ write_data (session, &n, sizeof (n)); // environment
105+ write_data (session, &n, sizeof (n)); // command
106+ return;
107+ }
108+
109 if (session->priv->stopping)
110 return;
111 session->priv->stopping = TRUE;
112
113=== modified file 'tests/Makefile.am'
114--- tests/Makefile.am 2014-03-17 03:37:55 +0000
115+++ tests/Makefile.am 2014-03-23 23:35:47 +0000
116@@ -19,6 +19,7 @@
117 test-additional-system-config-priority \
118 test-headless \
119 test-autologin \
120+ test-autologin-pam \
121 test-autologin-in-background \
122 test-autologin-guest-in-background \
123 test-autologin-timeout-in-background \
124@@ -35,7 +36,6 @@
125 test-change-authentication \
126 test-restart-authentication \
127 test-gobject-cancel-authentication \
128- test-pam \
129 test-login-pam \
130 test-denied \
131 test-expired \
132@@ -134,6 +134,7 @@
133 test-switch-to-greeter \
134 test-switch-to-greeter-new-session \
135 test-switch-to-greeter-return-session \
136+ test-switch-to-greeter-return-session-pam \
137 test-switch-to-greeter-return-session-logout \
138 test-switch-to-guest \
139 test-switch-to-user \
140@@ -329,12 +330,13 @@
141 scripts/autologin.conf \
142 scripts/autologin-guest.conf \
143 scripts/autologin-guest-fail-setup-script.conf \
144+ scripts/autologin-guest-in-background.conf \
145 scripts/autologin-guest-logout.conf \
146 scripts/autologin-guest-session-config.conf \
147 scripts/autologin-guest-timeout.conf \
148 scripts/autologin-in-background.conf \
149 scripts/autologin-invalid-greeter.conf \
150- scripts/autologin-guest-in-background.conf \
151+ scripts/autologin-pam.conf \
152 scripts/autologin-timeout-in-background.conf \
153 scripts/autologin-invalid-session.conf \
154 scripts/autologin-invalid-user.conf \
155@@ -426,7 +428,6 @@
156 scripts/no-console-kit-or-login1.conf \
157 scripts/no-login1.conf \
158 scripts/open-file-descriptors.conf \
159- scripts/pam.conf \
160 scripts/power.conf \
161 scripts/power-no-console-kit.conf \
162 scripts/power-no-services.conf \
163@@ -455,6 +456,7 @@
164 scripts/switch-to-greeter-new-session.conf \
165 scripts/switch-to-greeter-return-session.conf \
166 scripts/switch-to-greeter-return-session-logout.conf \
167+ scripts/switch-to-greeter-return-session-pam.conf \
168 scripts/switch-to-guest.conf \
169 scripts/switch-to-user.conf \
170 scripts/switch-to-users.conf \
171
172=== renamed file 'tests/scripts/pam.conf' => 'tests/scripts/autologin-pam.conf'
173--- tests/scripts/pam.conf 2014-03-17 18:33:02 +0000
174+++ tests/scripts/autologin-pam.conf 2014-03-23 23:35:47 +0000
175@@ -1,11 +1,14 @@
176 #
177-# Check we handle conversations during each PAM method
178+# Check we correctly use PAM for automatic login
179 #
180
181 [SeatDefaults]
182-autologin-user=log-pam
183+autologin-user=no-password1
184 user-session=default
185
186+[test-pam]
187+log-events=true
188+
189 #?*START-DAEMON
190 #?RUNNER DAEMON-START
191
192@@ -17,8 +20,15 @@
193 #?XSERVER-0 INDICATE-READY
194 #?XSERVER-0 ACCEPT-CONNECT
195
196+# Session authenticates
197+#?PAM-no-password1 START SERVICE=lightdm-autologin USER=no-password1
198+#?PAM-no-password1 AUTHENTICATE
199+#?PAM-no-password1 ACCT-MGMT
200+#?PAM-no-password1 SETCRED ESTABLISH_CRED
201+#?PAM-no-password1 OPEN-SESSION
202+
203 # Session starts
204-#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/log-pam DESKTOP_SESSION=default USER=log-pam
205+#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/no-password1 DESKTOP_SESSION=default USER=no-password1
206 #?LOGIN1 ACTIVATE-SESSION SESSION=c0
207 #?XSERVER-0 ACCEPT-CONNECT
208 #?SESSION-X-0 CONNECT-XSERVER
209@@ -26,5 +36,8 @@
210 # Cleanup
211 #?*STOP-DAEMON
212 #?SESSION-X-0 TERMINATE SIGNAL=15
213+#?PAM-no-password1 CLOSE-SESSION
214+#?PAM-no-password1 SETCRED DELETE_CRED
215+#?PAM-no-password1 END
216 #?XSERVER-0 TERMINATE SIGNAL=15
217 #?RUNNER DAEMON-EXIT STATUS=0
218
219=== modified file 'tests/scripts/login-pam.conf'
220--- tests/scripts/login-pam.conf 2014-03-17 18:33:02 +0000
221+++ tests/scripts/login-pam.conf 2014-03-23 23:35:47 +0000
222@@ -1,10 +1,13 @@
223 #
224-# Check we handle conversations during each PAM method
225+# Check we correctly use PAM for login
226 #
227
228 [SeatDefaults]
229 user-session=default
230
231+[test-pam]
232+log-events=true
233+
234 #?*START-DAEMON
235 #?RUNNER DAEMON-START
236
237@@ -16,6 +19,11 @@
238 #?XSERVER-0 INDICATE-READY
239 #?XSERVER-0 ACCEPT-CONNECT
240
241+# Create PAM session for greeter
242+#?PAM-lightdm START SERVICE=lightdm-greeter USER=lightdm
243+#?PAM-lightdm SETCRED ESTABLISH_CRED
244+#?PAM-lightdm OPEN-SESSION
245+
246 # Greeter starts
247 #?GREETER-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_SESSION_CLASS=greeter
248 #?LOGIN1 ACTIVATE-SESSION SESSION=c0
249@@ -24,18 +32,28 @@
250 #?GREETER-X-0 CONNECT-TO-DAEMON
251 #?GREETER-X-0 CONNECTED-TO-DAEMON
252
253-# Log into account with a password
254-#?*GREETER-X-0 AUTHENTICATE USERNAME=log-pam
255-#?GREETER-X-0 SHOW-MESSAGE TEXT="pam_authenticate"
256+# Greeter does authentication via PAM
257+#?*GREETER-X-0 AUTHENTICATE USERNAME=have-password1
258+#?PAM-have-password1 START SERVICE=lightdm USER=have-password1
259+#?PAM-have-password1 AUTHENTICATE
260 #?GREETER-X-0 SHOW-PROMPT TEXT="Password:"
261 #?*GREETER-X-0 RESPOND TEXT="password"
262-#?GREETER-X-0 SHOW-MESSAGE TEXT="pam_acct_mgmt"
263-#?GREETER-X-0 AUTHENTICATION-COMPLETE USERNAME=log-pam AUTHENTICATED=TRUE
264+#?PAM-have-password1 ACCT-MGMT
265+#?GREETER-X-0 AUTHENTICATION-COMPLETE USERNAME=have-password1 AUTHENTICATED=TRUE
266+
267+# User session starts
268 #?*GREETER-X-0 START-SESSION
269+#?PAM-have-password1 SETCRED ESTABLISH_CRED
270+#?PAM-have-password1 OPEN-SESSION
271+
272+# Greeter session stops
273 #?GREETER-X-0 TERMINATE SIGNAL=15
274+#?PAM-lightdm CLOSE-SESSION
275+#?PAM-lightdm SETCRED DELETE_CRED
276+#?PAM-lightdm END
277
278 # Session starts
279-#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/log-pam DESKTOP_SESSION=default USER=log-pam
280+#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/have-password1 DESKTOP_SESSION=default USER=have-password1
281 #?LOGIN1 ACTIVATE-SESSION SESSION=c1
282 #?XSERVER-0 ACCEPT-CONNECT
283 #?SESSION-X-0 CONNECT-XSERVER
284@@ -43,5 +61,8 @@
285 # Cleanup
286 #?*STOP-DAEMON
287 #?SESSION-X-0 TERMINATE SIGNAL=15
288+#?PAM-have-password1 CLOSE-SESSION
289+#?PAM-have-password1 SETCRED DELETE_CRED
290+#?PAM-have-password1 END
291 #?XSERVER-0 TERMINATE SIGNAL=15
292 #?RUNNER DAEMON-EXIT STATUS=0
293
294=== added file 'tests/scripts/switch-to-greeter-return-session-pam.conf'
295--- tests/scripts/switch-to-greeter-return-session-pam.conf 1970-01-01 00:00:00 +0000
296+++ tests/scripts/switch-to-greeter-return-session-pam.conf 2014-03-23 23:35:47 +0000
297@@ -0,0 +1,102 @@
298+#
299+# Check we correctly use PAM for returning to an existing session
300+#
301+
302+[SeatDefaults]
303+autologin-user=have-password1
304+user-session=default
305+
306+[test-pam]
307+log-events=true
308+
309+#?*START-DAEMON
310+#?RUNNER DAEMON-START
311+
312+# X server starts
313+#?XSERVER-0 START VT=7 SEAT=seat0
314+
315+# Daemon connects when X server is ready
316+#?*XSERVER-0 INDICATE-READY
317+#?XSERVER-0 INDICATE-READY
318+#?XSERVER-0 ACCEPT-CONNECT
319+
320+# Session authenticates
321+#?PAM-have-password1 START SERVICE=lightdm-autologin USER=have-password1
322+#?PAM-have-password1 AUTHENTICATE
323+#?PAM-have-password1 ACCT-MGMT
324+#?PAM-have-password1 SETCRED ESTABLISH_CRED
325+#?PAM-have-password1 OPEN-SESSION
326+
327+# Session starts
328+#?SESSION-X-0 START XDG_SEAT=seat0 XDG_VTNR=7 XDG_GREETER_DATA_DIR=.*/have-password1 DESKTOP_SESSION=default USER=have-password1
329+#?LOGIN1 ACTIVATE-SESSION SESSION=c0
330+#?XSERVER-0 ACCEPT-CONNECT
331+#?SESSION-X-0 CONNECT-XSERVER
332+
333+# Show the greeter
334+#?*SWITCH-TO-GREETER
335+#?RUNNER SWITCH-TO-GREETER
336+
337+# New X server starts
338+#?XSERVER-1 START VT=8 SEAT=seat0
339+
340+# Daemon connects when X server is ready
341+#?*XSERVER-1 INDICATE-READY
342+#?XSERVER-1 INDICATE-READY
343+#?XSERVER-1 ACCEPT-CONNECT
344+
345+# Session is locked
346+#?LOGIN1 LOCK-SESSION
347+
348+# Create PAM session for greeter
349+#?PAM-lightdm START SERVICE=lightdm-greeter USER=lightdm
350+#?PAM-lightdm SETCRED ESTABLISH_CRED
351+#?PAM-lightdm OPEN-SESSION
352+
353+# Greeter starts
354+#?GREETER-X-1 START XDG_SEAT=seat0 XDG_VTNR=8 XDG_SESSION_CLASS=greeter
355+#?XSERVER-1 ACCEPT-CONNECT
356+#?GREETER-X-1 CONNECT-XSERVER
357+#?GREETER-X-1 CONNECT-TO-DAEMON
358+#?GREETER-X-1 CONNECTED-TO-DAEMON
359+
360+# Switch to greeter
361+#?LOGIN1 ACTIVATE-SESSION SESSION=c1
362+#?VT ACTIVATE VT=8
363+
364+# Login as existing user
365+#?*GREETER-X-1 AUTHENTICATE USERNAME=have-password1
366+#?PAM-have-password1 START SERVICE=lightdm USER=have-password1
367+#?PAM-have-password1 AUTHENTICATE
368+#?GREETER-X-1 SHOW-PROMPT TEXT="Password:"
369+#?*GREETER-X-1 RESPOND TEXT="password"
370+#?PAM-have-password1 ACCT-MGMT
371+#?GREETER-X-1 AUTHENTICATION-COMPLETE USERNAME=have-password1 AUTHENTICATED=TRUE
372+#?*GREETER-X-1 START-SESSION
373+
374+# Credentials are refreshed
375+#?PAM-have-password1 SETCRED REINITIALIZE_CRED
376+#?PAM-have-password1 END
377+
378+# Session is unlocked
379+#?LOGIN1 UNLOCK-SESSION
380+
381+# Switch to session
382+#?LOGIN1 ACTIVATE-SESSION SESSION=c0
383+#?VT ACTIVATE VT=7
384+
385+# Greeter and X server stop
386+#?GREETER-X-1 TERMINATE SIGNAL=15
387+#?PAM-lightdm CLOSE-SESSION
388+#?PAM-lightdm SETCRED DELETE_CRED
389+#?PAM-lightdm END
390+#?XSERVER-1 TERMINATE SIGNAL=15
391+
392+# Cleanup
393+#?*STOP-DAEMON
394+#?SESSION-X-0 TERMINATE SIGNAL=15
395+#?PAM-have-password1 CLOSE-SESSION
396+#?PAM-have-password1 SETCRED DELETE_CRED
397+#?PAM-have-password1 END
398+#?XSERVER-0 TERMINATE SIGNAL=15
399+#?RUNNER DAEMON-EXIT STATUS=0
400
401=== modified file 'tests/src/libsystem.c'
402--- tests/src/libsystem.c 2014-03-18 03:06:36 +0000
403+++ tests/src/libsystem.c 2014-03-23 23:35:47 +0000
404@@ -54,6 +54,7 @@
405
406 struct pam_handle
407 {
408+ char *id;
409 char *service_name;
410 char *user;
411 char *authtok;
412@@ -794,6 +795,25 @@
413 if (handle == NULL)
414 return PAM_BUF_ERR;
415
416+ if (user)
417+ handle->id = g_strdup_printf ("PAM-%s", user);
418+ else
419+ handle->id = g_strdup ("PAM");
420+
421+ connect_status ();
422+ if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL))
423+ {
424+ GString *status;
425+
426+ status = g_string_new ("");
427+ g_string_append_printf (status, "%s START", handle->id);
428+ g_string_append_printf (status, " SERVICE=%s", service_name);
429+ if (user)
430+ g_string_append_printf (status, " USER=%s", user);
431+ status_notify (status->str);
432+ g_string_free (status, TRUE);
433+ }
434+
435 handle->service_name = strdup (service_name);
436 handle->user = user ? strdup (user) : NULL;
437 handle->authtok = NULL;
438@@ -807,27 +827,6 @@
439 return PAM_SUCCESS;
440 }
441
442-static void
443-send_info (pam_handle_t *pamh, const char *message)
444-{
445- struct pam_message **msg;
446- struct pam_response *resp = NULL;
447-
448- msg = calloc (1, sizeof (struct pam_message *));
449- msg[0] = malloc (sizeof (struct pam_message));
450- msg[0]->msg_style = PAM_TEXT_INFO;
451- msg[0]->msg = message;
452- pamh->conversation.conv (1, (const struct pam_message **) msg, &resp, pamh->conversation.appdata_ptr);
453- free (msg[0]);
454- free (msg);
455- if (resp)
456- {
457- if (resp[0].resp)
458- free (resp[0].resp);
459- free (resp);
460- }
461-}
462-
463 int
464 pam_authenticate (pam_handle_t *pamh, int flags)
465 {
466@@ -836,6 +835,22 @@
467
468 if (pamh == NULL)
469 return PAM_SYSTEM_ERR;
470+
471+ connect_status ();
472+ if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL))
473+ {
474+ GString *status;
475+
476+ status = g_string_new ("");
477+ g_string_append_printf (status, "%s AUTHENTICATE", pamh->id);
478+ if (flags & PAM_SILENT)
479+ g_string_append (status, " SILENT");
480+ if (flags & PAM_DISALLOW_NULL_AUTHTOK)
481+ g_string_append (status, " DISALLOW_NULL_AUTHTOK");
482+
483+ status_notify (status->str);
484+ g_string_free (status, TRUE);
485+ }
486
487 if (strcmp (pamh->service_name, "test-remote") == 0)
488 {
489@@ -929,9 +944,6 @@
490 free (resp);
491 }
492
493- if (strcmp (pamh->user, "log-pam") == 0)
494- send_info (pamh, "pam_authenticate");
495-
496 /* Crash on authenticate */
497 if (strcmp (pamh->user, "crash-authenticate") == 0)
498 kill (getpid (), SIGSEGV);
499@@ -1201,12 +1213,23 @@
500 if (pamh == NULL)
501 return PAM_SYSTEM_ERR;
502
503+ connect_status ();
504+ if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL))
505+ {
506+ GString *status;
507+
508+ status = g_string_new ("");
509+ g_string_append_printf (status, "%s OPEN-SESSION", pamh->id);
510+ if (flags & PAM_SILENT)
511+ g_string_append (status, " SILENT");
512+
513+ status_notify (status->str);
514+ g_string_free (status, TRUE);
515+ }
516+
517 if (strcmp (pamh->user, "session-error") == 0)
518 return PAM_SESSION_ERR;
519
520- if (strcmp (pamh->user, "log-pam") == 0)
521- send_info (pamh, "pam_open_session");
522-
523 if (strcmp (pamh->user, "make-home-dir") == 0)
524 {
525 struct passwd *entry;
526@@ -1223,8 +1246,19 @@
527 if (pamh == NULL)
528 return PAM_SYSTEM_ERR;
529
530- if (strcmp (pamh->user, "log-pam") == 0)
531- send_info (pamh, "pam_close_session");
532+ connect_status ();
533+ if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL))
534+ {
535+ GString *status;
536+
537+ status = g_string_new ("");
538+ g_string_append_printf (status, "%s CLOSE-SESSION", pamh->id);
539+ if (flags & PAM_SILENT)
540+ g_string_append (status, " SILENT");
541+
542+ status_notify (status->str);
543+ g_string_free (status, TRUE);
544+ }
545
546 return PAM_SUCCESS;
547 }
548@@ -1234,13 +1268,26 @@
549 {
550 if (pamh == NULL)
551 return PAM_SYSTEM_ERR;
552+
553+ connect_status ();
554+ if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL))
555+ {
556+ GString *status;
557+
558+ status = g_string_new ("");
559+ g_string_append_printf (status, "%s ACCT-MGMT", pamh->id);
560+ if (flags & PAM_SILENT)
561+ g_string_append (status, " SILENT");
562+ if (flags & PAM_DISALLOW_NULL_AUTHTOK)
563+ g_string_append (status, " DISALLOW_NULL_AUTHTOK");
564+
565+ status_notify (status->str);
566+ g_string_free (status, TRUE);
567+ }
568
569 if (!pamh->user)
570 return PAM_USER_UNKNOWN;
571
572- if (strcmp (pamh->user, "log-pam") == 0)
573- send_info (pamh, "pam_acct_mgmt");
574-
575 if (strcmp (pamh->user, "denied") == 0)
576 return PAM_PERM_DENIED;
577 if (strcmp (pamh->user, "expired") == 0)
578@@ -1262,8 +1309,21 @@
579 if (pamh == NULL)
580 return PAM_SYSTEM_ERR;
581
582- if (strcmp (pamh->user, "log-pam") == 0)
583- send_info (pamh, "pam_chauthtok");
584+ connect_status ();
585+ if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL))
586+ {
587+ GString *status;
588+
589+ status = g_string_new ("");
590+ g_string_append_printf (status, "%s CHAUTHTOK", pamh->id);
591+ if (flags & PAM_SILENT)
592+ g_string_append (status, " SILENT");
593+ if (flags & PAM_CHANGE_EXPIRED_AUTHTOK)
594+ g_string_append (status, " CHANGE_EXPIRED_AUTHTOK");
595+
596+ status_notify (status->str);
597+ g_string_free (status, TRUE);
598+ }
599
600 msg = malloc (sizeof (struct pam_message *) * 1);
601 msg[0] = malloc (sizeof (struct pam_message));
602@@ -1303,8 +1363,27 @@
603 if (pamh == NULL)
604 return PAM_SYSTEM_ERR;
605
606- if (strcmp (pamh->user, "log-pam") == 0)
607- send_info (pamh, "pam_setcred");
608+ connect_status ();
609+ if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL))
610+ {
611+ GString *status;
612+
613+ status = g_string_new ("");
614+ g_string_append_printf (status, "%s SETCRED", pamh->id);
615+ if (flags & PAM_SILENT)
616+ g_string_append (status, " SILENT");
617+ if (flags & PAM_ESTABLISH_CRED)
618+ g_string_append (status, " ESTABLISH_CRED");
619+ if (flags & PAM_DELETE_CRED)
620+ g_string_append (status, " DELETE_CRED");
621+ if (flags & PAM_REINITIALIZE_CRED)
622+ g_string_append (status, " REINITIALIZE_CRED");
623+ if (flags & PAM_REFRESH_CRED)
624+ g_string_append (status, " REFRESH_CRED");
625+
626+ status_notify (status->str);
627+ g_string_free (status, TRUE);
628+ }
629
630 /* Put the test directories into the path */
631 e = g_strdup_printf ("PATH=%s/tests/src/.libs:%s/tests/src:%s/tests/src:%s/src:%s", BUILDDIR, BUILDDIR, SRCDIR, BUILDDIR, pam_getenv (pamh, "PATH"));
632@@ -1353,7 +1432,19 @@
633 {
634 if (pamh == NULL)
635 return PAM_SYSTEM_ERR;
636-
637+
638+ connect_status ();
639+ if (g_key_file_get_boolean (config, "test-pam", "log-events", NULL))
640+ {
641+ GString *status;
642+
643+ status = g_string_new ("");
644+ g_string_append_printf (status, "%s END", pamh->id);
645+ status_notify (status->str);
646+ g_string_free (status, TRUE);
647+ }
648+
649+ free (pamh->id);
650 free (pamh->service_name);
651 if (pamh->user)
652 free (pamh->user);
653
654=== renamed file 'tests/test-pam' => 'tests/test-autologin-pam'
655--- tests/test-pam 2012-04-05 06:52:27 +0000
656+++ tests/test-autologin-pam 2014-03-23 23:35:47 +0000
657@@ -1,2 +1,2 @@
658 #!/bin/sh
659-./src/dbus-env ./src/test-runner pam test-gobject-greeter
660+./src/dbus-env ./src/test-runner autologin-pam test-gobject-greeter
661
662=== added file 'tests/test-switch-to-greeter-return-session-pam'
663--- tests/test-switch-to-greeter-return-session-pam 1970-01-01 00:00:00 +0000
664+++ tests/test-switch-to-greeter-return-session-pam 2014-03-23 23:35:47 +0000
665@@ -0,0 +1,2 @@
666+#!/bin/sh
667+./src/dbus-env ./src/test-runner switch-to-greeter-return-session-pam test-gobject-greeter

Subscribers

People subscribed via source and target branches