From: Kyle Manna <kyle@kylemanna.com>
To: <kbd@lists.altlinux.org>
Subject: [kbd] [PATCH] vlock: Handle tty dying
Date: Fri, 26 Sep 2014 05:42:14 +0000 [thread overview]
Message-ID: <20140926054204.GH3701@kylemanna.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 720 bytes --]
Hi guys,
I ran into a problem where if vlock was running over ssh and the ssh
session died my system logs would get spammed by the now orphaned vlock
process on Arch Linux:
Sep 25 20:51:12 hostname vlock[31336]: pam_unix(vlock:auth): auth could not identify password for [user]
Sep 25 20:51:13 hostname vlock[31336]: pam_unix(vlock:auth): auth could not identify password for [user]
Sep 25 20:51:14 hostname vlock[31336]: pam_unix(vlock:auth): auth could not identify password for [user]
I was able to re-create this in many other situations (ssh, xterm
window/tab, tmux window/pane, etc).
The patch know checks for a tty on stdin where PAM will likely ask for
the password and exits if it's not found.
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-vlock-Handle-tty-dying.patch --]
[-- Type: text/x-diff, Size: 1158 bytes --]
From ec97bfb838ff45a1f7c3a640cb29f7eeb2718db3 Mon Sep 17 00:00:00 2001
From: Kyle Manna <kyle@kylemanna.com>
Date: Thu, 25 Sep 2014 22:22:17 -0700
Subject: [PATCH] vlock: Handle tty dying
* Gracefully exit when the parent tty dies.
* Typical causes of death include closing:
* terminal tab or window
* shell
* ssh session
* If no tty exists, I'm not sure what vlock would be locking.
Signed-off-by: Kyle Manna <kyle@kylemanna.com>
---
src/vlock/auth.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/src/vlock/auth.c b/src/vlock/auth.c
index da135ce..79b1319 100644
--- a/src/vlock/auth.c
+++ b/src/vlock/auth.c
@@ -67,6 +67,17 @@ get_password (pam_handle_t * pamh, const char *username, const char *tty)
int rc;
const char *msg;
+ /* Ensure that the process has a tty. If the parent had died,
+ * stdin/out are likely no longer valid and PAM will fail continuously.
+ */
+ if (isatty(STDIN_FILENO) != 1)
+ {
+ syslog (LOG_INFO,
+ "TTY %s disappeared for %s by (uid=%u)",
+ tty, username, uid);
+ return EXIT_FAILURE;
+ }
+
if (!pamh)
{
pamh = init_pam (username, tty, 1);
--
2.1.1
next reply other threads:[~2014-09-26 5:42 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-26 5:42 Kyle Manna [this message]
2015-01-23 17:46 ` [kbd] [PATCH] vlock: Handle tty dying Dmitry V. Levin
2015-01-23 17:47 ` [kbd] [PATCH 1/2] vlock: move some code around Dmitry V. Levin
2015-01-23 17:49 ` [kbd] [PATCH 2/2] vlock: handle disappearing ttys gracefully Dmitry V. Levin
2015-01-25 11:18 ` [kbd] [PATCH] vlock: Handle tty dying Alexey Gladkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140926054204.GH3701@kylemanna.com \
--to=kyle@kylemanna.com \
--cc=kbd@lists.altlinux.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.