aboutsummaryrefslogtreecommitdiffstats
path: root/src/cerberus.c
diff options
context:
space:
mode:
authorMattias Andrée <maandree@operamail.com>2013-11-20 21:02:25 +0100
committerMattias Andrée <maandree@operamail.com>2013-11-20 21:02:25 +0100
commit61733cebeb3a752d5fae2b87b605ce82d15ba88f (patch)
treee6a49822700130f0d17a56c7868ac3f20b7bcc9b /src/cerberus.c
parentonly root may use -f (diff)
downloadlibpassphrase-61733cebeb3a752d5fae2b87b605ce82d15ba88f.tar.gz
libpassphrase-61733cebeb3a752d5fae2b87b605ce82d15ba88f.tar.bz2
libpassphrase-61733cebeb3a752d5fae2b87b605ce82d15ba88f.tar.xz
some work on pam usage
Signed-off-by: Mattias Andrée <maandree@operamail.com>
Diffstat (limited to '')
-rw-r--r--src/cerberus.c19
1 files changed, 13 insertions, 6 deletions
diff --git a/src/cerberus.c b/src/cerberus.c
index 90bab2f..06b83df 100644
--- a/src/cerberus.c
+++ b/src/cerberus.c
@@ -40,20 +40,22 @@ void do_login(int argc, char** argv);
*/
int main(int argc, char** argv)
{
- int _status;
-
do_login(argc, argv);
/* Ignore signals */
signal(SIGQUIT, SIG_IGN);
signal(SIGINT, SIG_IGN);
- /* Wait for the login shell to exit */
- waitpid(child_pid, &_status, 0);
+ /* Wait for the login shell and all grandchildren to exit */
+ while ((wait(NULL) == -1) && (errno == EINTR))
+ ;
/* Reset terminal ownership and mode */
chown_tty(0, tty_group, 0);
+ /* Close login session */
+ close_session_pam();
+
return 0;
}
@@ -213,7 +215,7 @@ void do_login(int argc, char** argv)
/* TODO verify passphrase */
/* Wipe and free the passphrase from the memory */
- if (skip_auth == 0)
+ if ((skip_auth == 0) && passphrase)
{
long i;
for (i = 0; *(passphrase + i); i++)
@@ -226,12 +228,16 @@ void do_login(int argc, char** argv)
reenable_echo();
+ /* Verify account, such as that it is enabled */
+ verify_account_pam();
+
+
/* Partial login */
- /* TODO verify that user is enabled */
chown_tty(entry->pw_uid, tty_group, 0);
chdir_home(entry);
ensure_shell(entry);
set_environ(entry, preserve_env);
+ open_session_pam();
/* Stop signal handling */
@@ -247,6 +253,7 @@ void do_login(int argc, char** argv)
if (child_pid == -1)
{
perror("fork");
+ close_session_pam();
sleep(ERROR_SLEEP);
_exit(1);
}