From: Kyle Manna <kyle@kylemanna.com> To: <kbd@lists.altlinux.org> Subject: [kbd] [PATCH] vlock: Handle tty dying Date: Fri, 26 Sep 2014 05:42:14 +0000 Message-ID: <20140926054204.GH3701@kylemanna.com> (raw) [-- Attachment #1: Type: text/plain, Size: 720 bytes --] Hi guys, I ran into a problem where if vlock was running over ssh and the ssh session died my system logs would get spammed by the now orphaned vlock process on Arch Linux: Sep 25 20:51:12 hostname vlock[31336]: pam_unix(vlock:auth): auth could not identify password for [user] Sep 25 20:51:13 hostname vlock[31336]: pam_unix(vlock:auth): auth could not identify password for [user] Sep 25 20:51:14 hostname vlock[31336]: pam_unix(vlock:auth): auth could not identify password for [user] I was able to re-create this in many other situations (ssh, xterm window/tab, tmux window/pane, etc). The patch know checks for a tty on stdin where PAM will likely ask for the password and exits if it's not found. [-- Warning: decoded text below may be mangled, UTF-8 assumed --] [-- Attachment #2: 0001-vlock-Handle-tty-dying.patch --] [-- Type: text/x-diff, Size: 1158 bytes --] From ec97bfb838ff45a1f7c3a640cb29f7eeb2718db3 Mon Sep 17 00:00:00 2001 From: Kyle Manna <kyle@kylemanna.com> Date: Thu, 25 Sep 2014 22:22:17 -0700 Subject: [PATCH] vlock: Handle tty dying * Gracefully exit when the parent tty dies. * Typical causes of death include closing: * terminal tab or window * shell * ssh session * If no tty exists, I'm not sure what vlock would be locking. Signed-off-by: Kyle Manna <kyle@kylemanna.com> --- src/vlock/auth.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/vlock/auth.c b/src/vlock/auth.c index da135ce..79b1319 100644 --- a/src/vlock/auth.c +++ b/src/vlock/auth.c @@ -67,6 +67,17 @@ get_password (pam_handle_t * pamh, const char *username, const char *tty) int rc; const char *msg; + /* Ensure that the process has a tty. If the parent had died, + * stdin/out are likely no longer valid and PAM will fail continuously. + */ + if (isatty(STDIN_FILENO) != 1) + { + syslog (LOG_INFO, + "TTY %s disappeared for %s by (uid=%u)", + tty, username, uid); + return EXIT_FAILURE; + } + if (!pamh) { pamh = init_pam (username, tty, 1); -- 2.1.1
next reply other threads:[~2014-09-26 5:42 UTC|newest] Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top 2014-09-26 5:42 Kyle Manna [this message] 2015-01-23 17:46 ` Dmitry V. Levin 2015-01-23 17:47 ` [kbd] [PATCH 1/2] vlock: move some code around Dmitry V. Levin 2015-01-23 17:49 ` [kbd] [PATCH 2/2] vlock: handle disappearing ttys gracefully Dmitry V. Levin 2015-01-25 11:18 ` [kbd] [PATCH] vlock: Handle tty dying Alexey Gladkov
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20140926054204.GH3701@kylemanna.com \ --to=kyle@kylemanna.com \ --cc=kbd@lists.altlinux.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
Linux console tools development discussion This inbox may be cloned and mirrored by anyone: git clone --mirror http://lore.altlinux.org/kbd/0 kbd/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 kbd kbd/ http://lore.altlinux.org/kbd \ kbd@lists.altlinux.org kbd@lists.altlinux.ru kbd@lists.altlinux.com public-inbox-index kbd Example config snippet for mirrors. Newsgroup available over NNTP: nntp://lore.altlinux.org/org.altlinux.lists.kbd AGPL code for this site: git clone https://public-inbox.org/public-inbox.git