diff options
| author | Dmitry V. Levin <ldv@altlinux.org> | 2009-04-03 00:36:22 +0000 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@altlinux.org> | 2009-04-03 00:36:22 +0000 |
| commit | 8575828fae141d5f918fca7f123cc96f6793ac11 (patch) | |
| tree | f2ca2fa7f27fdf59deefda12f8cc2d6638bcf25f /modules | |
| parent | 5182ea70c8425d302c31386a325b869fcfef9671 (diff) | |
| download | pam-8575828fae141d5f918fca7f123cc96f6793ac11.tar.gz pam-8575828fae141d5f918fca7f123cc96f6793ac11.tar.bz2 pam-8575828fae141d5f918fca7f123cc96f6793ac11.zip | |
Relevant BUGIDs:
Purpose of commit: bugfix
Commit summary:
---------------
2009-04-03 Dmitry V. Levin <ldv@altlinux.org>
* libpamc/pamc_load.c (__pamc_exec_agent): Replace call to exit(3)
in child process with call to _exit(2).
* modules/pam_mkhomedir/pam_mkhomedir.c (create_homedir): Likewise.
* modules/pam_unix/pam_unix_acct.c (_unix_run_verify_binary):
Likewise.
* modules/pam_unix/pam_unix_passwd.c (_unix_run_update_binary):
Likewise.
* modules/pam_unix/support.c (_unix_run_helper_binary): Likewise.
* modules/pam_xauth/pam_xauth.c (run_coprocess): Likewise.
* modules/pam_exec/pam_exec.c (call_exec): Replace all calls to
exit(3) in child process with calls to _exit(2).
* modules/pam_filter/pam_filter.c (set_filter): Likewise.
* modules/pam_namespace/pam_namespace.c (inst_init,
cleanup_tmpdirs): Likewise.
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/pam_exec/pam_exec.c | 35 | ||||
| -rw-r--r-- | modules/pam_filter/pam_filter.c | 5 | ||||
| -rw-r--r-- | modules/pam_mkhomedir/pam_mkhomedir.c | 2 | ||||
| -rw-r--r-- | modules/pam_namespace/pam_namespace.c | 10 | ||||
| -rw-r--r-- | modules/pam_unix/pam_unix_acct.c | 3 | ||||
| -rw-r--r-- | modules/pam_unix/pam_unix_passwd.c | 2 | ||||
| -rw-r--r-- | modules/pam_unix/support.c | 2 | ||||
| -rw-r--r-- | modules/pam_xauth/pam_xauth.c | 2 |
8 files changed, 29 insertions, 32 deletions
diff --git a/modules/pam_exec/pam_exec.c b/modules/pam_exec/pam_exec.c index 47e1d5bb..7b2e402c 100644 --- a/modules/pam_exec/pam_exec.c +++ b/modules/pam_exec/pam_exec.c @@ -252,7 +252,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh, { int err = errno; pam_syslog (pamh, LOG_ERR, "dup2 of STDIN failed: %m"); - exit (err); + _exit (err); } for (i = 0; i < sysconf (_SC_OPEN_MAX); i++) @@ -271,7 +271,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh, { int err = errno; pam_syslog (pamh, LOG_ERR, "open of /dev/null failed: %m"); - exit (err); + _exit (err); } } @@ -287,7 +287,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh, int err = errno; pam_syslog (pamh, LOG_ERR, "open of %s failed: %m", logfile); - exit (err); + _exit (err); } if (asprintf (&buffer, "*** %s", ctime (&tm)) > 0) { @@ -302,7 +302,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh, { int err = errno; pam_syslog (pamh, LOG_ERR, "open of /dev/null failed: %m"); - exit (err); + _exit (err); } } @@ -310,7 +310,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh, { int err = errno; pam_syslog (pamh, LOG_ERR, "dup failed: %m"); - exit (err); + _exit (err); } if (call_setuid) @@ -319,19 +319,19 @@ call_exec (const char *pam_type, pam_handle_t *pamh, int err = errno; pam_syslog (pamh, LOG_ERR, "setuid(%lu) failed: %m", (unsigned long) geteuid ()); - exit (err); + _exit (err); } if (setsid () == -1) { int err = errno; pam_syslog (pamh, LOG_ERR, "setsid failed: %m"); - exit (err); + _exit (err); } arggv = calloc (argc + 4, sizeof (char *)); if (arggv == NULL) - exit (ENOMEM); + _exit (ENOMEM); for (i = 0; i < (argc - optargc); i++) arggv[i] = strdup(argv[i+optargc]); @@ -351,7 +351,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh, { free(envlist); pam_syslog (pamh, LOG_ERR, "realloc environment failed: %m"); - exit (ENOMEM); + _exit (ENOMEM); } envlist = tmp; for (i = 0; i < nitems; ++i) @@ -364,7 +364,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh, { free(envlist); pam_syslog (pamh, LOG_ERR, "prepare environment failed: %m"); - exit (ENOMEM); + _exit (ENOMEM); } envlist[envlen++] = envstr; envlist[envlen] = NULL; @@ -374,7 +374,7 @@ call_exec (const char *pam_type, pam_handle_t *pamh, { free(envlist); pam_syslog (pamh, LOG_ERR, "prepare environment failed: %m"); - exit (ENOMEM); + _exit (ENOMEM); } envlist[envlen++] = envstr; envlist[envlen] = NULL; @@ -382,16 +382,11 @@ call_exec (const char *pam_type, pam_handle_t *pamh, if (debug) pam_syslog (pamh, LOG_DEBUG, "Calling %s ...", arggv[0]); - if (execve (arggv[0], arggv, envlist) == -1) - { - int err = errno; - pam_syslog (pamh, LOG_ERR, "execve(%s,...) failed: %m", - arggv[0]); - free(envlist); - exit (err); - } + execve (arggv[0], arggv, envlist); + i = errno; + pam_syslog (pamh, LOG_ERR, "execve(%s,...) failed: %m", arggv[0]); free(envlist); - exit (1); /* should never be reached. */ + _exit (i); } return PAM_SYSTEM_ERR; /* will never be reached. */ } diff --git a/modules/pam_filter/pam_filter.c b/modules/pam_filter/pam_filter.c index 6b821efc..2f290fd5 100644 --- a/modules/pam_filter/pam_filter.c +++ b/modules/pam_filter/pam_filter.c @@ -468,7 +468,7 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl, pam_syslog(pamh, LOG_WARNING, "unable to re-assign APPIN/OUT/ERR: %m"); close(fd[0]); - exit(1); + _exit(1); } /* make sure that file descriptors survive 'exec's */ @@ -481,7 +481,7 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl, close(APPIN_FILENO); close(APPOUT_FILENO); close(APPERR_FILENO); - exit(1); + _exit(1); } /* now the user input is read from the parent through filter */ @@ -491,6 +491,7 @@ set_filter (pam_handle_t *pamh, int flags UNUSED, int ctrl, /* getting to here is an error */ pam_syslog(pamh, LOG_ALERT, "filter: %s: %m", filtername); + _exit(1); } else { /* wait for either of the two children to exit */ diff --git a/modules/pam_mkhomedir/pam_mkhomedir.c b/modules/pam_mkhomedir/pam_mkhomedir.c index b81708f2..dfc4979e 100644 --- a/modules/pam_mkhomedir/pam_mkhomedir.c +++ b/modules/pam_mkhomedir/pam_mkhomedir.c @@ -154,7 +154,7 @@ create_homedir (pam_handle_t *pamh, options_t *opt, /* should not get here: exit with error */ D(("helper binary is not available")); - exit(PAM_SYSTEM_ERR); + _exit(PAM_SYSTEM_ERR); } else if (child > 0) { int rc; while ((rc=waitpid(child, &retval, 0)) < 0 && errno == EINTR); diff --git a/modules/pam_namespace/pam_namespace.c b/modules/pam_namespace/pam_namespace.c index 7d668d9e..f6219271 100644 --- a/modules/pam_namespace/pam_namespace.c +++ b/modules/pam_namespace/pam_namespace.c @@ -1184,12 +1184,12 @@ static int inst_init(const struct polydir_s *polyptr, const char *ipath, #ifdef WITH_SELINUX if (idata->flags & PAMNS_SELINUX_ENABLED) { if (setexeccon(NULL) < 0) - exit(1); + _exit(1); } #endif if (execl(init_script, init_script, polyptr->dir, ipath, newdir?"1":"0", idata->user, (char *)NULL) < 0) - exit(1); + _exit(1); } else if (pid > 0) { while (((rc = waitpid(pid, &status, 0)) == (pid_t)-1) && (errno == EINTR)); @@ -1611,16 +1611,16 @@ static int cleanup_tmpdirs(struct instance_data *idata) #ifdef WITH_SELINUX if (idata->flags & PAMNS_SELINUX_ENABLED) { if (setexeccon(NULL) < 0) - exit(1); + _exit(1); } #endif if (execl("/bin/rm", "/bin/rm", "-rf", pptr->instance_prefix, (char *)NULL) < 0) - exit(1); + _exit(1); } else if (pid > 0) { while (((rc = waitpid(pid, &status, 0)) == (pid_t)-1) && (errno == EINTR)); if (rc == (pid_t)-1) { - pam_syslog(idata->pamh, LOG_ERR, "waitpid failed- %m"); + pam_syslog(idata->pamh, LOG_ERR, "waitpid failed: %m"); rc = PAM_SESSION_ERR; goto out; } diff --git a/modules/pam_unix/pam_unix_acct.c b/modules/pam_unix/pam_unix_acct.c index 4e119340..08cc750f 100644 --- a/modules/pam_unix/pam_unix_acct.c +++ b/modules/pam_unix/pam_unix_acct.c @@ -130,7 +130,8 @@ int _unix_run_verify_binary(pam_handle_t *pamh, unsigned int ctrl, /* should not get here: exit with error */ D(("helper binary is not available")); printf("-1\n"); - exit(PAM_AUTHINFO_UNAVAIL); + fflush(stdout); + _exit(PAM_AUTHINFO_UNAVAIL); } else { close(fds[1]); if (child > 0) { diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c index ab1adda0..d3ee6815 100644 --- a/modules/pam_unix/pam_unix_passwd.c +++ b/modules/pam_unix/pam_unix_passwd.c @@ -207,7 +207,7 @@ static int _unix_run_update_binary(pam_handle_t *pamh, unsigned int ctrl, const /* should not get here: exit with error */ D(("helper binary is not available")); - exit(PAM_AUTHINFO_UNAVAIL); + _exit(PAM_AUTHINFO_UNAVAIL); } else if (child > 0) { /* wait for child */ /* if the stored password is NULL */ diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c index 98283502..050e0dc1 100644 --- a/modules/pam_unix/support.c +++ b/modules/pam_unix/support.c @@ -472,7 +472,7 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd, /* should not get here: exit with error */ D(("helper binary is not available")); - exit(PAM_AUTHINFO_UNAVAIL); + _exit(PAM_AUTHINFO_UNAVAIL); } else if (child > 0) { /* wait for child */ /* if the stored password is NULL */ diff --git a/modules/pam_xauth/pam_xauth.c b/modules/pam_xauth/pam_xauth.c index 518c015a..bc72a8c1 100644 --- a/modules/pam_xauth/pam_xauth.c +++ b/modules/pam_xauth/pam_xauth.c @@ -149,7 +149,7 @@ run_coprocess(const char *input, char **output, /* Run the command. */ execv(command, args); /* Never reached. */ - exit(1); + _exit(1); } /* We're the parent, so close the other ends of the pipes. */ |