pam_mkhomedir: treat existing files as success

The mkhomedir_helper treats an already existing home directory as success. Keep this logic within create_homedir to reduce the negative impact of concurrently running instances. Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
author: Tobias Stoeckmann <tobias@stoeckmann.org> 2023-11-12 17:48:15 +0100
committer: Dmitry V. Levin <ldv@strace.io> 2023-11-29 15:40:53 +0000
commit: 8da969b15a354a4a77c1712be9b4e73ed286c373 (patch)
tree: c0a5b5228ce45b92f1670fe0fe1abd52563abf1c /modules
parent: a5e132e5af2a1b5ece95c1f66e398cdeea10ceff (diff)
download: pam-8da969b15a354a4a77c1712be9b4e73ed286c373.tar.gz
pam-8da969b15a354a4a77c1712be9b4e73ed286c373.tar.bz2
pam-8da969b15a354a4a77c1712be9b4e73ed286c373.zip
1 files changed, 13 insertions, 8 deletions
diff --git a/modules/pam_mkhomedir/mkhomedir_helper.c b/modules/pam_mkhomedir/mkhomedir_helper.c
index fd7708bb..c6e10288 100644
--- a/modules/pam_mkhomedir/mkhomedir_helper.c
+++ b/modules/pam_mkhomedir/mkhomedir_helper.c
@@ -40,8 +40,10 @@ create_homedir(const struct passwd *pwd, mode_t dir_mode,
    int retval = PAM_SESSION_ERR;
 
    /* Create the new directory */
-   if (mkdir(dest, 0700) && errno != EEXIST)
+   if (mkdir(dest, 0700))
    {
+      if (errno == EEXIST)
+	 return PAM_SUCCESS;
       pam_syslog(NULL, LOG_ERR, "unable to create directory %s: %m", dest);
       return PAM_PERM_DENIED;
    }
@@ -153,15 +155,17 @@ create_homedir(const struct passwd *pwd, mode_t dir_mode,
 	 if (pointedlen >= 0) {
             if(symlink(pointed, newdest) != 0)
             {
-               pam_syslog(NULL, LOG_DEBUG,
-			  "unable to create link %s: %m", newdest);
+               retval = errno == EEXIST ? PAM_SUCCESS : PAM_PERM_DENIED;
+
+               if (retval != PAM_SUCCESS)
+                  pam_syslog(NULL, LOG_DEBUG,
+			     "unable to create link %s: %m", newdest);
                closedir(d);
 #ifndef PATH_MAX
                free(pointed);
 #endif
                free(newsource);
                free(newdest);
-               retval = PAM_PERM_DENIED;
                goto go_out;
             }
 
@@ -213,16 +217,17 @@ create_homedir(const struct passwd *pwd, mode_t dir_mode,
       }
 
       /* Open the dest file */
-      if ((destfd = open(newdest, O_WRONLY | O_TRUNC | O_CREAT, 0600)) < 0)
+      if ((destfd = open(newdest, O_WRONLY | O_CREAT | O_EXCL, 0600)) < 0)
       {
-         pam_syslog(NULL, LOG_DEBUG,
-		    "unable to open dest file %s: %m", newdest);
+	 retval = errno == EEXIST ? PAM_SUCCESS : PAM_PERM_DENIED;
+	 if (retval != PAM_SUCCESS)
+	    pam_syslog(NULL, LOG_DEBUG,
+		       "unable to open dest file %s: %m", newdest);
 	 close(srcfd);
 	 closedir(d);
 
 	 free(newsource);
 	 free(newdest);
-	 retval = PAM_PERM_DENIED;
 	 goto go_out;
       }
author	Tobias Stoeckmann <tobias@stoeckmann.org>	2023-11-12 17:48:15 +0100
committer	Dmitry V. Levin <ldv@strace.io>	2023-11-29 15:40:53 +0000
commit	8da969b15a354a4a77c1712be9b4e73ed286c373 (patch)
tree	c0a5b5228ce45b92f1670fe0fe1abd52563abf1c /modules
parent	a5e132e5af2a1b5ece95c1f66e398cdeea10ceff (diff)
download	pam-8da969b15a354a4a77c1712be9b4e73ed286c373.tar.gz pam-8da969b15a354a4a77c1712be9b4e73ed286c373.tar.bz2 pam-8da969b15a354a4a77c1712be9b4e73ed286c373.zip