~ubuntu-branches/ubuntu/maverick/libcgroup/maverick-proposed

« back to all changes in this revision

Viewing changes to src/pam/pam_cgroup.c

Committer: Bazaar Package Importer
Author(s): Dustin Kirkland
Date: 2009-08-26 11:29:17 UTC
Revision ID: james.westby@ubuntu.com-20090826112917-402ews2uj6v350d2

Tags: upstream-0.34

Import upstream version 0.34

files added:

COPYING

INSTALL

Makefile.am

Makefile.in

README

README_daemon

aclocal.m4

config.guess

config.h.in

config.sub

configure

configure.in

depcomp

dist

dist/Makefile.am

dist/Makefile.in

dist/libcgroup.spec

dist/libcgroup.spec.in

doc/Makefile.am

doc/Makefile.in

doc/man

doc/man/Makefile.am

doc/man/Makefile.in

doc/man/cgclassify.1

doc/man/cgconfig.conf.5

doc/man/cgconfigparser.8

doc/man/cgcreate.1

doc/man/cgexec.1

doc/man/cgred.conf.5

doc/man/cgrules.conf.5

doc/man/cgrulesengd.8

doc/man/cgset.1

include

include/Makefile.am

include/Makefile.in

include/libcgroup.h

install-sh

libcgroup.doxyfile

ltmain.sh

missing

samples

samples/Makefile.am

samples/Makefile.in

samples/cgconfig.conf

samples/cgred.conf

samples/cgrules.conf

scripts

scripts/Makefile.am

scripts/Makefile.in

scripts/init.d

scripts/init.d/cgconfig.in

scripts/init.d/cgred.in

src/Makefile.am

src/Makefile.in

src/api.c

src/config.c

src/daemon

src/daemon/Makefile.am

src/daemon/Makefile.in

src/daemon/cgrulesengd.c

src/daemon/cgrulesengd.h

src/lex.c

src/lex.l

src/libcgroup-internal.h

src/libcgroup.map

src/pam

src/pam/Makefile.am

src/pam/Makefile.in

src/pam/pam_cgroup.c

src/parse.c

src/parse.h

src/parse.y

src/tools

src/tools/Makefile.am

src/tools/Makefile.in

src/tools/cgclassify.c

src/tools/cgclear.c

src/tools/cgconfig.c

src/tools/cgcreate.c

src/tools/cgexec.c

src/tools/cgset.c

src/tools/tools-common.c

src/tools/tools-common.h

src/wrapper.c

tests

tests/Makefile.am

tests/Makefile.in

tests/get_controller.c

tests/get_mount_point.c

tests/libcg_ba.cpp

tests/libcgrouptest.h

tests/libcgrouptest01.c

tests/pathtest.c

tests/pathtest.sh

tests/proctest.c

tests/read_stats.c

tests/runlibcgrouptest.sh

tests/setuid.c

tests/test_functions.c

tests/walk_task.c

tests/walk_test.c

ylwrap

Show diffs side-by-side

added added

removed removed

src/pam/pam_cgroup.c

* Copyright RedHat Inc. 2008

* Author: Vivek Goyal <vgoyal@redhat.com>

* Derived from pam_limits.c. Original Copyright notice follows.

* Copyright (c) Cristian Gafton, 1996-1997, <gafton@redhat.com>

* Redistribution and use in source and binary forms, with or without

* modification, are permitted provided that the following conditions

* are met:

* 1. Redistributions of source code must retain the above copyright

* notice, and the entire permission notice in its entirety,

* including the disclaimer of warranties.

* 2. Redistributions in binary form must reproduce the above copyright

* notice, this list of conditions and the following disclaimer in the

* documentation and/or other materials provided with the distribution.

* 3. The name of the author may not be used to endorse or promote

* products derived from this software without specific prior

* written permission.

* ALTERNATIVELY, this product may be distributed under the terms of

* the GNU Public License, in which case the provisions of the GPL are

* required INSTEAD OF the above restrictions. (This clause is

* necessary due to a potential bad interaction between the GPL and

* the restrictions contained in a BSD-style copyright.)

* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED

* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES

* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE

* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,

* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR

* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,

* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)

* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED

* OF THE POSSIBILITY OF SUCH DAMAGE.

* End of original copyright notice.

* This program is free software; you can redistribute it and/or modify it

* under the terms of version 2.1 of the GNU Lesser General Public License

* as published by the Free Software Foundation.

* This program is distributed in the hope that it would be useful, but

* WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

#include <stdio.h>

#include <unistd.h>

#include <string.h>

#include <ctype.h>

#include <stdlib.h>

#include <errno.h>

#include <syslog.h>

#include <libcgroup.h>

#include <pwd.h>

* Module defines

#define PAM_SM_SESSION

#include <security/pam_modules.h>

#include <security/_pam_macros.h>

#include <security/pam_modutil.h>

#include <security/pam_ext.h>

/* argument parsing */

#define PAM_DEBUG_ARG 0x0001

static int _pam_parse(const pam_handle_t *pamh, int argc, const char **argv)

{

int ctrl = 0;

/* step through arguments */

for (ctrl = 0; argc-- > 0; ++argv) {

if (!strcmp(*argv, "debug"))

ctrl |= PAM_DEBUG_ARG;

else

pam_syslog(pamh, LOG_ERR, "unknown option: %s", *argv);

}

return ctrl;

}

/* now the session stuff */

PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags,

int argc, const char **argv)

{

pid_t pid;

int ctrl, ret;

char *user_name;

100

struct passwd *pwd;

101

102

D(("called."));

103

104

ctrl = _pam_parse(pamh, argc, argv);

105

106

ret = pam_get_item(pamh, PAM_USER, (void *) &user_name);

107

if (user_name == NULL || ret != PAM_SUCCESS) {

108

pam_syslog(pamh, LOG_ERR, "open_session - error recovering"

109

"username");

110

return PAM_SESSION_ERR;

111

}

112

113

pwd = pam_modutil_getpwnam(pamh, user_name);

114

if (!pwd) {

115

if (ctrl & PAM_DEBUG_ARG)

116

pam_syslog(pamh, LOG_ERR, "open_session username"

117

" '%s' does not exist", user_name);

118

return PAM_SESSION_ERR;

119

}

120

121

D(("user name is %s", user_name));

122

123

/* Initialize libcg */

124

ret = cgroup_init();

125

if (ret) {

126

if (ctrl & PAM_DEBUG_ARG)

127

pam_syslog(pamh, LOG_ERR, "libcgroup initialization"

128

" failed");

129

return PAM_SESSION_ERR;

130

}

131

132

D(("Initialized libcgroup successfuly."));

133

134

/* Determine the pid of the task */

135

pid = getpid();

136

137

/* Note: We are using default gid here. Is there a way to determine

138

* under what egid service will be provided?

139

140

ret = cgroup_change_cgroup_uid_gid(pwd->pw_uid, pwd->pw_gid, pid);

141

if (ret) {

142

if (ctrl & PAM_DEBUG_ARG)

143

pam_syslog(pamh, LOG_ERR, "Change of cgroup for process"

144

" with username %s failed.\n", user_name);

145

return PAM_SESSION_ERR;

146

}

147

148

if (ctrl & PAM_DEBUG_ARG)

149

pam_syslog(pamh, LOG_DEBUG, "Changed cgroup for process %d"

150

" with username %s.\n", pid, user_name);

151

152

return PAM_SUCCESS;

153

}

154

155

PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc,

156

const char **argv)

157

{

158

D(("called pam_cgroup close session"));

159

160

/* nothing to do yet */

161

return PAM_SUCCESS;

162

}

Older »