← Back to branch summary

~ubuntu-branches/ubuntu/trusty/ecryptfs-utils/trusty

« back to all changes in this revision

Viewing changes to src/pam_ecryptfs/pam_ecryptfs.c

  • Committer: Bazaar Package Importer
  • Author(s): Daniel Baumann
  • Date: 2008-07-16 20:34:00 UTC
  • mfrom: (14 intrepid)
  • mto: (8.2.1 lenny)
  • mto: This revision was merged to the branch mainline in revision 17.
  • Revision ID: james.westby@ubuntu.com-20080716203400-808umbdva8ej0f1t
Tags: 50-4
* Adding /usr/lib/libecryptfs.so.0.0 symlink.
* Moving /lib/security/pam_ecryptfs.so and /usr/lib/ecryptfs/*.so from
  libecryptfs0 to ecryptfs-utils.

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/pam_ecryptfs/pam_ecryptfs.c
39
39
#include "config.h"
40
40
#include "../include/ecryptfs.h"
41
41
 
 
42
#define PRIVATE_DIR "Private"
 
43
 
42
44
static void error(const char *msg)
43
45
{
44
46
        syslog(LOG_ERR, "errno = [%i]; strerror = [%s]\n", errno,
187
189
        return PAM_SUCCESS;
188
190
}
189
191
 
 
192
static struct passwd *fetch_pwd(pam_handle_t *pamh)
 
193
{
 
194
        long rc;
 
195
        const char *username = NULL;
 
196
        struct passwd *pwd = NULL;
 
197
 
 
198
        rc = pam_get_user(pamh, &username, NULL);
 
199
        if (rc != PAM_SUCCESS || username == NULL) {
 
200
                syslog(LOG_ERR, "Error getting passwd info for user [%s]; "
 
201
                                "rc = [%ld]\n", username, rc);
 
202
                return NULL;
 
203
        }
 
204
        pwd = getpwnam(username);
 
205
        if (pwd == NULL) {
 
206
                syslog(LOG_ERR, "Error getting passwd info for user [%s]; "
 
207
                                "rc = [%ld]\n", username, rc);
 
208
                return NULL;
 
209
        }
 
210
        return pwd;
 
211
}
 
212
 
 
213
static int private_dir(pam_handle_t *pamh, int mount)
 
214
{
 
215
        int rc;
 
216
        struct passwd *pwd = NULL;
 
217
        char *sigfile = NULL;
 
218
        struct stat s;
 
219
        pid_t pid;
 
220
        struct utmp *u;
 
221
        int count = 0;
 
222
 
 
223
        if ((pwd = fetch_pwd(pamh)) == NULL) {
 
224
                /* fetch_pwd() logged a message */
 
225
                return 1;
 
226
        }
 
227
        if (
 
228
            (asprintf(&sigfile, "%s/.ecryptfs/%s.sig", pwd->pw_dir, 
 
229
             PRIVATE_DIR) < 0) || sigfile == NULL) {
 
230
                syslog(LOG_ERR, "Error allocating memory for sigfile name");
 
231
                return 1;
 
232
        }
 
233
        if (stat(sigfile, &s) != 0) {
 
234
                syslog(LOG_ERR, "Error allocating memory for sigfile name");
 
235
                return 1;
 
236
        }
 
237
        if (!S_ISREG(s.st_mode)) {
 
238
                /* No sigfile, no need to mount private dir */
 
239
                goto out;
 
240
        }
 
241
        if ((pid = fork()) < 0) {
 
242
                syslog(LOG_ERR, "Error setting up private mount");
 
243
                return 1;
 
244
        } 
 
245
        if (pid == 0) {
 
246
                if (mount == 1) {
 
247
                        /* run mount.ecryptfs_private as the user */
 
248
                        setresuid(pwd->pw_uid, pwd->pw_uid, pwd->pw_uid);
 
249
                        execl("/sbin/mount.ecryptfs_private", 
 
250
                              "mount.ecryptfs_private", NULL);
 
251
                } else {
 
252
                        /* run umount.ecryptfs_private as the user */
 
253
                        setresuid(pwd->pw_uid, pwd->pw_uid, pwd->pw_uid);
 
254
                        execl("/sbin/umount.ecryptfs_private", 
 
255
                              "umount.ecryptfs_private", NULL);
 
256
                }
 
257
                return 1;
 
258
        } else {
 
259
                wait(&rc);
 
260
                syslog(LOG_INFO, 
 
261
                       "Mount of private directory return code [%d]", rc);
 
262
                goto out;
 
263
        }
 
264
out:
 
265
        return 0;
 
266
}
 
267
 
 
268
static int mount_private_dir(pam_handle_t *pamh)
 
269
{
 
270
        return private_dir(pamh, 1);
 
271
}
 
272
 
 
273
static int umount_private_dir(pam_handle_t *pamh)
 
274
{
 
275
        return private_dir(pamh, 0);
 
276
}
 
277
 
190
278
PAM_EXTERN int
191
279
pam_sm_open_session(pam_handle_t *pamh, int flags,
192
280
                    int argc, const char *argv[])
193
281
{
 
282
        mount_private_dir(pamh);
194
283
        return PAM_SUCCESS;
195
284
}
196
285
 
198
287
pam_sm_close_session(pam_handle_t *pamh, int flags,
199
288
                     int argc, const char *argv[])
200
289
{
 
290
        umount_private_dir(pamh);
201
291
        return PAM_SUCCESS;
202
292
}
203
293