diff options
| author | Martin Pitt <martin.pitt@ubuntu.com> | 2009-02-11 16:30:34 -0500 |
|---|---|---|
| committer | William Jon McCann <jmccann@redhat.com> | 2009-02-11 16:30:34 -0500 |
| commit | a00c329d81be8691e13915ed36f5053bd0f820f3 (patch) | |
| tree | af0967f5fd687927830fdadf1c68453b4a447e7c | |
| parent | 946c2daf3f654475e767ae98e52cbcd69e2c3320 (diff) | |
add "nox11" option to the PAM module
Ignores PAM sessions where PAM_TTY is an X11 display. This allows adding
pam_ck_connector to PAM's "common-session" without interfering
with the already existing ConsoleKit operations in gdm, the
Xsession script, etc.
https://bugs.freedesktop.org/show_bug.cgi?id=16746
| -rw-r--r-- | pam-ck-connector/pam-ck-connector.c | 7 | ||||
| -rw-r--r-- | pam-ck-connector/pam_ck_connector.8 | 4 |
2 files changed, 11 insertions, 0 deletions
diff --git a/pam-ck-connector/pam-ck-connector.c b/pam-ck-connector/pam-ck-connector.c index 4203651..091f4b2 100644 --- a/pam-ck-connector/pam-ck-connector.c +++ b/pam-ck-connector/pam-ck-connector.c @@ -63,6 +63,7 @@ #include "ck-connector.h" static int opt_debug = FALSE; +static int opt_nox11 = FALSE; #ifndef HAVE_PAM_SYSLOG @@ -145,6 +146,8 @@ _parse_pam_args (const pam_handle_t *pamh, for (i = 0; i < argc && argv[i] != NULL; i++) { if (strcmp (argv[i] , "debug") == 0) { opt_debug = TRUE; + } else if (strcmp (argv[i] , "nox11") == 0) { + opt_nox11 = TRUE; } else { ck_pam_syslog (pamh, LOG_ERR, "unknown option: %s", argv[i]); } @@ -276,6 +279,10 @@ pam_sm_open_session (pam_handle_t *pamh, x11_display = NULL; /* interpret any tty with a colon as a DISPLAY */ if (strchr (display_device, ':') != NULL) { + if (opt_nox11) { + ck_pam_syslog (pamh, LOG_WARNING, "nox11 mode, ignoring PAM_TTY %s", display_device); + goto out; + } x11_display = display_device; display_device = ""; } else if (strncmp (_PATH_DEV, display_device, 5) != 0) { diff --git a/pam-ck-connector/pam_ck_connector.8 b/pam-ck-connector/pam_ck_connector.8 index 4a8d4c4..c05f749 100644 --- a/pam-ck-connector/pam_ck_connector.8 +++ b/pam-ck-connector/pam_ck_connector.8 @@ -66,6 +66,10 @@ be properly unregistered. .TP 3n \fBdebug\fR Print debug information. +.TP 3n +\fBnox11\fR +Do not create a session if PAM specifies an X11 display instead of a +/dev/tty terminal. .fi .RE .sp |