From e633be1b9a81cfb7993e469066e50af47f563575 Mon Sep 17 00:00:00 2001 From: William Jon McCann Date: Thu, 3 Apr 2008 22:09:26 -0400 Subject: initial login session id support Linux audit session id support. Still TODO: * determine if session id should be hidden * export to bus * add to event log * figure out how to add it to non-generated sessions --- src/ck-session-leader.c | 1 + src/ck-session.c | 48 +++++++++++++++++++++++++++++++++++ src/ck-session.h | 6 +++++ src/ck-sysdeps-freebsd.c | 9 +++++++ src/ck-sysdeps-linux.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++ src/ck-sysdeps-solaris.c | 9 +++++++ src/ck-sysdeps.h | 2 ++ 7 files changed, 141 insertions(+) (limited to 'src') diff --git a/src/ck-session-leader.c b/src/ck-session-leader.c index 756feac..48df0b8 100644 --- a/src/ck-session-leader.c +++ b/src/ck-session-leader.c @@ -198,6 +198,7 @@ static struct { char *key; CkAddParamFunc func; } parse_ops[] = { + { "login-session-id", add_param_string }, { "display-device", add_param_string }, { "x11-display-device", add_param_string }, { "x11-display", add_param_string }, diff --git a/src/ck-session.c b/src/ck-session.c index d9e32be..52ee2c2 100644 --- a/src/ck-session.c +++ b/src/ck-session.c @@ -58,6 +58,7 @@ struct CkSessionPrivate char *seat_id; char *session_type; + char *login_session_id; char *display_device; char *x11_display_device; char *x11_display; @@ -98,6 +99,7 @@ enum { PROP_DISPLAY_DEVICE, PROP_SESSION_TYPE, PROP_REMOTE_HOST_NAME, + PROP_LOGIN_SESSION_ID, PROP_IS_LOCAL, PROP_ACTIVE, PROP_IDLE_HINT, @@ -497,6 +499,20 @@ ck_session_get_display_device (CkSession *session, return TRUE; } +gboolean +ck_session_get_login_session_id (CkSession *session, + char **login_session_id, + GError **error) +{ + g_return_val_if_fail (CK_IS_SESSION (session), FALSE); + + if (login_session_id != NULL) { + *login_session_id = g_strdup (session->priv->login_session_id); + } + + return TRUE; +} + gboolean ck_session_get_x11_display_device (CkSession *session, char **x11_display_device, @@ -671,6 +687,19 @@ ck_session_set_x11_display_device (CkSession *session, return TRUE; } +gboolean +ck_session_set_login_session_id (CkSession *session, + const char *login_session_id, + GError **error) +{ + g_return_val_if_fail (CK_IS_SESSION (session), FALSE); + + g_free (session->priv->login_session_id); + session->priv->login_session_id = g_strdup (login_session_id); + + return TRUE; +} + gboolean ck_session_set_remote_host_name (CkSession *session, const char *remote_host_name, @@ -732,6 +761,9 @@ ck_session_set_property (GObject *object, case PROP_DISPLAY_DEVICE: ck_session_set_display_device (self, g_value_get_string (value), NULL); break; + case PROP_LOGIN_SESSION_ID: + ck_session_set_login_session_id (self, g_value_get_string (value), NULL); + break; case PROP_UNIX_USER: ck_session_set_unix_user (self, g_value_get_uint (value), NULL); break; @@ -785,6 +817,9 @@ ck_session_get_property (GObject *object, case PROP_DISPLAY_DEVICE: g_value_set_string (value, self->priv->display_device); break; + case PROP_LOGIN_SESSION_ID: + g_value_set_string (value, self->priv->login_session_id); + break; case PROP_UNIX_USER: g_value_set_uint (value, self->priv->uid); break; @@ -974,6 +1009,13 @@ ck_session_class_init (CkSessionClass *klass) "session type", NULL, G_PARAM_READWRITE | G_PARAM_CONSTRUCT)); + g_object_class_install_property (object_class, + PROP_LOGIN_SESSION_ID, + g_param_spec_string ("login-session-id", + "login-session-id", + "login session id", + NULL, + G_PARAM_READWRITE | G_PARAM_CONSTRUCT)); g_object_class_install_property (object_class, PROP_X11_DISPLAY, g_param_spec_string ("x11-display", @@ -1272,6 +1314,12 @@ ck_session_dump (CkSession *session, "type", NONULL_STRING (session->priv->session_type)); } + if (session->priv->login_session_id != NULL && strlen (session->priv->login_session_id) > 0) { + g_key_file_set_string (key_file, + group_name, + "login_session_id", + NONULL_STRING (session->priv->login_session_id)); + } if (session->priv->display_device != NULL && strlen (session->priv->display_device) > 0) { g_key_file_set_string (key_file, group_name, diff --git a/src/ck-session.h b/src/ck-session.h index 8c5c00e..66ca705 100644 --- a/src/ck-session.h +++ b/src/ck-session.h @@ -104,12 +104,18 @@ gboolean ck_session_set_x11_display_device (CkSession *se gboolean ck_session_set_display_device (CkSession *session, const char *device, GError **error); +gboolean ck_session_set_login_session_id (CkSession *session, + const char *login_session_id, + GError **error); gboolean ck_session_set_remote_host_name (CkSession *session, const char *remote_host_name, GError **error); gboolean ck_session_set_session_type (CkSession *session, const char *type, GError **error); +gboolean ck_session_get_login_session_id (CkSession *session, + char **login_session_id, + GError **error); /* Exported methods */ diff --git a/src/ck-sysdeps-freebsd.c b/src/ck-sysdeps-freebsd.c index d7c7c0c..a30c380 100644 --- a/src/ck-sysdeps-freebsd.c +++ b/src/ck-sysdeps-freebsd.c @@ -314,6 +314,15 @@ ck_unix_pid_get_uid (pid_t pid) return uid; } +gboolean +ck_unix_pid_get_login_session_id (pid_t pid, + char **idp) +{ + g_return_val_if_fail (pid > 1, FALSE); + + return FALSE; +} + gboolean ck_get_max_num_consoles (guint *num) { diff --git a/src/ck-sysdeps-linux.c b/src/ck-sysdeps-linux.c index 7dc99f7..09db310 100644 --- a/src/ck-sysdeps-linux.c +++ b/src/ck-sysdeps-linux.c @@ -617,6 +617,72 @@ ck_unix_pid_get_ppid (pid_t pid) return ppid; } +gboolean +ck_unix_pid_get_login_session_id (pid_t pid, + char **idp) +{ + gboolean ret; + gboolean res; + char *path; + char *contents; + gsize length; + GError *error; + char *end_of_valid_ulong; + gulong ulong_value; + + g_return_val_if_fail (pid > 1, FALSE); + + ret = FALSE; + contents = NULL; + + path = g_strdup_printf ("/proc/%u/sessionid", (guint)pid); + + error = NULL; + res = g_file_get_contents (path, + &contents, + &length, + &error); + if (! res) { + g_warning ("Couldn't read %s: %s", path, error->message); + g_error_free (error); + goto out; + } + + if (contents[0] == '\0') { + g_warning ("Couldn't read %s: empty file", path); + goto out; + } + + errno = 0; + ulong_value = strtoul (contents, &end_of_valid_ulong, 10); + + if (*end_of_valid_ulong != '\0') { + goto out; + } + + if (errno == ERANGE) { + g_warning ("Couldn't read %s: %s", path, g_strerror (errno)); + goto out; + } + + /* Will be G_MAXULONG if it isn't set */ + if (ulong_value == G_MAXULONG) { + goto out; + } + + if (idp != NULL) { + *idp = g_strdup_printf ("%lu", (unsigned long int)ulong_value); + } + + ret = TRUE; + + out: + g_free (contents); + g_free (path); + + return ret; +} + gboolean ck_get_max_num_consoles (guint *num) { diff --git a/src/ck-sysdeps-solaris.c b/src/ck-sysdeps-solaris.c index 87bf4fd..cd17bf7 100644 --- a/src/ck-sysdeps-solaris.c +++ b/src/ck-sysdeps-solaris.c @@ -355,6 +355,15 @@ ck_unix_pid_get_ppid (pid_t pid) return ppid; } +gboolean +ck_unix_pid_get_login_session_id (pid_t pid, + char **idp) +{ + g_return_val_if_fail (pid > 1, FALSE); + + return FALSE; +} + gboolean ck_get_max_num_consoles (guint *num) { diff --git a/src/ck-sysdeps.h b/src/ck-sysdeps.h index f0fceb7..c3f3756 100644 --- a/src/ck-sysdeps.h +++ b/src/ck-sysdeps.h @@ -45,6 +45,8 @@ GHashTable *ck_unix_pid_get_env_hash (pid_t pid); pid_t ck_unix_pid_get_ppid (pid_t pid); uid_t ck_unix_pid_get_uid (pid_t pid); +gboolean ck_unix_pid_get_login_session_id (pid_t pid, + char **id); gboolean ck_get_socket_peer_credentials (int socket_fd, -- cgit