If compiled with PAM support xdm dumps core. The problem is in greeter/ . In GreetUser() CloseGreet() is called (there might be other problems with it possibly called twice). After that login is no longer valid but after a successful login the pam session is still running until pam_end is called from session.c. During that time pam_conv can get more callbacks as you can see here: xdm error (pid 70963): DEF_PROMPT_TEXT(w, LOGIN_PROMPT_PASSWORD)='Password: ' (1) xdm error (pid 70963): [Login.c:Initialize:1856] DEF_PROMPT_TEXT(w, 1)='Password: ' xdm error (pid 70963): DEF_PROMPT_TEXT(w, LOGIN_PROMPT_USERNAME)=' Login:' (0) xdm error (pid 70963): [Login.c:Initialize:1858] DEF_PROMPT_TEXT(w, 0)=' Login:' xdm error (pid 70963): [greet.c:GreetUser:506] DEF_PROMPT_TEXT(w, 0)=' Login:' xdm error (pid 70963): [greet.c:GreetUser:508] DEF_PROMPT_TEXT(w, 1)='Password: ' xdm error (pid 70963): pam_msg: PAM_PROMPT_ECHO_ON (2): ' Login:' xdm error (pid 70963): [greet.c:pamconv:737] DEF_PROMPT_TEXT(w, 0)=' Login:' xdm error (pid 70963): [greet.c:pamconv:709] DEF_PROMPT_TEXT(w, 0)=' Login:' xdm error (pid 70963): pam_msg: PAM_PROMPT_ECHO_OFF (1): 'Password:' xdm error (pid 70963): [greet.c:pamconv:737] DEF_PROMPT_TEXT(w, 1)='Password: ' xdm error (pid 70963): [greet.c:GreetUser:586] DEF_PROMPT_TEXT(w, 1)='Password: ' xdm error (pid 70963): Greet loop finished xdm error (pid 70963): [greet.c:pamconv:709] DEF_PROMPT_TEXT(w, 0)='(null)' xdm error (pid 70963): message == NULL, promptNum=0 xdm error (pid 70963): pam_msg: PAM_TEXT_INFO (4): 'Last login: Wed Apr 4 13:23:00 from xxxxxxxxxxxxxxx' xdm error (pid 70963): [greet.c:pamconv:729] DEF_PROMPT_TEXT(w, 1)='(null)' I'll attach with a workaround I have applied locally. I do not think that's a clean solution but might be the easiest.
Created attachment 9475 [details] [review] workaround applied locally to ignore further pam callbacks
I'm also not sure it's the best solution, but it does seem to be an improvement to clear the pointer to the login widget when it's destroyed, and to ensure it's not null before using it in the conversation. I've updated your suggested fix a bit to do that, and will push to git master: commit 5fd44c17ddd18635646d37f8afca1f3e699553bd Author: Alan Coopersmith <alan.coopersmith@sun.com> Date: Tue Mar 16 16:33:48 2010 -0700 Reject PAM conversation calls after login dialog is closed Based on patch suggested by Bjoern A. Zeeb <bzeeb+patch@zabbadoz.net> to fix http://bugs.freedesktop.org/show_bug.cgi?id=10522 Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com> diff --git a/greeter/greet.c b/greeter/greet.c index 1afe2f1..bd23ad3 100644 --- a/greeter/greet.c +++ b/greeter/greet.c @@ -342,6 +342,7 @@ CloseGreet (struct display *d) XSetAccessControl (dpy, DisableAccess); } XtDestroyWidget (toplevel); + login = NULL; /* child of toplevel, which we just destroyed */ ClearCloseOnFork (XConnectionNumber (dpy)); XCloseDisplay (dpy); Debug ("Greet connection closed\n"); @@ -707,6 +708,11 @@ static int pamconv(int num_msg, m = (struct pam_message *)*msg; r = *response; + if (login == NULL) { + status = PAM_CONV_ERR; + goto pam_error; + } + for (i = 0; i < num_msg; i++ , m++ , r++) { char *username; int promptId = 0; Thanks for providing the patch and sorry for taking so long to process.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.