From c29535bf3977ba97339ae22ecd115782869b5c37 Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Tue, 14 May 2013 09:26:21 +0200 Subject: [PATCH] Don't erroneously exclude users in wtmp or who have been cached Be strict about excluding users that we find in the local passwd file, but far more lenient about excluding users that have either logged in at some point, or been explicitly cached via 'CacheUser' This fixes regressions for users using network authentication via winbind or sssd. https://bugs.freedesktop.org/show_bug.cgi?id=64186 --- src/daemon.c | 43 +++++++++++++++++++++++++++++-------------- 1 file changed, 29 insertions(+), 14 deletions(-) diff --git a/src/daemon.c b/src/daemon.c index c25d39f..11a6f29 100644 --- a/src/daemon.c +++ b/src/daemon.c @@ -77,6 +77,7 @@ static const char *default_excludes[] = { "games", "man", "at", + "gdm", NULL }; @@ -104,7 +105,7 @@ struct DaemonPrivate { PolkitAuthority *authority; }; -typedef struct passwd * (* EntryGeneratorFunc) (GHashTable *, gpointer *); +typedef struct passwd * (* EntryGeneratorFunc) (Daemon *, GHashTable *, gpointer *); static void daemon_accounts_accounts_iface_init (AccountsAccountsIface *iface); @@ -249,7 +250,8 @@ typedef struct { } WTmpGeneratorState; static struct passwd * -entry_generator_wtmp (GHashTable *users, +entry_generator_wtmp (Daemon *daemon, + GHashTable *users, gpointer *state) { GHashTable *login_hash, *logout_hash; @@ -315,6 +317,13 @@ entry_generator_wtmp (GHashTable *users, continue; } + /* + * We're less liberal about excluding users if they've logged in + * Only exclude users in the specific exclusions list. + */ + if (daemon_local_user_is_excluded (daemon, wtmp_entry->ut_user, NULL, NULL)) + continue; + pwent = getpwnam (wtmp_entry->ut_user); if (pwent == NULL) { continue; @@ -392,7 +401,8 @@ entry_generator_wtmp (GHashTable *users, #endif /* HAVE_UTMPX_H */ static struct passwd * -entry_generator_fgetpwent (GHashTable *users, +entry_generator_fgetpwent (Daemon *daemon, + GHashTable *users, gpointer *state) { struct passwd *pwent; @@ -407,10 +417,20 @@ entry_generator_fgetpwent (GHashTable *users, } } - /* Every iteration */ fp = *state; - pwent = fgetpwent (fp); - if (pwent != NULL) { + + /* Every iteration */ + for (;;) { + pwent = fgetpwent (fp); + if (pwent == NULL) + break; + + /* Skip system users... */ + if (daemon_local_user_is_excluded (daemon, pwent->pw_name, pwent->pw_shell, NULL)) { + g_debug ("skipping user: %s", pwent->pw_name); + continue; + } + return pwent; } @@ -421,7 +441,8 @@ entry_generator_fgetpwent (GHashTable *users, } static struct passwd * -entry_generator_cachedir (GHashTable *users, +entry_generator_cachedir (Daemon *daemon, + GHashTable *users, gpointer *state) { struct passwd *pwent; @@ -501,16 +522,10 @@ load_entries (Daemon *daemon, g_assert (entry_generator != NULL); for (;;) { - pwent = entry_generator (users, &generator_state); + pwent = entry_generator (daemon, users, &generator_state); if (pwent == NULL) break; - /* Skip system users... */ - if (daemon_local_user_is_excluded (daemon, pwent->pw_name, pwent->pw_shell, NULL)) { - g_debug ("skipping user: %s", pwent->pw_name); - continue; - } - /* ignore duplicate entries */ if (g_hash_table_lookup (users, pwent->pw_name)) { continue; -- 1.8.2.1