pam_systemd_home: clean up sd-bus when called about something else's user

acquire_home() takes a reference to a sd-bus object, which the open_session hook cleans on success. But only when handling a user actually owned by homed, it did not clean it up when skipping because it is being invoked on a system user. We need to be careful with sd-bus here as pam_sm_open_session is the last hook before forking, and we want to clean up sd-bus before that happens, or we'll have a broken reference (FDs are cloexec) in the child process, which will then assert when attempting to close them, or leak the bus connection which causes dbus to complain loudly: dbus-daemon[62]: [system] Connection has not authenticated soon enough, closing it (auth_timeout=30000ms, elapsed: 30020ms)
2024-12-26 03:22:00 +03:00 · 2023-04-20 12:58:18 +01:00 · 2023-04-20 12:58:18 +01:00 · db0c0f5e00
commit db0c0f5e00
parent d5ada52fc4
1 changed files with 2 additions and 1 deletions
--- a/src/home/pam_systemd_home.c
+++ b/src/home/pam_systemd_home.c
@ -727,7 +727,7 @@ _public_ PAM_EXTERN int pam_sm_open_session(

        r = acquire_home(handle, /* please_authenticate = */ false, suspend_please, debug);
        if (r == PAM_USER_UNKNOWN) /* Not managed by us? Don't complain. */
-                return PAM_SUCCESS;
+                goto success; /* Need to free the bus resource, as acquire_home() takes a reference. */
        if (r != PAM_SUCCESS)
                return r;

@ -741,6 +741,7 @@ _public_ PAM_EXTERN int pam_sm_open_session(
                return pam_syslog_pam_error(handle, LOG_ERR, r,
                                            "Failed to set PAM environment variable $SYSTEMD_HOME_SUSPEND: @PAMERR@");

+success:
        /* Let's release the D-Bus connection, after all the session might live quite a long time, and we are
         * not going to process the bus connection in that time, so let's better close before the daemon
         * kicks us off because we are not processing anything. */