int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc,
const char **argv)
{
const char *PAM_user = NULL;
int ret;
if (!cgm_dbus_connect()) {
mysyslog(LOG_ERR, "Failed to connect to cgmanager\n");
return PAM_SESSION_ERR;
}
if (argc > 1 && strcmp(argv[0], "-c") == 0)
ctrl_list = validate_and_dup(argv[1]);
if (!ctrl_list)
get_active_controllers();
cgm_escape();
ret = pam_get_user(pamh, &PAM_user, NULL);
if (ret != PAM_SUCCESS) {
cgm_dbus_disconnect();
mysyslog(LOG_ERR, "PAM-CGM: couldn't get user\n");
return PAM_SESSION_ERR;
}
ret = handle_login(PAM_user);
cgm_dbus_disconnect();
return ret;
}
/*
* called during cgroup.c:cgroup_ops_init(), at startup. No threads.
* We check whether we can talk to cgmanager, escape to root cgroup if
* we are root, then close the connection.
*/
struct cgroup_ops *cgm_ops_init(void)
{
check_supports_multiple_controllers(-1);
if (!collect_subsytems())
return NULL;
if (api_version < CGM_SUPPORTS_MULT_CONTROLLERS)
cgm_supports_multiple_controllers = false;
// if root, try to escape to root cgroup
if (geteuid() == 0 && !cgm_escape()) {
free_subsystems();
return NULL;
}
return &cgmanager_ops;
}
