Bug 67708 - PAM can't unmount home directory following logout from 'su -' in special case
PAM can't unmount home directory following logout from 'su -' in special case
Status: CLOSED CURRENTRELEASE
Product: Red Hat Linux
Classification: Retired
Component: sh-utils (Show other bugs)
7.3
All Linux
medium Severity low
: ---
: ---
Assigned To: wdovlrrw
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2002-06-30 05:26 EDT by W. Michael Petullo
Modified: 2007-04-18 12:43 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2004-05-28 14:20:21 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description W. Michael Petullo 2002-06-30 05:26:25 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.5 (X11; Linux i686; U;) Gecko/0

Description of problem:
Please note that I discoverd this bug because I installed some non-Red Hat
supported tools.  Though my example uses these tools to demonstrate the bug, I
still feel it is a bug that should be fixed.

I use the pam_mount PAM module to mount loopback encrypted home directories upon
logging in and unmount them upon logging out.  This works fine except when I use
'su -'.  In this case, the encrypted filesystem is mounted but cannot be
unmounted because su performs a chdir(~).

The chdir() call in su should happen after the fork() so that it does not affect
the parent PAM-controlling process.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
Again, these steps use non-Red Hat supported tools, but I believe the bug is a
bug regardless:

1.  Apply the patch at http://www-2.cs.cmu.edu/~mukesh/hacks.html to pam_mount
(http://pam-mount.conectevil.com/).
2.  Configure to pam_mount to mount a loopback encrypted filesystem for a user,
mike for example.
3.  Log in as another user.
4.  su - mike
5.  <loopback encrypted filesystem is mounted>
6.  exit
	

Actual Results:  Loopback encrypted filesystem is *not* unmounted because the su
process is chdir()ed to ~.  umount says: /home/mike: device is busy.

Expected Results:  Loopback encrypted filesystem should be unmounted.

Additional info:

Here is a small patch which fixes this bug:

--- su.c.orig   Sun Jun 30 10:56:57 2002
+++ su.c        Sun Jun 30 10:56:02 2002
@@ -509,6 +509,9 @@
       char *arg0;
       char *shell_basename;

+      if (chdir (pw->pw_dir))
+        error (0, errno, _("warning: cannot change directory to %s"),
+              pw->pw_dir);
       shell_basename = base_name (shell);
       arg0 = xmalloc (strlen (shell_basename) + 2);
       arg0[0] = '-';
@@ -762,8 +765,6 @@
 #else
   change_identity (pw);
 #endif
-  if (simulate_login && chdir (pw->pw_dir))
-    error (0, errno, _("warning: cannot change directory to %s"), pw->pw_dir);

   run_shell (shell, command, additional_args, pw);
 }
Comment 1 Bernhard Rosenkraenzer 2002-08-29 16:02:05 EDT
Fixed in 2.0.12-3

Note You need to log in before you can comment on or make changes to this bug.