Overview

File 0004-Move-remaining-salt-file-operations-into-unprivilege.patch of Package pam_kwallet

From 4b7c85cfe41abaf43d36b60973e9a8f441b7d888 Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fabian@ritter-vogt.de>
Date: Thu, 28 Jun 2018 09:52:02 +0200
Subject: [PATCH 4/4] Move remaining salt file operations into unprivileged
 processes

Summary: Otherwise the salt is always recreated on with ~ on NFS with root_squash
as root does not have access.

Test Plan: Not yet, will update once results back.

Reviewers: #plasma, aacid

Subscribers: plasma-devel

Tags: #plasma

Differential Revision: https://phabricator.kde.org/D13776
---
 pam_kwallet.c | 26 +++++++++++++++++---------
 1 file changed, 17 insertions(+), 9 deletions(-)

diff --git a/pam_kwallet.c b/pam_kwallet.c
index 65db960..757fa3a 100644
--- a/pam_kwallet.c
+++ b/pam_kwallet.c
@@ -670,6 +670,14 @@ static void createNewSalt(pam_handle_t *pamh, const char *path, struct passwd *u
             exit(-1);
         }
 
+        // Don't re-create it if it already exists
+        struct stat info;
+        if (stat(path, &info) == 0 &&
+            info.st_size != 0 &&
+            S_ISREG(info.st_mode)) {
+            exit(0);
+        }
+
         unlink(path);//in case the file already exists
 
         char *dir = strdup(path);
@@ -724,6 +732,14 @@ static int readSaltFile(pam_handle_t *pamh, char *path, struct passwd *userInfo,
             exit(-1);
         }
 
+        struct stat info;
+        if (stat(path, &info) != 0 || info.st_size == 0 || !S_ISREG(info.st_mode)) {
+            syslog(LOG_ERR, "%s: Failed to ensure %s looks like a salt file", logPrefix, path);
+            free(path);
+            close(readSaltPipe[1]);
+            exit(-1);
+        }
+
         FILE *fd = fopen(path, "r");
         if (fd == NULL) {
             syslog(LOG_ERR, "%s: Couldn't open file: %s because: %d-%s", logPrefix, path, errno, strerror(errno));
@@ -795,15 +811,7 @@ int kwallet_hash(pam_handle_t *pamh, const char *passphrase, struct passwd *user
     char *path = (char*) malloc(pathSize);
     sprintf(path, "%s/%s/%s", userInfo->pw_dir, kdehome, fixpath);
 
-    if (stat(path, &info) != 0 || info.st_size == 0 || !S_ISREG(info.st_mode)) {
-        createNewSalt(pamh, path, userInfo);
-    }
-
-    if (stat(path, &info) != 0 || info.st_size == 0 || !S_ISREG(info.st_mode)) {
-        syslog(LOG_ERR, "%s: Failed to ensure %s looks like a salt file", logPrefix, path);
-        free(path);
-        return 1;
-    }
+    createNewSalt(pamh, path, userInfo);
 
     char salt[KWALLET_PAM_SALTSIZE] = {};
     const int readSaltSuccess = readSaltFile(pamh, path, userInfo, salt);
-- 
2.17.1
openSUSE Build Service is sponsored by
Places