On a Linux machine, I was having trouble with a program called kwallet (part of KDE) not starting on login even though I set it up to with PAM, so I checked out the source code to diagnose the problem. It turns out that the program creates a server that listens on a TCP socket bound to a file.
But the problem is, while the socket is a TCP socket when it's first instantiated, as soon as it's bound to the file, it suddenly becomes a UDP socket, so the call to listen on it fails.
Anyone have any idea what's happening here? Do I just have a faulty installation or something?
Here's the relevant code, with some of the lines I added to help diagnose the problem:
static void execute_kwallet(pam_handle_t *pamh, struct passwd *userInfo, int toWalletPipe[2], char *fullSocket)
{
//In the child pam_syslog does not work, using syslog directly
//keep stderr open so socket doesn't returns us that fd
int x = 3;
//Close fd that are not of interest of kwallet
for (; x < 64; ++x) {
if (x != toWalletPipe[0]) {
close (x);
}
}
//This is the side of the pipe PAM will send the hash to
close (toWalletPipe[1]);
//Change to the user in case we are not it yet
if (drop_privileges(userInfo) < 0) {
syslog(LOG_ERR, "%s: could not set gid/uid/euid/egit for kwalletd", logPrefix);
free(fullSocket);
goto cleanup;
}
int envSocket;
if ((envSocket = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
syslog(LOG_ERR, "%s: couldn't create socket", logPrefix);
free(fullSocket);
goto cleanup;
}
int socket_type;
socklen_t optlen;
optlen = sizeof socket_type;
if(getsockopt(envSocket, SOL_SOCKET, SO_TYPE, &socket_type, &optlen) < 0) {
syslog(LOG_INFO, "%s-Couldn't read socket option: %d-%s\n", logPrefix, errno, strerror(errno));
} else {
syslog(LOG_INFO, "%s-Socket type is %d\n", logPrefix, socket_type);
if(socket_type != SOCK_STREAM)
syslog(LOG_INFO, "%s-Socket is not SOCK_STREAM.\n", logPrefix);
}
struct sockaddr_un local;
local.sun_family = AF_UNIX;
if (strlen(fullSocket) > sizeof(local.sun_path)) {
syslog(LOG_ERR, "%s: socket path %s too long to open",
logPrefix, fullSocket);
free(fullSocket);
goto cleanup;
}
strcpy(local.sun_path, fullSocket);
free(fullSocket);
fullSocket = NULL;
unlink(local.sun_path);//Just in case it exists from a previous login
syslog(LOG_DEBUG, "%s: final socket path: %s", logPrefix, local.sun_path);
size_t len = strlen(local.sun_path) + sizeof(local.sun_family);
if (bind(envSocket, (struct sockaddr *)&local, len) == -1) {
syslog(LOG_INFO, "%s-kwalletd: Couldn't bind to local file\n", logPrefix);
goto cleanup;
}
optlen = sizeof socket_type;
if(getsockopt(envSocket, SOL_SOCKET, SO_TYPE, &socket_type, &optlen) < 0) {
syslog(LOG_INFO, "%s-Couldn't read socket option: %d-%s\n", logPrefix, errno, strerror(errno));
} else {
syslog(LOG_INFO, "%s-Socket type is %d\n", logPrefix, socket_type);
if(socket_type != SOCK_STREAM)
syslog(LOG_INFO, "%s-Socket is not SOCK_STREAM.\n", logPrefix);
}
if (listen(envSocket, 5) == -1) {
syslog(LOG_INFO, "%s-kwalletd: Couldn't listen in socket: %d-%s\n", logPrefix, errno, strerror(errno));
goto cleanup;
}
//finally close stderr
close(2);
// Fork twice to daemonize kwallet
setsid();
pid_t pid = fork();
if (pid != 0) {
if (pid == -1) {
exit(EXIT_FAILURE);
} else {
exit(0);
}
}
//TODO use a pam argument for full path kwalletd
char pipeInt[4];
sprintf(pipeInt, "%d", toWalletPipe[0]);
char sockIn[4];
sprintf(sockIn, "%d", envSocket);
char *args[] = {strdup(kwalletd), "--pam-login", pipeInt, sockIn, NULL, NULL};
execve(args[0], args, pam_getenvlist(pamh));
syslog(LOG_ERR, "%s: could not execute kwalletd from %s", logPrefix, kwalletd);
cleanup:
exit(EXIT_FAILURE);
}
And here's the log output:
Oct 12 19:31:28 fuji login[413]: pam_kwallet5-Socket type is 1
Oct 12 19:31:28 fuji login[413]: pam_kwallet5: final socket path: /run/user/1000/kwallet5.socket
Oct 12 19:31:28 fuji login[413]: pam_kwallet5-Socket type is 2
Oct 12 19:31:28 fuji login[413]: pam_kwallet5-Socket is not SOCK_STREAM.
Oct 12 19:31:28 fuji login[413]: pam_kwallet5-kwalletd: Couldn't listen in socket: 95-Operation not supported