pwrap: Set up a pthread_atfork() handler to not delete or config directory

[pam_wrapper.git] / src / pam_wrapper.c

diff --git a/src/pam_wrapper.c b/src/pam_wrapper.c
index 8965ce8bd1721bc62f0e508082ac8a7ee9eb97a9..a02523b0cd5273fdc3b1202ed3596d3f12e96194 100644 (file)
--- a/src/pam_wrapper.c
+++ b/src/pam_wrapper.c
@@ -36,6 +36,8 @@
 #include <limits.h>
 #include <ctype.h>
 
+#include <pthread.h>
+
 #include <ftw.h>
 
 #ifdef HAVE_SECURITY_PAM_APPL_H
@@ -1220,6 +1222,8 @@ static int pwrap_pam_start(const char *service_name,
                           const struct pam_conv *pam_conversation,
                           pam_handle_t **pamh)
 {
+       pwrap_init();
+
        PWRAP_LOG(PWRAP_LOG_TRACE,
                  "pam_start service=%s, user=%s",
                  service_name,
@@ -1769,8 +1773,41 @@ int cannot_audit(int x)
  * CONSTRUCTOR
  ***************************/
 
+/*
+ * Handler executed before fork(2) processing starts.
+ */
+static void pwrap_thread_prepare(void)
+{
+}
+
+/*
+ * Handler that is executed in the parent process after fork(2) processing
+ * completes.
+ */
+static void pwrap_thread_parent(void)
+{
+}
+
+/*
+ * Handler that is executed in the child process after fork(2) processing
+ * completes.
+ */
+static void pwrap_thread_child(void)
+{
+       pwrap.initialised = false;
+}
+
 void pwrap_constructor(void)
 {
+       /*
+       * If we hold a lock and the application forks, then the child
+       * is not able to unlock the mutex and we are in a deadlock.
+       * This should prevent such deadlocks.
+       */
+       pthread_atfork(&pwrap_thread_prepare,
+                      &pwrap_thread_parent,
+                      &pwrap_thread_child);
+
        /*
         * Here is safe place to call pwrap_init() and initialize data
         * for main process.