Package: gnome-session
Severity: normal
Tags: patch
in a system using pam_mount, it can be important for security that the
user's home directory be unmounted (via pam_close_session()) when they
log out.
However, debian's gnome-session spawns esd at login with a current
working directory (cwd) inherited from gnome-session (which appears to
default to $HOME when using gdm). Since esd lives on in $HOME a
little while after the user exits the session, pam_mount can't unmount
the home directory.
The attached revision of debian/patches/07_kill_esd.diff tells esd to
start up with a cwd of "/" instead of inheriting cwd from
gnome-session. The patch also tells the (hackish-looking)
stop_esd_delayed() function to spawn its "sleep 5 ; kill %i" shell
command with a cwd of "/". This is enough to let pam_mount politely
unmount any mounted homedir.
i'd be happy to hear any thoughts about other ways to do this. When a
session is completed, i think it is important that the default install
leaves *nothing* open in or below a user's home directory. (of
course, if the user nohups something in the background and leaves it
running as they log out, that's their own problem).
Thanks for maintaining GNOME for debian! it's a sharp-looking suite.
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (700, 'testing'), (700, 'stable'), (600, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-1-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
diff -PruN gnome-session-2.8.1.orig/gnome-session/gsm-sound.c gnome-session-2.8.1/gnome-session/gsm-sound.c
--- gnome-session-2.8.1.orig/gnome-session/gsm-sound.c 2002-10-08 05:01:09.000000000 +0200
+++ gnome-session-2.8.1/gnome-session/gsm-sound.c 2004-11-23 17:51:09.000000000 +0100
@@ -11,6 +11,8 @@
#define ENABLE_ESD_KEY "/desktop/gnome/sound/enable_esd"
#define ENABLE_SOUNDS_KEY "/desktop/gnome/sound/event_sounds"
+static GPid esd_pid = 0;
+
static gboolean
esd_enabled (void)
{
@@ -60,11 +62,13 @@
{
GError *err = NULL;
time_t starttime;
+ gchar *argv[] = {ESD_SERVER, "-nobeeps", NULL};
- if (!g_spawn_command_line_async (ESD_SERVER" -nobeeps", &err))
+ if (!g_spawn_async ("/", argv, NULL, 0, NULL, NULL, &esd_pid, &err))
{
g_warning ("Could not start esd: %s\n", err->message);
g_error_free (err);
+ esd_pid = 0;
return;
}
@@ -81,6 +85,19 @@
}
}
+static void
+stop_esd_delayed (void)
+{
+ if (esd_pid)
+ {
+ gchar *command = g_strdup_printf ("sleep 5 ; kill %i", esd_pid);
+ gchar *argv[] = {"/bin/sh", "-c", command, NULL};
+ g_spawn_async ("/", argv, NULL, 0, NULL, NULL, NULL, NULL);
+ esd_pid = 0;
+ g_free (command);
+ }
+}
+
static gboolean
load_login_sample_from (const char *file)
{
@@ -193,5 +210,6 @@
#ifdef HAVE_ESD
if (sound_events_enabled ())
play_trigger ("logout");
+ stop_esd_delayed ();
#endif
}
