diff --git a/sesman/libsesman/verify_user_pam.c b/sesman/libsesman/verify_user_pam.c index b400bb5e2c..ca5136688d 100644 --- a/sesman/libsesman/verify_user_pam.c +++ b/sesman/libsesman/verify_user_pam.c @@ -397,8 +397,8 @@ auth_uds(const char *user, enum scp_login_status *errorcode) /******************************************************************************/ /* returns error */ -int -auth_start_session(struct auth_info *auth_info, int display_num) +static int +auth_start_session_private(struct auth_info *auth_info, int display_num) { int error; char display[256]; @@ -436,6 +436,26 @@ auth_start_session(struct auth_info *auth_info, int display_num) return 0; } +/******************************************************************************/ +/** + * Main routine to start a session + * + * Calls the private routine and logs an additional error if the private + * routine fails + */ +int +auth_start_session(struct auth_info *auth_info, int display_num) +{ + int result = auth_start_session_private(auth_info, display_num); + if (result != 0) + { + LOG(LOG_LEVEL_ERROR, + "Can't start PAM session. See PAM logging for more info"); + } + + return result; +} + /******************************************************************************/ /* returns error */ static int diff --git a/sesman/libsesman/verify_user_pam_userpass.c b/sesman/libsesman/verify_user_pam_userpass.c index 349d811145..9a6f657c2c 100644 --- a/sesman/libsesman/verify_user_pam_userpass.c +++ b/sesman/libsesman/verify_user_pam_userpass.c @@ -207,8 +207,8 @@ auth_uds(const char *user, enum scp_login_status *errorcode) /******************************************************************************/ /* returns error */ -int -auth_start_session(struct auth_info *auth_info, int display_num) +static int +auth_start_session_private(struct auth_info *auth_info, int display_num) { int error; char display[256]; @@ -246,6 +246,26 @@ auth_start_session(struct auth_info *auth_info, int display_num) return 0; } +/******************************************************************************/ +/** + * Main routine to start a session + * + * Calls the private routine and logs an additional error if the private + * routine fails + */ +int +auth_start_session(struct auth_info *auth_info, int display_num) +{ + int result = auth_start_session_private(auth_info, display_num); + if (result != 0) + { + LOG(LOG_LEVEL_ERROR, + "Can't start PAM session. See PAM logging for more info"); + } + + return result; +} + /******************************************************************************/ /* returns error */ static int diff --git a/sesman/sesexec/session.c b/sesman/sesexec/session.c index 6836d5c47d..900b394333 100644 --- a/sesman/sesexec/session.c +++ b/sesman/sesexec/session.c @@ -568,7 +568,12 @@ session_start_wrapped(struct login_info *login_info, int window_manager_pid; enum scp_screate_status status = E_SCP_SCREATE_GENERAL_ERROR; - auth_start_session(login_info->auth_info, s->display); + if (auth_start_session(login_info->auth_info, s->display) != 0) + { + // Errors are logged by the auth module, as they are + // specific to that module + return E_SCP_SCREATE_GENERAL_ERROR; + } #ifdef USE_BSD_SETLOGIN /** * Create a new session and process group since the 4.4BSD