Fix problem with sudo, su, etc. in pam_script scripts

The flat file was overwritten on su, sudo, etc.  Fixed that.

The flat file was removed on exit from su, sudo, etc.  I've
temporarily worked around that by not cleaning up.  Need to do
a better job, but this will let testing continue.

2 files changed, 9 insertions, 2 deletions

diff --git a/pam_script_ses_close b/pam_script_ses_close
index a59664c..a806d2c 100755
--- a/pam_script_ses_close
+++ b/pam_script_ses_close
@@ -55,8 +55,12 @@ file=$dbdir/$sess
    [ "$auid" != "$fauid" -o "$sess" != "$fsess" ] &&
      logger -t $0 "Session $sess mismatch auid $auid,$fauid session $sess,$fsess"
 
-   rm -f $file
+   #OLSON rm -f $file
    }
 
+# OLSON, probably need to gc all files on exit from any, because
+# original PID is always gone, but we don't want to remove on exit
+# from su, sudo, etc.
+
 # always succeed, this should not cause sessions shutdown errors
 exit 0
diff --git a/pam_script_ses_open b/pam_script_ses_open
index 6bdf57e..731e250 100755
--- a/pam_script_ses_open
+++ b/pam_script_ses_open
@@ -54,7 +54,10 @@ fi
 hdir=$(eval echo ~$PAM_USER)
 [ -d "$hdir" ] || /sbin/mkhomedir_helper $PAM_USER
 
-date +"%FT%T.%N%nuser=$PAM_USER%npid=$$%nauid=$auid%nsession=$sess%nhome=$hdir" \
+# don't overwrite if it already exists.  Happens when sudo or su
+# is run from an existing mapped session.
+[ -s $dbdir/$sess ] || \
+   date +"%FT%T.%N%nuser=$PAM_USER%npid=$$%nauid=$auid%nsession=$sess%nhome=$hdir" \
    > $dbdir/$sess
 
 # always succeed, this should not block sessions on errors