systemd-osi-shell: Fix exit status

author: Luke Shumaker <lukeshu@lukeshu.com> 2018-08-20 02:55:36 -0400
committer: Luke Shumaker <lukeshu@lukeshu.com> 2018-08-20 02:55:36 -0400
commit: 87ea82b6fa74a69b782e962125a42dedec2dfd87 (patch)
tree: dbbc7b2b1ff5e8d993d2cf0c7ce4f1870603784c /osi-mk.d/systemd-osi-shell.sh
parent: 2fd704f86813d10e11473ef6e032371b0ad843df (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/osi-mk.d/systemd-osi-shell.sh b/osi-mk.d/systemd-osi-shell.sh
index 3854325..dc161dc 100644
--- a/osi-mk.d/systemd-osi-shell.sh
+++ b/osi-mk.d/systemd-osi-shell.sh
@@ -27,7 +27,11 @@ systemd-osi-shell:post_install() {
 		KillMode=process
 		IgnoreSIGPIPE=no
 
-		ExecStart=/bin/login -p -f root
+		# We can't use login(1) because it masks the exit status of the shell,
+		# but we want this to be a real local login with PAM, so use su(1),
+		# but trick in in to using login(1)'s PAM config.  We undo this trick by
+		# using nsenter(1) to reset the mount namespace after we've done the PAM stuff.
+		ExecStart=/bin/unshare --mount -- sh -c 'mount --bind /etc/pam.d/login /etc/pam.d/su && exec -- su -c "exec nsenter --mount --target=1 -- bash -l"'
 		StandardInput=tty
 		TTYPath=/dev/ttyS0
 		TTYReset=yes
author	Luke Shumaker <lukeshu@lukeshu.com>	2018-08-20 02:55:36 -0400
committer	Luke Shumaker <lukeshu@lukeshu.com>	2018-08-20 02:55:36 -0400
commit	87ea82b6fa74a69b782e962125a42dedec2dfd87 (patch)
tree	dbbc7b2b1ff5e8d993d2cf0c7ce4f1870603784c /osi-mk.d/systemd-osi-shell.sh
parent	2fd704f86813d10e11473ef6e032371b0ad843df (diff)