summaryrefslogtreecommitdiff
path: root/src/login/logind-dbus.c
AgeCommit message (Collapse)Author
2013-09-17logind: add session controllersDavid Herrmann
A session usually has only a single compositor or other application that controls graphics and input devices on it. To avoid multiple applications from hijacking each other's devices or even using the devices in parallel, we add session controllers. A session controller is an application that manages a session. Specific API calls may be limited to controllers to avoid others from getting unprivileged access to restricted resources. A session becomes a controller by calling the RequestControl() dbus API call. It can drop it via ReleaseControl(). logind tracks bus-names to release the controller once an application closes the bus. We use the new bus-name tracking to do that. Note that during ReleaseControl() we need to check whether some other session also tracks the name before we remove it from the bus-name tracking list. Currently, we only allow one controller at a time. However, the public API does not enforce this restriction. So if it makes sense, we can allow multiple controllers in parallel later. Or we can add a "scope" parameter, which allows a different controller for graphics-devices, sound-devices and whatever you want. Note that currently you get -EBUSY if there is already a controller. You can force the RequestControl() call (root-only) to drop the current controller and recover the session during an emergency. To recover a seat, this is not needed, though. You can simply create a new session or force-activate it. To become a session controller, a dbus caller must either be root or the same user as the user of the session. This allows us to run a session compositor as user and we no longer need any CAP_SYS_ADMIN.
2013-09-17logind: add infrastructure to watch busnamesDavid Herrmann
If we want to track bus-names to allow exclusive resource-access, we need a way to get notified when a bus-name is gone. We make logind watch for NameOwnerChanged dbus events and check whether the name is currently watched. If it is, we remove it from the watch-list (notification for other objects can be added in follow-up patches).
2013-09-16Verify validity of session name when received from outsideZbigniew Jędrzejewski-Szmek
Only ASCII letters and digits are allowed.
2013-08-13logind: restore logic to kill user processes when session endsLennart Poettering
2013-07-30logind: make sure login sessions are terminated with SIGHUPLennart Poettering
bash ignores SIGTERM, and can only be terminated cleanly via SIGHUP. Hence make sure that we the scope unit for the session is created with SendSIGHUP enabled.
2013-07-26logind: update the session state file before we send out the CreateSession() ↵Lennart Poettering
reply https://bugs.freedesktop.org/show_bug.cgi?id=67273
2013-07-26logind: update state file after generating the session fifo, not beforeLennart Poettering
https://bugs.freedesktop.org/show_bug.cgi?id=67273
2013-07-10user-sessions: rely on PID 1 to kill sessionsLennart Poettering
As we want to centralized cgroup access we should stop killing the user sessions directly from the systemd-user-sessions service. Instead, rely on PID 1 doing this by adding the right ordering dependencies to the session scope units.
2013-07-10logind: don't misunderstand UnitRemoved signals during reloadingLennart Poettering
When PID 1 reloads the units logind/machined will see UnitRemoved signals for all units. Instead of trusting these immediately, let's check the actual unit state before considering a unit gone, so that reloading PID 1 is not mistaken as the end of all sessions.
2013-07-10core: serialize/deserialize bus subscribersLennart Poettering
2013-07-03logind/machined: properly notice when units are gc'edLennart Poettering
2013-07-02login: pass correct boolean type to libdbusLennart Poettering
2013-07-02machined: sync to /run after job completedLennart Poettering
2013-07-02machined: split out machine registration stuff from logindLennart Poettering
Embedded folks don't need the machine registration stuff, hence it's nice to make this optional. Also, I'd expect that machinectl will grow additional commands quickly, for example to join existing containers and suchlike, hence it's better keeping that separate from loginctl.
2013-07-02logind: port over to use scopes+slices for all cgroup stuffLennart Poettering
In order to prepare things for the single-writer cgroup scheme, let's make logind use systemd's own primitives for cgroup management. Every login user now gets his own private slice unit, in which his sessions live in a scope unit each. Also, add user@$UID.service to the same slice, and implicitly start it on first login.
2013-06-20logind: add infrastructure to keep track of machines, and move to slicesLennart Poettering
- This changes all logind cgroup objects to use slice objects rather than fixed croup locations. - logind can now collect minimal information about running VMs/containers. As fixed cgroup locations can no longer be used we need an entity that keeps track of machine cgroups in whatever slice they might be located. Since logind already keeps track of users, sessions and seats this is a trivial addition. - nspawn will now register with logind and pass various bits of metadata along. A new option "--slice=" has been added to place the container in a specific slice. - loginctl gained commands to list, introspect and terminate machines. - user.slice and machine.slice will now be pulled in by logind.service, since only logind.service requires this slice.
2013-05-06systemd-sleep: add support for freeze and standbyZbigniew Jędrzejewski-Szmek
A new config file /etc/systemd/sleep.conf is added. It is parsed by systemd-sleep and logind. The strings written to /sys/power/disk and /sys/power/state can be configured. This allows people to use different modes of suspend on systems with broken or special hardware. Configuration is shared between systemd-sleep and logind to enable logind to answer the question "can the system be put to sleep" as correctly as possible without actually invoking the action. If the user configured systemd-sleep to only use 'freeze', but current kernel does not support it, logind will properly report that the system cannot be put to sleep. https://bugs.freedesktop.org/show_bug.cgi?id=57793 https://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=7e73c5ae6e7991a6c01f6d096ff8afaef4458c36 http://lists.freedesktop.org/archives/systemd-devel/2013-February/009238.html SYSTEM_CONFIG_FILE and USER_CONFIG_FILE defines were removed since they were used in only a few places and with the addition of /etc/systemd/sleep.conf it becomes easier to just append the name of each file to the dir name.
2013-04-24logind: don't busy loop if a job is still running but the delay timeout expiresLennart Poettering
2013-04-19logind-dbus: initialize result variableLukas Nykryn
2013-04-18move _cleanup_ attribute in front of the typeHarald Hoyer
http://lists.freedesktop.org/archives/systemd-devel/2013-April/010510.html
2013-04-18Move bus_error to dbus-common and remove bus_error_message_or_strerrorSimon Peeters
bus_error and bus_error_message_or_strerror dit almost exactly the same, so use only one of them and place it in dbus-common.
2013-04-16nspawn: introduce the new /machine/ tree in the cgroup tree and move ↵Lennart Poettering
containers there Containers will now carry a label (normally derived from the root directory name, but configurable by the user), and the container's root cgroup is /machine/<label>. This label is called "machine name", and can cover both containers and VMs (as soon as libvirt also makes use of /machine/). libsystemd-login can be used to query the machine name from a process. This patch also includes numerous clean-ups for the cgroup code.
2013-04-16logind: filter configured cgroup controller listsLennart Poettering
2013-04-15Fix spelling errors using 'codespell' toolAnatol Pomozov
2013-04-09logind: introduce an explicit session class for cronjobs and similarLennart Poettering
cronjobs are neither interactive user session, nor lock screens, nor login screens, hence they should get their own class.
2013-04-03util: rename write_one_line_file() to write_string_file()Lennart Poettering
You can write much more than just one line with this call (and we frequently do), so let's correct the naming.
2013-03-18logind: exploit previous cleanups and simplify returnsZbigniew Jędrzejewski-Szmek
2013-03-18logind: Make more use of cleanup macrosColin Walters
2013-03-05logind: when registering a new session always use previous session info from ↵Lennart Poettering
cgroup path rather than audit Previously for cases like "su" or "sudo" where a session is attempted to be created from within an existing one we used the audit session ID to detect this and in such a case we simple returned the session data of the original session a second time. With this change we will now use the cgroup path of the calling path to determine the old session, i.e. we only rely on our own session identification scheme, instead of audits. We will continue to keep the audit session ID and ours in sync however, to avoid unnecessary confusion.
2013-02-22systemctl: make shutdown operations use irreversible jobsMichal Schmidt
Occasionally people report problem with reboot/poweroff operations hanging in the middle. One known cause is when a new transaction to start a unit is enqueued while the shutdown is going on. The start of the unit conflicts with the shutdown jobs, so they get cancelled. The failure case can be quite unpleasant, becase getty and sshd may already be stopped. Fix it by using irreversible jobs for shutdown (reboot/poweroff/...) actions. This applies to commands like "reboot", "telinit 6", "systemctl reboot". Should someone desire to use reversible jobs, they can say "systemctl start reboot.target".`
2013-02-14honor SELinux labels, when creating and writing config filesHarald Hoyer
Also split out some fileio functions to fileio.c and provide a SELinux aware pendant in fileio-label.c see https://bugzilla.redhat.com/show_bug.cgi?id=881577
2013-01-25logind: rework delay inhibition logicLennart Poettering
- Don't allow any locks to be taken while we are in the process of executing the specific operation, so that apps are not surprised if a suspend/shutdown happens while they rely on their inhibitor. - Get rid of the Resumed signal, it was a bad idea, and redundant due to PrepareForSleep(false), see below. - Always send out PrepareFor{Shutdown,Sleep} signals, instead of only if a delay lock is taken. - Move PrepareForSleep(false) after we come back from the suspend, so that apps can use this as "Resumed" notification. This also has the benefit that apps know when to take a new lock.
2013-01-24logind: add UnlockSessions() clal to complement LockSessions()Lennart Poettering
2013-01-24logind: send Resumed() signal after we come back from ↵Lennart Poettering
suspend/hibernate/hybrid-sleep This allows clients to get asynchronous notifications for user-requested suspend/hibernate cycles. Kernel-triggered automatic suspending is not covered.
2013-01-24logind: only allow one shutdown/sleep action to be queued at the same timeLennart Poettering
This should make sure that closing the lid while shutting down won't suspend the machine but will simply cause the shutdown to complete.
2013-01-14logind: ignore non-tty/non-x11 session when checking if there are other ↵Lennart Poettering
sessions before shutting down https://bugzilla.redhat.com/show_bug.cgi?id=890827
2012-12-24logind: add support for automatic suspend/hibernate/shutdown on idleLennart Poettering
2012-11-20dbus-common: Add helper method to handle no-reply messagesColin Walters
[Tested in latest gnome-ostree; if accepted, I'll look at a followup patch which fixes the other dbus_connection_send(reply, ...) calls besides logind] DBus messages can have a flag NO_REPLY associated that means "I don't need a reply". This is for efficiency reasons - for one-off requests that can't return an error, etc. However, it's up to users to manually check dbus_message_get_no_reply() from a message. libdbus will happily send out a reply if you don't. Unfortunately, doing so is not just less efficient - it also triggers a security error, for complex reasons. This is something that will eventually be fixed in dbus, but it's also correct to handle it in client applications. This new helper API is slightly nicer in that you don't have to pass NULL to say you don't want a reply serial for your reply. This patch also tweaks logind to use the API - there are more areas of the code that need this treatment too.
2012-10-30logind: it's OK if a process on an pty requests a session for seat0Lennart Poettering
After all, if a sudo/su inside an X terminal should get added to the same session as the X session itself.
2012-10-30logind: unify all session lock loopLennart Poettering
2012-10-28logind: support for hybrid sleep (i.e. suspend+hibernate at the same time)Lennart Poettering
2012-10-16logind: only release logind session from the PAM module if the same module ↵Lennart Poettering
instance actually created it
2012-10-13log: introduce a macro to format message idZbigniew Jędrzejewski-Szmek
The MESSAGE_ID=... stanza will appear in countless number of places. It is just too long to write it out in full each time. Incidentally, this also fixes a typo of MESSSAGE is three places.
2012-09-21logind: split up HandleSleepKey= into HandleSuspendKey= and HandleHibernateKey=Lennart Poettering
The kernel and X11 distuingish these two, and Thinkpad keys have both, hence we really should distinguish them too.
2012-09-21logind: allow users to override their own suspend/sleep inhibitorsLennart Poettering
2012-09-19logind: rework power key/suspend key/lid switch handlingLennart Poettering
http://lists.freedesktop.org/archives/systemd-devel/2012-September/006604.html https://bugzilla.gnome.org/show_bug.cgi?id=680689 This changes the meaning of the HandlePowerKey=/HandleSleepKey=/HandleLidSwitch= setting of logind.conf
2012-09-18logind: split up inhibit acquire policyLennart Poettering
2012-09-03journal: generate structured journal messages for a number of eventsLennart Poettering
2012-08-08logind: use bus_method_call_with_reply() where posibleSimon Peeters
2012-07-29logind: add LockSessions() call to lock all local sessions at onceLennart Poettering