summaryrefslogtreecommitdiff
path: root/src/login/logind-user.c
AgeCommit message (Collapse)Author
2013-07-02logind: after deserializatio readd systemd units to unit-to-object hashmap ↵Lennart Poettering
correctly
2013-07-02machined: split out machine registration stuff from logindLennart Poettering
Embedded folks don't need the machine registration stuff, hence it's nice to make this optional. Also, I'd expect that machinectl will grow additional commands quickly, for example to join existing containers and suchlike, hence it's better keeping that separate from loginctl.
2013-07-02logind: port over to use scopes+slices for all cgroup stuffLennart Poettering
In order to prepare things for the single-writer cgroup scheme, let's make logind use systemd's own primitives for cgroup management. Every login user now gets his own private slice unit, in which his sessions live in a scope unit each. Also, add user@$UID.service to the same slice, and implicitly start it on first login.
2013-06-27core: general cgroup reworkLennart Poettering
Replace the very generic cgroup hookup with a much simpler one. With this change only the high-level cgroup settings remain, the ability to set arbitrary cgroup attributes is removed, so is support for adding units to arbitrary cgroup controllers or setting arbitrary paths for them (especially paths that are different for the various controllers). This also introduces a new -.slice root slice, that is the parent of system.slice and friends. This enables easy admin configuration of root-level cgrouo properties. This replaces DeviceDeny= by DevicePolicy=, and implicitly adds in /dev/null, /dev/zero and friends if DeviceAllow= is used (unless this is turned off by DevicePolicy=).
2013-06-20logind: add infrastructure to keep track of machines, and move to slicesLennart Poettering
- This changes all logind cgroup objects to use slice objects rather than fixed croup locations. - logind can now collect minimal information about running VMs/containers. As fixed cgroup locations can no longer be used we need an entity that keeps track of machine cgroups in whatever slice they might be located. Since logind already keeps track of users, sessions and seats this is a trivial addition. - nspawn will now register with logind and pass various bits of metadata along. A new option "--slice=" has been added to place the container in a specific slice. - loginctl gained commands to list, introspect and terminate machines. - user.slice and machine.slice will now be pulled in by logind.service, since only logind.service requires this slice.
2013-04-22cgroup: make sure all our cgroup objects have a suffix and are properly escapedLennart Poettering
Session objects will now get the .session suffix, user objects the .user suffix, nspawn containers the .nspawn suffix. This also changes the user cgroups to be named after the numeric UID rather than the username, since this allows us the parse these paths standalone without requiring access to the cgroup file system. This also changes the mapping of instanced units to cgroups. Instead of mapping foo@bar.service to the cgroup path /user/foo@.service/bar we will now map it to /user/foo@.service/foo@bar.service, in order to ensure that all our objects are properly suffixed in the tree.
2013-04-15core: always create /user and /machine top-level cgroup dirsLennart Poettering
This allows clients to put inotify watches on these trees to watch for state changes, without having to wait until these dirs are created. This introduces the new top-level /machine cgroup dir as canonical location where OS containers and VMs shall be located (as discussed with the libvirt folks).
2013-02-14honor SELinux labels, when creating and writing config filesHarald Hoyer
Also split out some fileio functions to fileio.c and provide a SELinux aware pendant in fileio-label.c see https://bugzilla.redhat.com/show_bug.cgi?id=881577
2012-09-21logind: check return value, log warning on errorVáclav Pavlín
2012-09-12logind: Add a two new variables to the user session tracking file.Colin Guthrie
This counts 'online sessions' in addition to 'active sessions' and 'sessions'. In this context, an 'online session' covers all session in the 'active' state in addition to the explicit 'online' state. This provides an easy machanism to determin all relevant sessions easily (i.e. those that are not 'closing') and adds new semantics to the sd-login.c APIs sd_uid_get_sessions() and sd_uid_get_seats() where the require_active argument can be supplied as a value 2 which only lists sessions which are 'online'. This functionality should allow client applications to avoid deadlocks where they only exit when all sessions are complete, such as a the problem where PulseAudio will not exit until all sessions are gone, but in itself prevents the session from exiting.
2012-09-12logind: Properly list the ACTIVE_SEATS in the user session tracking file.Colin Guthrie
Prevsiouly the first active seat for a user would never be listed and any subsequent seats would be concatenated on without any spaces.
2012-09-12logind: If all user sessions are in closing state, set the overall status to ↵Colin Guthrie
closing. PulseAudio for example will keep a client connection open provided at least one session exists. However, if all sessions are currently in the process of closing, we should flag that as the overall state appropriately to better reflect what is happening. Although this does better reflect the status for any given user, it does not actually solve the overall problem of PulseAudio still finding some sessions active and thus not exiting and therefore actually preventing the session from closing. Future commits will extend sd-login to cope with this situation.
2012-07-26log.h: new log_oom() -> int -ENOMEM, use itShawn Landden
also a number of minor fixups and bug fixes: spelling, oom errors that didn't print errors, not properly forwarding error codes, few more consistency issues, et cetera
2012-07-25use "Out of memory." consistantly (or with "\n")Shawn Landden
glibc/glib both use "out of memory" consistantly so maybe we should consider that instead of this. Eliminates one string out of a number of binaries. Also fixes extra newline in udev/scsi_id
2012-06-19login: initialize XDG_RUNTIME_DIR as /run/user/$UID instead of /run/user/$USERLennart Poettering
The sssd folks would like to place the kerberos credential cache in XDG_RUNTIME_DIR, but need to do that in the PAM auth hooks, before pam_systemd is run as part of the PAM session setup. Hence, in order to make this easy for them: avoid usage of usernames, and use user IDs instead thus making an additional NSS lookup unnecessary in the kerberos bits, but still have the directory well-defined so that the kerberos bits can determine it before pam_systemd is run.
2012-05-31logind: add new user state 'closing'Lennart Poettering
2012-05-31logind: properly clean up user cgroups when they run emptyLennart Poettering
2012-05-31mkdir: append _label to all mkdir() calls that explicitly set the selinux ↵Kay Sievers
context
2012-05-22logind: fix write out of user state fileLennart Poettering
2012-04-12relicense to LGPLv2.1 (with exceptions)Lennart Poettering
We finally got the OK from all contributors with non-trivial commits to relicense systemd from GPL2+ to LGPL2.1+. Some udev bits continue to be GPL2+ for now, but we are looking into relicensing them too, to allow free copy/paste of all code within systemd. The bits that used to be MIT continue to be MIT. The big benefit of the relicensing is that closed source code may now link against libsystemd-login.so and friends.
2012-04-10rename basic.la to shared.la and put selinux deps in shared-selinx.laKay Sievers
Only 34 of 74 tools need libselinux linked, and libselinux is a pain with its unconditional library constructor.
2012-01-18logind: simplify session_activate() a bitLennart Poettering
2012-01-16logind: downgrade login message to debugMichal Schmidt
The messages make people nervous. https://bugzilla.redhat.com/show_bug.cgi?id=727315
2011-12-31logind: move logind into its own subdirectoryLennart Poettering