summaryrefslogtreecommitdiff
path: root/src/login
AgeCommit message (Collapse)Author
2013-09-11Add pam configuration to allow user sessions to work out of the boxZbigniew Jędrzejewski-Szmek
systemd-logind will start user@.service. user@.service unit uses PAM with service name 'systemd-user' to perform account and session managment tasks. Previously, the name was 'systemd-shared', it is now changed to 'systemd-user'. Most PAM installations use one common setup for different callers. Based on a quick poll, distributions fall into two camps: those that have system-auth (Redhat, Fedora, CentOS, Arch, Gentoo, Mageia, Mandriva), and those that have common-auth (Debian, Ubuntu, OpenSUSE). Distributions that have system-auth have just one configuration file that contains auth, password, account, and session blocks, and distributions that have common-auth also have common-session, common-password, and common-account. It is thus impossible to use one configuration file which would work for everybody. systemd-user now refers to system-auth, because it seems that the approach with one file is more popular and also easier, so let's follow that.
2013-09-11sd-login: add a public accessor for the VT numberGiovanni Campagna
The VT number was already part of the DBus API, but was not exposed in the C API.
2013-08-28logind-session.c: use _cleanup_Zbigniew Jędrzejewski-Szmek
2013-08-28logind: be more verbose on errorsZbigniew Jędrzejewski-Szmek
2013-08-13logind: restore logic to kill user processes when session endsLennart Poettering
2013-07-30logind: make sure login sessions are terminated with SIGHUPLennart Poettering
bash ignores SIGTERM, and can only be terminated cleanly via SIGHUP. Hence make sure that we the scope unit for the session is created with SendSIGHUP enabled.
2013-07-26logind: update the session state file before we send out the CreateSession() ↵Lennart Poettering
reply https://bugs.freedesktop.org/show_bug.cgi?id=67273
2013-07-26logind: update state file after generating the session fifo, not beforeLennart Poettering
https://bugs.freedesktop.org/show_bug.cgi?id=67273
2013-07-19machined: correct how some properties are exported on the busLennart Poettering
2013-07-17logind: remove "if (0)" left-overKay Sievers
2013-07-17logind-acl: use macrosTom Gundersen
Simplify by using FOREACH_DIRENT and _cleanup_closedir_ macros.
2013-07-16logind: apply ACL's to "dead" device nodesTom Gundersen
Based on a patch by Kay Sievers. When a dead device nodes is tagged with "uaccess" using the static_node mechanism, it's ACL's are managed by logind in the same way as "live" device nodes. This allows in particular /dev/snd/{seq,timer} to cause modules to be loaded on-demand when accessed by a non-privileged user.
2013-07-16udev: export tags of "dead" device nodes to /run/udev/static_node-tags/Tom Gundersen
Based on a patch by Kay Sievers. A tag is exported at boot as a symlinks to the device node in the folder /run/udev/static_node-tags/<tagname>/, if the device node exists. These tags are cleaned up by udevadm info --cleanup-db, but are otherwise never removed.
2013-07-15build-sys: discover the path to kexec during build timeZbigniew Jędrzejewski-Szmek
https://bugs.freedesktop.org/show_bug.cgi?id=55248
2013-07-11loginctl: suppress cgroup tree output if cgroup is emptyLennart Poettering
same for machinectl
2013-07-11loginctl: restore cgroup display for status outputLennart Poettering
Same for machinectl.
2013-07-10user-sessions: rely on PID 1 to kill sessionsLennart Poettering
As we want to centralized cgroup access we should stop killing the user sessions directly from the systemd-user-sessions service. Instead, rely on PID 1 doing this by adding the right ordering dependencies to the session scope units.
2013-07-10logind: when creating the scope job fails, return this immediately to the ↵Lennart Poettering
client that wants to register the session Otherwise we'll hanging for the job to finish without any job existing. Similar, for machined.
2013-07-10logind: don't misunderstand UnitRemoved signals during reloadingLennart Poettering
When PID 1 reloads the units logind/machined will see UnitRemoved signals for all units. Instead of trusting these immediately, let's check the actual unit state before considering a unit gone, so that reloading PID 1 is not mistaken as the end of all sessions.
2013-07-10core: serialize/deserialize bus subscribersLennart Poettering
2013-07-05tests: add tests for string lookup tablesZbigniew Jędrzejewski-Szmek
The tests check if the tables have entries for all values in the enum, and that the entries are unique.
2013-07-03build-sys: bump/correct library versionsLennart Poettering
2013-07-03logind/machined: properly notice when units are gc'edLennart Poettering
2013-07-02logind: after deserializatio readd systemd units to unit-to-object hashmap ↵Lennart Poettering
correctly
2013-07-02login: pass correct boolean type to libdbusLennart Poettering
2013-07-02machined: sync to /run after job completedLennart Poettering
2013-07-02machined: split out machine registration stuff from logindLennart Poettering
Embedded folks don't need the machine registration stuff, hence it's nice to make this optional. Also, I'd expect that machinectl will grow additional commands quickly, for example to join existing containers and suchlike, hence it's better keeping that separate from loginctl.
2013-07-02libsystemd-logind: fix detection of session/user/machine of a PIDLennart Poettering
2013-07-02logind: port over to use scopes+slices for all cgroup stuffLennart Poettering
In order to prepare things for the single-writer cgroup scheme, let's make logind use systemd's own primitives for cgroup management. Every login user now gets his own private slice unit, in which his sessions live in a scope unit each. Also, add user@$UID.service to the same slice, and implicitly start it on first login.
2013-06-27core: general cgroup reworkLennart Poettering
Replace the very generic cgroup hookup with a much simpler one. With this change only the high-level cgroup settings remain, the ability to set arbitrary cgroup attributes is removed, so is support for adding units to arbitrary cgroup controllers or setting arbitrary paths for them (especially paths that are different for the various controllers). This also introduces a new -.slice root slice, that is the parent of system.slice and friends. This enables easy admin configuration of root-level cgrouo properties. This replaces DeviceDeny= by DevicePolicy=, and implicitly adds in /dev/null, /dev/zero and friends if DeviceAllow= is used (unless this is turned off by DevicePolicy=).
2013-06-21login: add an api to determine the slice a PID is located in to libsystemd-loginLennart Poettering
2013-06-20logind: uninitialized variableZbigniew Jędrzejewski-Szmek
2013-06-20sd-login: update machine enumeration/notifications APIs for new ↵Lennart Poettering
/run/systemd/machines/
2013-06-20logind: make ListMachines bus call publicLennart Poettering
2013-06-20logind: add infrastructure to keep track of machines, and move to slicesLennart Poettering
- This changes all logind cgroup objects to use slice objects rather than fixed croup locations. - logind can now collect minimal information about running VMs/containers. As fixed cgroup locations can no longer be used we need an entity that keeps track of machine cgroups in whatever slice they might be located. Since logind already keeps track of users, sessions and seats this is a trivial addition. - nspawn will now register with logind and pass various bits of metadata along. A new option "--slice=" has been added to place the container in a specific slice. - loginctl gained commands to list, introspect and terminate machines. - user.slice and machine.slice will now be pulled in by logind.service, since only logind.service requires this slice.
2013-06-19cgls,loginctl,systemctl: fix -lZbigniew Jędrzejewski-Szmek
Fixup for 98a6e13 "journalctl,loginctl,systemctl,systemd-cgls: add -l as alias for --full".
2013-06-17journalctl,loginctl,systemctl,systemd-cgls: add -l as alias for --fullDaniel Albers
https://bugs.freedesktop.org/show_bug.cgi?id=65850
2013-06-10Use stdint.h macros instead of casts to print uint64_t valuesZbigniew Jędrzejewski-Szmek
Casts are visually heavy, and can obscure unwanted truncations.
2013-06-09Allow for the use of @ in remote host callsDaniel Wallace
Without this you have to use %40 with the -H flag because dbus doesn't like the @ sign being unescaped.
2013-05-07login: add missing _public_ to sd_get_machine_names()Lennart Poettering
2013-05-06systemd-sleep: add support for freeze and standbyZbigniew Jędrzejewski-Szmek
A new config file /etc/systemd/sleep.conf is added. It is parsed by systemd-sleep and logind. The strings written to /sys/power/disk and /sys/power/state can be configured. This allows people to use different modes of suspend on systems with broken or special hardware. Configuration is shared between systemd-sleep and logind to enable logind to answer the question "can the system be put to sleep" as correctly as possible without actually invoking the action. If the user configured systemd-sleep to only use 'freeze', but current kernel does not support it, logind will properly report that the system cannot be put to sleep. https://bugs.freedesktop.org/show_bug.cgi?id=57793 https://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=7e73c5ae6e7991a6c01f6d096ff8afaef4458c36 http://lists.freedesktop.org/archives/systemd-devel/2013-February/009238.html SYSTEM_CONFIG_FILE and USER_CONFIG_FILE defines were removed since they were used in only a few places and with the addition of /etc/systemd/sleep.conf it becomes easier to just append the name of each file to the dir name.
2013-05-02Add __attribute__((const, pure, format)) in various placesZbigniew Jędrzejewski-Szmek
I'm assuming that it's fine if a _const_ or _pure_ function calls assert. It is assumed that the assert won't trigger, and even if it does, it can only trigger on the first call with a given set of parameters, and we don't care if the compiler moves the order of calls.
2013-05-01cgls: add --machine/-MZbigniew Jędrzejewski-Szmek
cg_get_machine_path is modified to include the escaped machine name + ".nspawn" if the machine argument is nonnull.
2013-04-25conf-parser: restrict .include usageLennart Poettering
Disallow recursive .include, and make it unavailable in anything but unit files.
2013-04-24login: allow watching virtual machines with sd_get_machine_names()Lennart Poettering
2013-04-24login: add new call sd_get_machine_names() to get a list of current virtual ↵Lennart Poettering
machines and containers
2013-04-24logind: don't busy loop if a job is still running but the delay timeout expiresLennart Poettering
2013-04-24inhbit: show comm field of inhibiting processesLennart Poettering
2013-04-24logind: properly enumerate user/session cgroups under their new suffixed namesLennart Poettering
2013-04-22cgroup: make sure all our cgroup objects have a suffix and are properly escapedLennart Poettering
Session objects will now get the .session suffix, user objects the .user suffix, nspawn containers the .nspawn suffix. This also changes the user cgroups to be named after the numeric UID rather than the username, since this allows us the parse these paths standalone without requiring access to the cgroup file system. This also changes the mapping of instanced units to cgroups. Instead of mapping foo@bar.service to the cgroup path /user/foo@.service/bar we will now map it to /user/foo@.service/foo@bar.service, in order to ensure that all our objects are properly suffixed in the tree.