summaryrefslogtreecommitdiff
path: root/src/login
AgeCommit message (Collapse)Author
2016-04-21Merge pull request #3005 from keszybz/kill-user-procesesLennart Poettering
Kill user session scope by default
2016-04-21loginctl: show linger status in user-statusZbigniew Jędrzejewski-Szmek
zbyszek (1002) Since: Tue 2016-04-12 23:11:46 EDT; 23min ago State: active Sessions: *3 Linger: yes Unit: user-1002.slice ├─user@1002.service │ └─init.scope │ ├─38 /usr/lib/systemd/systemd --user │ └─39 (sd-pam) └─session-3.scope ├─ 31 login -- zbyszek ├─ 44 -bash ├─15076 loginctl user-status zbyszek └─15077 less
2016-04-21logind: allow any user to request lingeringZbigniew Jędrzejewski-Szmek
We enable lingering for anyone who wants this. It is still disabled by default to avoid keeping long-running processes accidentally. Admins might want to customize this policy on multi-user sites.
2016-04-21logind: make KillOnlyUsers override KillUserProcessesZbigniew Jędrzejewski-Szmek
Instead of KillOnlyUsers being a filter for KillUserProcesses, it can now be used to specify users to kill, independently of the KillUserProcesses setting. Having the settings orthogonal seems to make more sense. It also makes KillOnlyUsers symmetrical to KillExcludeUsers.
2016-04-21build-sys: add --without-kill-user-processes configure optionZbigniew Jędrzejewski-Szmek
2016-04-21logind: flip KillUserProcesses to on by defaultZbigniew Jędrzejewski-Szmek
This ensures that users sessions are properly cleaned up after. The admin can still enable or disable linger for specific users to allow them to run processes after they log out. Doing that through the user session is much cleaner and provides better control. dbus daemon can now be run in the user session (with --enable-user-session, added in 1.10.2), and most distributions opted to pick this configuration. In the normal case it makes a lot of sense to kill remaining processes. The exception is stuff like screen and tmux. But it's easy enough to work around, a simple example was added to the man page in previous commit. In the long run those services should integrate with the systemd users session on their own. https://bugs.freedesktop.org/show_bug.cgi?id=94508 https://github.com/systemd/systemd/issues/2900
2016-04-21logind: reload config on SIGHUPZbigniew Jędrzejewski-Szmek
v2: - fix setting of kill_user_processes and *_ignore_inhibited settings
2016-04-20logind: use type to determine graphical sessions (#3071)Michał Bartoszkiewicz
2016-04-13tree-wide: remove useless NULLs from strjoinaZbigniew Jędrzejewski-Szmek
The coccinelle patch didn't work in some places, I have no idea why.
2016-04-12tree-wide: add new SIGNAL_VALID() macro-like function that validates signal ↵Lennart Poettering
numbers And port all code over to use it.
2016-04-06Merge pull request #2962 from keszybz/value-optionLennart Poettering
Add `--value` option to systemctl and loginctl to only print values
2016-04-04loginctl: add --value optionZbigniew Jędrzejewski-Szmek
2016-04-04systemctl: add --value optionZbigniew Jędrzejewski-Szmek
With this option, systemctl will only print the rhs in show: $ systemctl show -p Wants,After systemd-journald --value systemd-journald.socket ... systemd-journald-dev-log.socket ... This is useful in scripts, because the need to call awk or similar is removed.
2016-03-24logind: fix crash when shutdown is not issued from a ttyMartin Pitt
It's possible that sd_bus_creds_get_tty() fails and thus scheduled_shutdown_tty is NULL in method_schedule_shutdown(). Fix logind_wall_tty_filter() to get along with that, by showing the message on all TTYs, instead of crashing in strcmp(). https://launchpad.net/bugs/1553040
2016-03-22Merge pull request #2844 from yarda/uaccess-3dprintersZbigniew Jędrzejewski-Szmek
Add support for 3D printers to uaccess (ID_3DPRINTER).
2016-03-22Added support for 3D printers to uaccess (ID_MAKER_TOOL)Jaroslav Škarvada
This is to support 3D printers, CNCs, laser cutters, 3D scanners, etc.
2016-03-17rules: allow users to access frame buffer devicesZbigniew Jędrzejewski-Szmek
For example it allows weston to be started unprivileged. Related discussion: https://bugs.freedesktop.org/show_bug.cgi?id=73782 https://lists.freedesktop.org/archives/wayland-devel/2015-May/022005.html https://bugzilla.redhat.com/show_bug.cgi?id=1226680
2016-03-01selinux: always try to load the full selinux dbZbigniew Jędrzejewski-Szmek
https://github.com/systemd/systemd/pull/2508#issuecomment-190901170 Maybe fixes https://bugzilla.redhat.com/show_bug.cgi?id=1308771.
2016-02-26tree-wide: merge pager_open_if_enabled() to the pager_open()Alexander Kuleshov
Many subsystems define own pager_open_if_enabled() function which checks '--no-pager' command line argument and open pager depends on its value. All implementations of pager_open_if_enabled() are the same. Let's merger this function with pager_open() from the shared/pager.c and remove pager_open_if_enabled() from all subsytems to prevent code duplication.
2016-02-15time-util: Rename and fix call of deserialize_timestamp_value()Benjamin Robin
The deserialize_timestamp_value() is renamed timestamp_deserialize() to be more consistent with dual_timestamp_deserialize() And add the NULL check back on realtime and monotonic
2016-02-16logind: use deserialize_timestamp_value()Alexander Kuleshov
which is introduced in the ebf30a086d commit.
2016-02-10tree-wide: remove Emacs lines from all filesDaniel Mack
This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.
2016-02-02logind: load SELinux labelling systemNicolas Iooss
systemd-logind uses mkdir_label and label_fix functions without calling first mac_selinux_init. This makes /run/user/$UID/ directories not labelled correctly on an Arch Linux system using SELinux. Fix this by calling mac_selinux_init("/run") early in systemd-logind. This makes files created in /etc/udev/rules.d and /var/lib/systemd to be labelled through transitions in the SELinux policy instead of using setfscreatecon (with mac_selinux_create_file_prepare).
2016-01-26logind: update documentation for cf7d1a30e44Mantas Mikulėnas
2016-01-25logind,machined: bump TasksMax=Lennart Poettering
Issue #2388 suggests the current TasksMax= setting for user processes is to low. Bump it to 12K. Also, bump the container TasksMax= from 8K to 16K, so that it remains higher than the one for user processes. (Compare: the kernel default limit for processes system-wide is 32K). Fixes #2388
2016-01-20basic/terminal-util: introduce SYSTEMD_COLORS environment variableJan Synacek
... to determine if color output should be enabled. If the variable is not set, fall back to using on_tty(). Also, rewrite existing code to use colors_enabled() where appropriate.
2016-01-18logind: simplify job variable handlingZbigniew Jędrzejewski-Szmek
manager_{start,stop}_{slice,scope,unit} functions had an optional job output parameter. But all callers specified job, so make the parameter mandatory, add asserts. Also extract common job variable handling to a helper function to avoid duplication. Avoids gcc warning about job being unitialized.
2016-01-18logind: do not use an uninitialized variableZbigniew Jędrzejewski-Szmek
We requested various fields using SD_BUS_CREDS_AUGMENT but at least sd_bus_creds_get_tty can fail with ENXIO, not setting the output variable.
2016-01-13tree-wide: check if errno is greater than zero (2)Zbigniew Jędrzejewski-Szmek
Compare errno with zero in a way that tells gcc that (if the condition is true) errno is positive.
2016-01-13tree-wide: check if errno is greater then zeroZbigniew Jędrzejewski-Szmek
gcc is confused by the common idiom of return errno ? -errno : -ESOMETHING and thinks a positive value may be returned. Replace this condition with errno > 0 to help gcc and avoid many spurious warnings. I filed a gcc rfe a long time ago, but it hard to say if it will ever be implemented [1]. Both conventions were used in the codebase, this change makes things more consistent. This is a follow up to bcb161b0230f. [1] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61846
2016-01-12tree-wide: use xsprintf() where applicableDaniel Mack
Also add a coccinelle receipt to help with such transitions.
2015-12-19Fix typo on logind-dbus.cJoost Bremmer
method_schedule_shutdown referenced org.freedesktop.login1.poweroff* which is never registered in polkit. Now refers to org.freedesktop.login1.power-off* Signed-off-by: Joost Bremmer <toost.b@gmail.com>
2015-12-04login: make sure /run/nologin has correct SELinux labelMichal Sekletar
2015-11-27tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easyLennart Poettering
GLIB has recently started to officially support the gcc cleanup attribute in its public API, hence let's do the same for our APIs. With this patch we'll define an xyz_unrefp() call for each public xyz_unref() call, to make it easy to use inside a __attribute__((cleanup())) expression. Then, all code is ported over to make use of this. The new calls are also documented in the man pages, with examples how to use them (well, I only added docs where the _unref() call itself already had docs, and the examples, only cover sd_bus_unrefp() and sd_event_unrefp()). This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we tend to call our destructors these days. Note that this defines no public macro that wraps gcc's attribute and makes it easier to use. While I think it's our duty in the library to make our stuff easy to use, I figure it's not our duty to make gcc's own features easy to use on its own. Most likely, client code which wants to make use of this should define its own: #define _cleanup_(function) __attribute__((cleanup(function))) Or similar, to make the gcc feature easier to use. Making this logic public has the benefit that we can remove three header files whose only purpose was to define these functions internally. See #2008.
2015-11-18tree-wide: sort includes in *.hThomas Hindoe Paaboel Andersen
This is a continuation of the previous include sort patch, which only sorted for .c files.
2015-11-17Merge pull request #1926 from phomes/include-order-libudevDaniel Mack
tree-wide: group include of libudev.h with sd-*
2015-11-17tree-wide: group include of libudev.h with sd-*Thomas Hindoe Paaboel Andersen
2015-11-17tree-wide: make macros for converting fds to pointers and back generic and ↵Lennart Poettering
use them everywhere
2015-11-16tree-wide: sort includesThomas Hindoe Paaboel Andersen
Sort the includes accoding to the new coding style.
2015-11-16login: ignore JobRemoved of old jobsDavid Herrmann
If we requeue jobs, we are no longer interested in old jobs. Hence, we better ignore any JobRemoved signals for old jobs and concentrate on our replacements.
2015-11-16login: make sure to replace existing unitsDavid Herrmann
When queuing unit jobs, we should rather replace existing units than fail. This is especially important when we queued a user-shutdown and a new login is encountered. In this case, we better raplce the shutdown jobs. systemd takes care of everything else.
2015-11-16login: fix re-use of usersDavid Herrmann
If the last reference to a user is released, we queue stop-jobs for the user-service and slice. Only once those are finished, we drop the user-object. However, if a new session is opened before the user object is fully dropped, we currently incorrectly re-use the object. This has the effect, that we get stale sessions without a valid "systemd --user" instance. Fix this by properly allowing user_start() to be called, even if user->stopping is true.
2015-11-16login: group static fields in "struct User"David Herrmann
Make sure to put static fields together in "struct User". This makes it easier to figure out the lifetime of each field.
2015-11-16login: make user->service staticDavid Herrmann
Just like user->slice, there is no reason to store the unit name in /run, nor should we allocate it dynamically on job instantiation/removal. Just keep it statically around at all times and rely on user->started || user->stopping to figure out whether the unit exists or not.
2015-11-16login: make user_new() and user_free() follow coding-styleDavid Herrmann
Few changes to user_new() and user_free(): - Use _cleanup_(user_freep) in constructor - return 'int' from user_new() - make user_free() deal with partially initialized objects - keep reverse-order in user_free() compared to user_new() - make user_free() return NULL - make user_free() accept NULL as no-op
2015-11-16login: keep user->slice constantDavid Herrmann
Currently, we allocate user->slice when starting a slice, but we never release it. This is incompatible if we want to re-use a user object once it was stopped. Hence, make sure user->slice is allocated statically on the user object and use "u->started || u->stopping" as an indication whether the slice is actually available on pid1 or not.
2015-11-16login: simply XDG_RUNTIME_DIR managementDavid Herrmann
Lets not pretend we support changing XDG_RUNTIME_DIR via logind state files. There is no reason to ever write the string into /run, as we allocate it statically based on the UID, anyway. Lets stop that and just allocate the runtime_path in "struct User" at all times. We keep writing it into the /run state to make sure pam_systemd of previous installs can still read it. However, pam_systemd is now fixed to allocate it statically as well, so we can safely remove that some time in the future. Last but not least: If software depends on systemd, they're more than free to assume /run/user/$uid is their runtime dir. Lets not require sane applications to query the environment to get their runtime dir. As long as applications know their login-UID, they should be safe to deduce the runtime dir.
2015-11-16Merge pull request #1886 from poettering/tasks-maxDavid Herrmann
Enable TasksMax by default for all units
2015-11-16logind: change default to UserTasksMax= to 4096Lennart Poettering
2015-11-15machined,logind: be more careful when accepting PIDs and UIDs from clientsLennart Poettering
Always validate first before we start processing the data.