Age | Commit message (Collapse) | Author |
|
|
|
At login there is a small race window where session_get_state() will
return SESSION_ACTIVE instead of SESSION_OPENING. This must be fixed
since during that time there are calls to session_save() to save
session states and we want to write the correct state.
When we queue the start scope and service jobs, we wait for both of them
to finish before calling and continue processing in:
"session_jobs_reply() => session_send_create_reply()"
to create the session fifo and notify clients.
However, in the match_job_removed() D-Bus signal, we may hit situations
where the scope job has successfully finished and we are still waiting
for the user service job to finish. During that time the
"session->scope_job" will be freed and set to NULL, this makes
session_get_state() return SESSION_ACTIVE before it is really active, it
should return SESSION_OPENING since we are still waiting for the service
job to finish in order to create the session fifo.
To fix this, we also check if the session fifo fd was created, if so then
the session has entered the SESSION_ACTIVE state, if not then it is still
in the SESSION_OPENING state and it is waiting for the scope and service
jobs to finish.
|
|
Currently if the user logs out, the GC may never call user_stop(),
this will not terminate the systemd user and (sd-pam) of that user.
To fix this, remove the USER_CLOSING state check that is blocking the
GC from calling user_stop(). Since if user_check_gc() returns false
this means that all the sessions of the user were removed which will
make user_get_state() return USER_CLOSING.
Conclusion: that test will never be statisfied.
So we remove the USER_CLOSING check and replace it with a check inside
user_stop() this way we know that user_stop() has already queued stop
jobs, no need to redo.
This ensures that the GC will get its two steps correctly as pointed out
by Lennart:
http://lists.freedesktop.org/archives/systemd-devel/2014-February/016825.html
Note: this also fixes another bug that prevents creating the user
private dbus socket which will break communications with the user
manager.
|
|
Otherwise we get a (harmless) message like:
systemd-logind[30845]: Failed to process message [type=signal sender=:1.36 path=/org/freedesktop/systemd1/job/4674 interface=org.freedesktop.DBus.Properties member=PropertiesChanged signature=sa{sv}as]: Invalid argument
|
|
KillUserProcesses=yes/no should be ignored when termination is
explicitly requested.
|
|
In function user_get_state() remove the session_is_active() check, just
count on the session_get_state() function to get the correct session
state.
session_is_active() may return true before starting the session scope
and user service, this means it will return true even before the creation
of the session fifo_fd which will produce incorrect states.
So be consistent and just use session_get_state().
|
|
or services) as machine with machined
|
|
|
|
|
|
|
|
|
|
systemd-user-sessions.service
This way at shutdown we can be sure that the sessions go away before the
network.
|
|
The session_send_create_reply() function which notifies clients about
session creation is used for both session and user units. Unify the
shared code in a new function session_jobs_reply().
The session_save() will be called unconditionally on sessions since it
does not make sense to only call it if '!session->started', this will
also allow to update the session state as soon as possible.
|
|
without working cgroup empty notifications there's no need to set the
stop timeout of sessions scopes low
|
|
Simplify the shutdown logic a bit:
- Keep the session FIFO around in the PAM module, even after the session
shutdown hook has been finished. This allows logind to track precisely
when the PAM handler goes away.
- In the ReleaseSession() call start a timer, that will stop terminate
the session when elapsed.
- Never fiddle with the KillMode of scopes to configure whether user
processes should be killed or not. Instead, simply leave the scope
units around when we terminate a session whose processes should not be
killed.
- When killing is enabled, stop the session scope on FIFO EOF or after
the ReleaseSession() timeout. When killing is disabled, simply tell
PID 1 to abandon the scope.
Because the scopes stay around and hence all processes are always member
of a scope, the system shutdown logic should be more robust, as the
scopes can be shutdown as part of the usual shutdown logic.
|
|
Use PID_FMT/USEC_FMT/... in more places.
Also update logind error messages to print the full path to a file that
failed. This should make debugging easier for people who do not know
off the top of their head where logind stores it state.
|
|
This is initialized from XDG_SESSION_DESKTOP and is useful for GNOME
to recognize its own sessions. It's supposed to be set to a short string
identifying the session, such as "kde" or "gnome".
|
|
If the session type/class is set via environment variables, use that,
and otherwise fallback to something that is set via the PAM module
command line.
|
|
|
|
logind considers it an error for a seat other than seat0 to have a
non-zero vtnr for CreateSession
|
|
Compat stuff is moved to src/compat-libs/.
Warnings are issued when programs are linked with the deprecated library.
|
|
A compatibility libsystemd-login library is created which uses
.symver and ifunc magic proposed by Lennart to make programs linked
to the old library name continue to work seamlessly.
Unfortunately the bfd linker crashes:
https://sourceware.org/bugzilla/show_bug.cgi?id=16467
This will be fixed in binutils 2.25.
As a work-around, gold can be used:
LDFLAGS=-Wl,-fuse-ld=gold
Unfortunately the switch to pick the linker appeared in gcc 4.8.
This also doesn't work with LLVM:
http://llvm.org/bugs/show_bug.cgi?id=11897
|
|
logind has no concept of session ordering. Sessions have a unique name,
some attributes about the capabilities and that's already it. There is
currently no stable+total order on sessions. If we use the logind API to
switch between sessions, we are faced with an unordered list of sessions
we have no clue of.
This used to be no problem on seats with VTs or on seats with only a
single active session. However, with the introduction of multi-session
capability for seats without VTs, we need to find a way to order sessions
in a stable way.
This patch introduces session "positions". A position is a simple integer
assigned to a session which is never changed implicitly (currently, we
also don't change it explicitly, but that may be changed someday). For
seats with VTs, we force the position to be the same as the VTnr. Without
VTs, we simply find the lowest unassigned number and use it as position.
If position-assignment fails or if, for any reason, we decide to not
assign a position to a session, the position is set to 0 (which is treated
as invalid position).
During session_load() or if two sessions have the same VTnr, we may end up
with two sessions with the same position (this shouldn't happen, but lets
be fail-safe in case some other part of the stack fails). This case is
dealt with gracefully by ignoring any session but the first session
assigned to the position. Thus, session->pos is a hint, seat->positions[i]
is the definite position-assignment. Always verify both match in case you
need to modify them!
Additionally, we introduce SwitchTo(unsigned int) on the seat-dbus-API.
You can call it with any integer value != 0 and logind will try to switch
to the request position. If you implement a compositor or any other
session-controller, you simply watch for ctrl+alt+F1 to F12 and call
SwitchTo(Fx). logind will figure a way out deal with this number.
For convenience, we also introduce SwitchToNext/Previous(). It should be
called on ctrl+alt+Left/Right (like the kernel-console used to support).
Note that the public API (SwitchTo*()) is *not* bound to the underlying
logic that is implemented now. We don't export "session-positions" on the
dbus/C API! They are an implementation detail. Instead, the SwitchTo*()
API is supposed to be a hint to let logind choose the session-switching
logic. Any foreground session-controller is free to enumerate/order
existing sessions according to their needs and call Session.Activate()
manually. But the SwitchTo*() API provides a uniform behavior across
session-controllers.
Background: Session-switching keys depend on the active keymap. The XKB
specification provides the XKB_KEY_XF86Switch_VT_1-12 key-symbols which
have to be mapped by all keymaps to allow session-switching. It is usually
bound to ctrl+alt+Fx but may be set differently. A compositor passes any
keyboard input to XKB before passing it to clients. In case a key-press
invokes the XKB_KEY_XF86Switch_VT_x action, the keypress is *not*
forwarded to clients, but instead a session-switch is scheduled.
This actually prevents us from handling these keys outside of the session.
If an active compositor has a keymap with a different mapping of these
keys, and logind itself tries to catch these combinations, we end up with
the key-press sent to the compositor's clients *and* handled by logind.
This is *bad* and we must avoid this. The only situation where a
background process is allowed to handle key-presses is debugging and
emergency-keys. In these cases, we don't care for keymap mismatches and
accept the double-event. Another exception is unmapped keys like
PowerOff/Suspend (even though this one is controversial).
|
|
X11 never made use of it anyway and it's probably better to just push
$DISPLAY into the systemd daemon from gnome-session (or equivalent
program) than to change libX11 to look for this socket. In particular
since we won't need this for Wayland anyway and we shouldn't add
infrastructure for stuff that's on its way out anyway.
|
|
|
|
This reverts commit 9130f2128b64de19a3b7d6db7e0d371adfd296c2.
It's too early to do that. For now we should only "break" the
--enable-kdbus case, not the normal one.
|
|
attempt
|
|
It was removed from user@.service, so it should be added here.
|
|
|
|
|
|
|
|
Introduce new call getpeercred() which internally just uses SO_PEERCRED
but checks if the returned data is actually useful due to namespace
quirks.
|
|
|
|
SipHash appears to be the new gold standard for hashing smaller strings
for hashtables these days, so let's make use of it.
|
|
Noticed-by: Jan Alexander Steffens <jan.steffens@gmail.com>
|
|
|
|
where appropriate
|
|
|
|
Commit f8f14b3654bcd introduced a regression that makes
loginctl session-status to not show the correct session ID(s)
In print_session_status_info() the map[] array, element "Seat" receives
the offset of the "id" in "SessionStatusInfo" struct instead of the
offset of the "seat" member.
This will cause prop_map_first_of_struct() function to overwrite the
SessionStatusInfo.id memory with seats if there are any.
Fix this typo by using the "seat" member.
Before:
- tixxdz (1000)
Since: Sat 2013-12-21 10:07:23 CET; 5h 26min ago
Leader: 1265 (sshd)
After:
1 - tixxdz (1000)
Since: Sat 2013-12-21 10:07:23 CET; 5h 26min ago
Leader: 1265 (sshd)
|
|
|
|
1) Instead of checking if we need to print a new line on each iteration,
pass the "new_line" as a pointer to those functions, so they can use
it to check if a new line is needed. This makes the code more consistent
as it is done in other places: machinectl, systemctl...
2) Move the error messages from show_{session|user|seat}() to their
appropriate print_{session|user|seat}_status_info() functions, this will
prevent from logging an error message twice in case show_properties()
fails and it will improve code readability.
3) Also do not ignore error codes on these functions.
|
|
Commit f8f14b3654bcd introduced a regression that makes loginctl ignore
the "--property" option.
This patch fixes the bug, it uses a new show_properties() function to
query and filter properties.
|
|
|
|
useful
|
|
Always use cleanup logic and don't eat up errors returned by libudev
|
|
matches
Instead of checking each device after we got it, check wuth an
enumeration filter instead, to make it more efficient.
|
|
With the current logic, a user will never be garbage-collected, since its
manager will always be around. Change the logic such that a user is
garbage-collected when it has no sessions and linger is disabled.
|
|
udev initialization
Managers shouldn't pick up the devices the manage before udev finished
initialization, hence check explicitly for that.
|
|
Also make thread_local available w/o including <threads.h>.
(as the latter hasn't been implemented, but this part is trivial)
|
|
We really should return errors from event handlers if we have a
continous problem and don't know any other solution.
|