summaryrefslogtreecommitdiff
path: root/src/login
AgeCommit message (Collapse)Author
2014-09-19login: pause devices before acknowledging VT switchesDavid Herrmann
If a session controller does not need synchronous VT switches, we allow them to pass VT control to logind, which acknowledges all VT switches unconditionally. This works fine with all sessions using the dbus API, but causes out-of-sync device use if we switch to legacy sessions that are notified via VT signals. Those are processed before logind notices the session-switch via sysfs. Therefore, leaving the old session still active for a short amount of time. This, in fact, may cause the legacy session to prepare graphics devices before the old session was deactivated, and thus, maybe causing the old session to interfer with graphics device usage. Fix this by releasing devices immediately before acknowledging VT switches. This way, sessions without VT handlers are required to support async session switching (which they do in that case, anyway).
2014-09-17logind: fix typoRonny Chevalier
2014-09-15hashmap: introduce hash_ops to make struct Hashmap smallerMichal Schmidt
It is redundant to store 'hash' and 'compare' function pointers in struct Hashmap separately. The functions always comprise a pair. Store a single pointer to struct hash_ops instead. systemd keeps hundreds of hashmaps, so this saves a little bit of memory.
2014-09-01login: simplify controller handlingDavid Herrmann
Simplify the way we handler session-controllers and fix several shortcomings: * send ReleaseDevice() signals on forced session takeover * fix mem-leaks for busnames in case VT preparation fails (non-critical) * avoid passing pre-allocated names to helpers
2014-08-31login: fix mem leakThomas Hindoe Paaboel Andersen
2014-08-27login: fix memory-leak on DropController()David Herrmann
Our bus-name watch helpers only remove a bus-name if it's not a controller, anymore. If we call manager_drop_busname() before unregistering the controller, the busname will not be dropped. Therefore, first drop the controller, then drop the bus-name.
2014-08-26logind: add HandleLidSwitchDocked= option to logind.conf + documentationBen Wolsieffer
https://bugs.freedesktop.org/show_bug.cgi?id=82485
2014-08-21notify: send STOPPING=1 from our daemonsLennart Poettering
2014-08-19hashmap: try to use the existing 64bit hash functions for dev_t if it is 64bitLennart Poettering
2014-08-18bus-util: simplify bus_verify_polkit_async() a bitLennart Poettering
First, let's drop the "bus" argument, we can determine it from the message anyway. Secondly, determine the right callback/userdata pair automatically from what is currently is being dispatched. This should simplify things a lot for us, since it makes it unnecessary to pass pointers through the original handlers through all functions when we process messages, which might require authentication.
2014-08-15Merge commit 'b39a2770ba55637da80e2e389222c59dbea73507'Lennart Poettering
2014-08-15sd-bus: add API to check if a client has privilegesLennart Poettering
This is a generalization of the vtable privilege check we already have, but exported, and hence useful when preparing for a polkit change. This will deal with the complexity that on dbus1 one cannot trust the capability field we retrieve via the bus, since it is read via /proc/$$/stat (and thus might be out-of-date) rather than directly from the message (like on kdbus) or bus connection (as for uid creds on dbus1). Also, port over all code to this new API.
2014-08-15sd-bus: Remove bus arg from bus_verify_polkit_async_registry_free()Stef Walter
It's unneccessary, not used, and complicates callers of the function.
2014-08-14logind: add new session type "web" for PAM web clients, such as cockpitLennart Poettering
On request of Stef Walter.
2014-08-13login: share VT-signal handler between sessionsDavid Herrmann
sd-event does not allow multiple handlers for a single signal. However, logind sets up signal handlers for each session with VT_PROCESS set (that is, it has an active controller). Therefore, registering multiple such controllers will fail. Lets make the VT-handler global, as it's mostly trivial, anyway. This way, the sessions don't have to take care of that and we can simply acknowledge all VT-switch requests as we always did.
2014-08-11login: set_controller should fail if prepare_vt failsOlivier Brunel
If controllers can expect logind to have "prepared" the VT (e.g. set it to graphics mode, etc) then TakeControl() should fail if said preparation failed (and session_restore_vt() was called). (David: fixed up !CONFIG_VT case and errno-numbers)
2014-08-04bus: always explicitly close bus from main programsLennart Poettering
Since b5eca3a2059f9399d1dc52cbcf9698674c4b1cf0 we don't attempt to GC busses anymore when unsent messages remain that keep their reference, when they otherwise are not referenced anymore. This means that if we explicitly want connections to go away, we need to close them. With this change we will no do so explicitly wherver we connect to the bus from a main program (and thus know when the bus connection should go away), or when we create a private bus connection, that really should go away after our use. This fixes connection leaks in the NSS and PAM modules.
2014-08-03Unify parse_argv styleZbigniew Jędrzejewski-Szmek
getopt is usually good at printing out a nice error message when commandline options are invalid. It distinguishes between an unknown option and a known option with a missing arg. It is better to let it do its job and not use opterr=0 unless we actually want to suppress messages. So remove opterr=0 in the few places where it wasn't really useful. When an error in options is encountered, we should not print a lengthy help() and overwhelm the user, when we know precisely what is wrong with the commandline. In addition, since help() prints to stdout, it should not be used except when requested with -h or --help. Also, simplify things here and there.
2014-07-31Reject invalid quoted stringsZbigniew Jędrzejewski-Szmek
String which ended in an unfinished quote were accepted, potentially with bad memory accesses. Reject anything which ends in a unfished quote, or contains non-whitespace characters right after the closing quote. _FOREACH_WORD now returns the invalid character in *state. But this return value is not checked anywhere yet. Also, make 'word' and 'state' variables const pointers, and rename 'w' to 'word' in various places. Things are easier to read if the same name is used consistently. mbiebl_> am I correct that something like this doesn't work mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-passwd "Unlock EncFS"' mbiebl_> systemd seems to strip of the quotes mbiebl_> systemctl status shows mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-password Unlock EncFS $RootDir $MountPoint mbiebl_> which is pretty weird
2014-07-29login: update systemd-user PAM configuration fileKay Sievers
2014-07-18Small modernizationsZbigniew Jędrzejewski-Szmek
2014-07-18Be more verbose when bind or listen failsZbigniew Jędrzejewski-Szmek
Also be more verbose in devnode_acl_all().
2014-07-16Let config_parse open file where applicableZbigniew Jędrzejewski-Szmek
Special care is needed so that we get an error message if the file failed to parse, but not when it is missing. To avoid duplicating the same error check in every caller, add an additional 'warn' boolean to tell config_parse whether a message should be issued. This makes things both shorter and more robust wrt. to error reporting.
2014-07-15Constify ConfigTableItem tablesZbigniew Jędrzejewski-Szmek
2014-07-15rules: uaccess - add ID_SOFTWARE_RADIOKay Sievers
On Tue, Jul 15, 2014 at 1:52 PM, Alick Zhao <alick9188@gmail.com> wrote: >>> >>> So maybe ID_SOFTWARE_RADIO ? >> >> Hmm, SDR is more a term for a generic technology than for a device >> class. To me it does not really sound like an administrator would know >> what this is. >> >> What exactly is the device or subsystem you want to make accessible to >> locally logged-in users only? > > Initially it is bladeRF, but many more are of interest: USRP, rtl-sdr, > HackRF, ... [1] > > I agree an administrator might not know what SDR is, since it is > currently still not widely known, and makes sense only for amateurs > and researchers. But as a SDR fan, I see many new SDR peripherals > are created recently, and expect to see more. So a generic ID seems > reasonable to me. > > [1] http://en.wikipedia.org/wiki/List_of_software-defined_radios
2014-07-15rules: consistently use "?*" instead of "*?"Kay Sievers
2014-07-08logind: allow switching to unused VTs via SwitchTo()David Herrmann
If compositors use the new SwitchTo() logic to map F1-F12, we should allow them to switch to unregistered VTs, too. Otherwise, the auto-spawn logic of gettys won't trigger. Reported-by: Jasper St. Pierre <jstpierre@mecheye.net> Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
2014-07-02util: generalize is_localhost() and use it everywhere where applicableLennart Poettering
2014-06-21pam_systemd: replace regex with sym fileKay Sievers
2014-06-21pam_systemd: rename source file to match the moduleKay Sievers
2014-05-22logind: also escape external data when saving to /runLennart Poettering
Better be safe than sorry...
2014-05-19logind: fix Display property of user objectsLennart Poettering
When we dropped support for creating a per-user to the "main" X11 display we stopped returning useful data in the "Display" user property. With this change this is fixed and we again expose an appropriate (graphical session) in the property that is useful as the "main" one, if one is needed.
2014-05-16logind: allow suspending if there are no displaysMantas Mikulėnas
With proprietary graphics drivers, there won't be any 'drm' devices in sysfs, so logind will never suspend the system upon closing the lid, even if only one (internal) display is connected. This has been reported by multiple users so far. IMHO, it's better to suspend the system in this case for safety reasons, to avoid having nvidia blob users' laptops overheat, for the same reason that sleep inhibitors are overridden (LidSwitchIgnoreInhibited=yes).
2014-05-15logind: bring polkit policy for hibernate in line with suspend/poweroff/rebootLennart Poettering
THere's no reason why hibernate should be better protected then suspendor poweroff, so sync the policies.
2014-05-15Remove unnecessary casts in printfsZbigniew Jędrzejewski-Szmek
No functional change expected :)
2014-05-15sd-bus: introduce sd_bus_slot objects encapsulating callbacks or vtables ↵Lennart Poettering
attached to a bus connection This makes callback behaviour more like sd-event or sd-resolve, and creates proper object for unregistering callbacks. Taking the refernce to the slot is optional. If not taken life time of the slot will be bound to the underlying bus object (or in the case of an async call until the reply has been recieved).
2014-05-13replace more dup() by F_DUPFD_CLOEXECLennart Poettering
2014-05-13pam_systemd: use F_DUPFD_CLOEXEC when dupping session fdsLennart Poettering
http://lists.freedesktop.org/archives/systemd-devel/2014-May/019034.html
2014-04-23use new name DRAW_TREE_VERTICALThomas Hindoe Paaboel Andersen
Was renamed in 6b01f1d3911bd7c7eadbb8a3b4375bd3ac05c98f
2014-04-23login: rename session_mute_vt() to session_prepare_vt()David Herrmann
This function is no longer just about muteing the VT. We do all kinds of VT setup for sessions using the controller-API. Rename the function to something more appropriate.
2014-04-23login: give session ownership of VTRay Strode
The tty associated with a VT should be owned by the owner of the session running on the VT. This is important for supporting a socket activated X server, since the X server will open the tty itself. This commit makes sure to chown the tty any time a session is created and and chown it back to root any time the session is removed. This behavior is copied from /bin/login.
2014-04-12Unify GREEDY_REALLOC and GREEDY_REALLOC_TZbigniew Jędrzejewski-Szmek
greedy_realloc() and greedy_realloc0() now store the allocated size as the count, not bytes. Replace GREEDY_REALLOC uses with GREEDY_REALLOC_T everywhere, and then rename GREEDY_REALLOC_T to GREEDY_REALLOC. It is just too error-prone to have two slightly different macros which do the same thing.
2014-04-09login: add 'mir' to the list of session typesDavid Herrmann
Add Mir to the list of session types. This is implemented for LightDM in lp:~robert-ancell/lightdm/xdg-session-desktop [1]. [1] https://code.launchpad.net/~robert-ancell/lightdm/xdg-session-desktop/+merge/214108 (david: adjusted commit-header and fixed whitespace issues)
2014-04-05logind: remove one castZbigniew Jędrzejewski-Szmek
2014-04-02logind: don't print error if devices vanish during ACL-initDavid Herrmann
If a device is unplugged while we initialize it, we will get ENOENT for ACL-init (and related stuff). We currently print errors then, which is misleading. Print a debug-message early and continue.
2014-03-24sd-event: rework API to support CLOCK_REALTIME_ALARM and ↵Lennart Poettering
CLOCK_BOOTTIME_ALARM, too
2014-03-18util: replace close_nointr_nofail() by a more useful safe_close()Lennart Poettering
safe_close() automatically becomes a NOP when a negative fd is passed, and returns -1 unconditionally. This makes it easy to write lines like this: fd = safe_close(fd); Which will close an fd if it is open, and reset the fd variable correctly. By making use of this new scheme we can drop a > 200 lines of code that was required to test for non-negative fds or to reset the closed fd variable afterwards.
2014-03-17build-sys: move sd-login src/login → src/libsystemd/sd-loginLennart Poettering
After all, it is ultimately linked to libsystems.so anyway, thus belongs there and shares very little with the rest of logind, hence let's move this away.
2014-03-17sd-login: add calls that retrieve credentials of peers connected to AF_UNIX ↵Lennart Poettering
peers This is supposed to be an extension of SO_PEERCRED and SO_PEERSEC, except for cgroup information.
2014-03-14logind: automatically remove SysV + POSIX IPC objects when the users owning ↵Lennart Poettering
them fully log out