summaryrefslogtreecommitdiff
path: root/src/login
AgeCommit message (Collapse)Author
2015-07-03sd-bus: introduce new sd_bus_flush_close_unref() callLennart Poettering
sd_bus_flush_close_unref() is a call that simply combines sd_bus_flush() (which writes all unwritten messages out) + sd_bus_close() (which terminates the connection, releasing all unread messages) + sd_bus_unref() (which frees the connection). The combination of this call is used pretty frequently in systemd tools right before exiting, and should also be relevant for most external clients, and is hence useful to cover in a call of its own. Previously the combination of the three calls was already done in the _cleanup_bus_close_unref_ macro, but this was only available internally. Also see #327
2015-07-02login: add rule for qemu's pci-bridge-seatGerd Hoffmann
Qemu provides a separate pci-bridge exclusively for multi-seat setups. The normal pci-pci bridge ("-device pci-bridge") has 1b36:0001. The new pci-bridge-seat was specifically added to simplify guest-side multiseat configuration. It is identical to the normal pci-pci bridge, except that it has a different id (1b36:000a) so we can match it and configure multiseating automatically. Make sure we always treat this as separate seat if we detect this, just like other "Pluggable" devices. (David: write commit-message)
2015-07-01login: re-use VT-sessions if they already existDavid Herrmann
Right now, if you start a session via 'su' or 'sudo' from within a session, we make sure to re-use the existing session instead of creating a new one. We detect this by reading the session of the requesting PID. However, with gnome-terminal running as a busname-unit, and as such running outside the session of the user, this will no longer work. Therefore, this patch makes sure to return the existing session of a VT if you start a new one. This has the side-effect, that you will re-use a session which your PID is not part of. This works fine, but will break assumptions if the parent session dies (and as such close your session even though you think you're part of it). However, this should be perfectly fine. If you run multiple logins on the same session, you should really know what you're doing. The current way of silently accepting it but choosing the last registered session is just weird.
2015-06-25logind: fix delayed execution regressionDaniel Mack
Commit c0f32805 ("logind: use sd_event timer source for inhibitor logic") reworked the main loop logic of logind so that it uses a real timeout callback handler to execute delayed functions. What the old code did, however, was to call those functions on every iteration in the main loop, not only when the timeout expired. Restore that behavior by bringing back manager_dispatch_delayed(), and call it from manager_run(). The internal event source callback manager_inhibit_timeout_handler() was turned into a wrapper of manager_dispatch_delayed() now.
2015-06-21pam_systemd: Properly check kdbus availabilityJan Alexander Steffens (heftig)
This properly avoids setting DBUS_SESSION_BUS_ADDRESS if kdbus is loaded (or built into the kernel) but not wanted.
2015-06-17Merge pull request #265 from smcv/logind-runtimedir-race-write-earlierLennart Poettering
logind: save /run/systemd/users/UID before starting user@.service
2015-06-17Merge pull request #263 from kaysievers/wipKay Sievers
turn kdbus support into a runtime option
2015-06-17Merge pull request #259 from poettering/logind-label-fixTom Gundersen
logind: apply selinux label to XDG_RUNTIME_DIR
2015-06-17logind: save /run/systemd/users/UID before starting user@.serviceSimon McVittie
Previously, this had a race condition during a user's first login. Some component calls CreateSession (most likely by a PAM service other than 'systemd-user' running pam_systemd), with the following results: - logind: * create the user's XDG_RUNTIME_DIR * tell pid 1 to create user-UID.slice * tell pid 1 to start user@UID.service Then these two processes race: - logind: * save information including XDG_RUNTIME_DIR to /run/systemd/users/UID - the subprocess of pid 1 responsible for user@service: * start a 'systemd-user' PAM session, which reads XDG_RUNTIME_DIR and puts it in the environment * run systemd --user, which requires XDG_RUNTIME_DIR in the environment If logind wins the race, which usually happens, everything is fine; but if the subprocesses of pid 1 win the race, which can happen under load, then systemd --user exits unsuccessfully. To avoid this race, we have to write out /run/systemd/users/UID even though the service has not "officially" started yet; previously this did an early-return without saving anything. Record its state as OPENING in this case. Bug: https://github.com/systemd/systemd/issues/232 Reviewed-by: Philip Withnall <philip.withnall@collabora.co.uk>
2015-06-17turn kdbus support into a runtime optionKay Sievers
./configure --enable/disable-kdbus can be used to set the default behavior regarding kdbus. If no kdbus kernel support is available, dbus-dameon will be used. With --enable-kdbus, the kernel command line option "kdbus=0" can be used to disable kdbus. With --disable-kdbus, the kernel command line option "kdbus=1" is required to enable kdbus support.
2015-06-17logind: apply selinux label to XDG_RUNTIME_DIRLennart Poettering
As discussed in #257: we should ensure the selinux label is correctly applied to each user's XDG_RUNTIME_DIR.
2015-06-17logind: rework display counting when detecting whether the system is dockedLennart Poettering
Previously, we'd just count connected displays, and if there was 2 or more we assumed a "docked" state. With this change we now: - Only count external displays, ignore internal ones (which we detect by checking the connector name against a whitelist of known external plug types) - We ignore connectors which are explicitly disabled - We then compare the count with >= 1 rather than >= 2 as before This new logic has the benefit that systems that disconnect the internal display when the lid is closed are better supported. Also, explicitly disabled ports do not confuse the algorithm anymore. This new algorithm has been suggested here: http://lists.freedesktop.org/archives/intel-gfx/2015-June/068821.html This also makes two functions static, that are not used outside of their .c files.
2015-06-16Merge pull request #218 from poettering/dual-timestamp-nullDaniel Mack
everywhere: actually make use of DUAL_TIMESTAMP_NULL macro
2015-06-16Merge pull request #219 from poettering/logind-dockedDaniel Mack
logind: expose "Docked" bool as property on the bus
2015-06-16logind: cast close() call to (void)Lennart Poettering
2015-06-16logind: expose "Docked" bool as property on the busLennart Poettering
We know the state anyway, let's expose it in the bus. It's useful for debugging at least, but it might be useful for DEs too.
2015-06-16everywhere: actually make use of DUAL_TIMESTAMP_NULL macroLennart Poettering
Let's use it as initializer where appropriate.
2015-06-15everywhere: port everything to sigprocmask_many() and friendsLennart Poettering
This ports a lot of manual code over to sigprocmask_many() and friends. Also, we now consistly check for sigprocmask() failures with assert_se(), since the call cannot realistically fail unless there's a programming error. Also encloses a few sd_event_add_signal() calls with (void) when we ignore the return values for it knowingly.
2015-06-15Merge pull request #180 from ronnychevalier/rc/coverity_cid_1304686Lennart Poettering
login: fix potential null pointer dereference
2015-06-15login: fix potential null pointer dereferenceRonny Chevalier
Fix CID 1304686: Dereference after null check (FORWARD_NULL) However, this commit does not fix any bug in logind. It helps to keep the elect_display_compare() function generic.
2015-06-14tree-wide: fix memory leaks in users of bus_map_all_properties()David Herrmann
If you use bus_map_all_properties(), you must be aware that it might touch output variables even though it may fail. This is, because we parse many different bus-properties and cannot tell how to clean them up, in case we fail deep down in the parser. Fix all callers of bus_map_all_properties() to correctly cleanup any context structures at all times.
2015-06-11build-sys: split internal basic/ library from shared/Kay Sievers
basic/ can be used by everything cannot use anything outside of basic/ libsystemd/ can use basic/ cannot use shared/ shared/ can use libsystemd/
2015-06-10logind,sd-event: drop spurious new-linesLennart Poettering
2015-06-10tree-wide: whenever we fork off a foreign child process reset signal ↵Lennart Poettering
mask/handlers Also, when the child is potentially long-running make sure to set a death signal. Also, ignore the result of the reset operations explicitly by casting them to (void).
2015-06-05logind: Fix user_elect_display() to be more stablePhilip Withnall
The previous implementation of user_elect_display() could easily end up overwriting the user’s valid graphical session with a new TTY session. For example, consider the situation where there is one session: c1, type = SESSION_X11, !stopping, class = SESSION_USER it is initially elected as the user’s display (i.e. u->display = c1). If another session is started, on a different VT, the sessions_by_user list becomes: c1, type = SESSION_X11, !stopping, class = SESSION_USER c2, type = SESSION_TTY, !stopping, class = SESSION_USER In the previous code, graphical = c1 and text = c2, as expected. However, neither graphical nor text fulfil the conditions for setting u->display = graphical (because neither is better than u->display), so the code falls through to check the text variable. The conditions for this match, as u->display->type != SESSION_TTY (it’s actually SESSION_X11). Hence u->display is set to c2, which is incorrect, because session c1 is still valid. Refactor user_elect_display() to use a more explicit filter and pre-order comparison over the sessions. This can be demonstrated to be stable and only ever ‘upgrade’ the session to a more graphical one. https://bugs.freedesktop.org/show_bug.cgi?id=90769
2015-06-04Merge pull request #58 from pwithnall/wip/pwithnall/user-active-on-vt-switchDavid Herrmann
logind: Save the user’s state when a session enters SESSION_ACTIVE
2015-06-04Merge pull request #57 from pwithnall/wip/pwithnall/udev-virtualbox-rulesDavid Herrmann
logind: Add a udev rule to tag all DRM cards with master-of-seat
2015-06-02logind: Add a udev rule to tag all DRM cards with master-of-seatPhilip Withnall
This is needed for generic DRM devices like the VirtualBox vboxvideo driver, which exposes itself as a generic, ID-less DRM device at /dev/dri/card0 (after applying this commit): $ udevadm info --query=all --path \ /sys/devices/pci0000:00/0000:00:02.0/drm/card0 P: /devices/pci0000:00/0000:00:02.0/drm/card0 N: dri/card0 E: DEVNAME=/dev/dri/card0 E: DEVPATH=/devices/pci0000:00/0000:00:02.0/drm/card0 E: DEVTYPE=drm_minor E: ID_FOR_SEAT=drm-pci-0000_00_02_0 E: ID_PATH=pci-0000:00:02.0 E: ID_PATH_TAG=pci-0000_00_02_0 E: MAJOR=226 E: MINOR=0 E: SUBSYSTEM=drm E: TAGS=:master-of-seat:seat:uaccess: E: USEC_INITIALIZED=59893 Without this patch, the capabilities for a seat on a VirtualBox installation of systemd v219 incorrectly show it as non-graphical, even though I can type these commands from an xterm: $ loginctl show-seat seat0 Id=seat0 CanMultiSession=yes CanTTY=yes CanGraphical=no … https://bugs.freedesktop.org/show_bug.cgi?id=90822
2015-06-02logind: Save the user’s state when a session enters SESSION_ACTIVEPhilip Withnall
When (for example) switching from X11 to a new VT and logging in there, creating a new session, the user state file (/run/systemd/users/$uid) is not updated after the session becomes active. The latest time it is saved is when the session is in SESSION_OPENING. This results in a /run/systemd/users/$uid file which contains STATE=online for the current user on the current active VT, which is obviously wrong. As functions like sd_uid_get_state() use this file to get the user’s state, this could result in things like PolicyKit making incorrect decisions about the user’s state. (See https://bugs.freedesktop.org/show_bug.cgi?id=76358.) Fix this by re-saving the state for a session’s user after completing the state_job for that session. https://bugs.freedesktop.org/show_bug.cgi?id=90818
2015-05-29util: split out signal-util.[ch] from util.[ch]Lennart Poettering
No functional changes.
2015-05-29path-util: Change path_is_mount_point() symlink arg from bool to flagsMartin Pitt
This makes path_is_mount_point() consistent with fd_is_mount_point() wrt. flags.
2015-05-27logind: prefix some calls to unlink with (void)Daniel Mack
Make Coverity happy and tell it we're not interested in the return value of these two calls.
2015-05-27logind: unlink /run/nologin when shutdown is cancelledDaniel Mack
When a scheduled is cancelled, make sure to remove /run/nologin. This is a regression from the recent shutdownd removal and logind rework.
2015-05-18util: split all hostname related calls into hostname-util.cLennart Poettering
2015-05-05core: rework unit name validation and manipulation logicLennart Poettering
A variety of changes: - Make sure all our calls distuingish OOM from other errors if OOM is not the only error possible. - Be much stricter when parsing escaped paths, do not accept trailing or leading escaped slashes. - Change unit validation to take a bit mask for allowing plain names, instance names or template names or an combination thereof. - Refuse manipulating invalid unit name
2015-04-29sd-bus: allow passing NULL as bus parameter to sd_bus_send()Lennart Poettering
If NULL is specified for the bus it is now automatically derived from the passed in message. This commit also changes a number of invocations of sd_bus_send() to make use of this.
2015-04-29sd-bus: drop bus parameter from message callback prototypeLennart Poettering
This should simplify the prototype a bit. The bus parameter is redundant in most cases, and in the few where it matters it can be derived from the message via sd_bus_message_get_bus().
2015-04-24logind: kill newline characters from log_error_errno() callsDaniel Mack
log_error_errno() already adds a newline, so drop them.
2015-04-24logind: add support for /run/nologin and /run/systemd/shutdown/scheduledDaniel Mack
Port over more code from shutdownd and teach logind to write /run/nologin at least 5 minutes before the system is going down, and /run/systemd/shutdown/scheduled when a shutdown is scheduled.
2015-04-24logind: add code for UTMP wall messagesDaniel Mack
Add a timer to print UTMP wall messages so that it repeatedly informs users about a scheduled shutdown: * every 1 minute with less than 10 minutes to go * every 15 minutes with less than 60 minutes to go * every 30 minutes with less than 180 minutes (3 hours) to go * every 60 minutes if more than that to go This functionality only active if the .EnableWallMessages DBus property is set to true. Also, a custom string can be added to the wall message, set through the WallMessagePrefix property.
2015-04-24logind: add .ScheduleShutdown and .CancelScheduledShutdown methodsDaniel Mack
Add a method called ScheduleShutdown in org.freedesktop.login1.Manager which adds a timer to shut down the system at a later point in time. The first argument holds the type of the schedule that is about to happen, and must be one of 'reboot', 'halt' or 'poweroff'. The second argument specifies the absolute time, based on CLOCK_REALTIME in nanoseconds, at which the the operation should be executed. To cancel a previously scheduled shutdown, the CancelScheduledShutdown() can be called, which returns a bool, indicating whether a scheduled timeout was cancelled. Also add a new property called ScheduledShutdown which returns the equivalent to what was passed in via ScheduleShutdown, as '(st)' type.
2015-04-24logind: factor out polkit checksDaniel Mack
Factor out the code to ask polkit for authorization from method_do_shutdown_or_sleep() into an own function called verify_shutdown_creds(). This is needed in order to also use the same checks when shutdown operations are scheduled. For that, it's also necessary to allow NULL values for that action{,_multiple_sessions,_ignore_inhibit) arguments, which will suppress the call if no action string is passed.
2015-04-24logind: make local functions staticDaniel Mack
make manager_gc(), manager_startup(), manager_new(), manager_free() and manager_run() static, and kill their forward declarations.
2015-04-24logind: use sd_event timer source for inhibitor logicDaniel Mack
Instead of open-coding the delayed action and inhibit timeout logic, switch over to a real sd_event_source based implementation. This is not only easier to read but also allows us to add more timers in the future.
2015-04-24logind: drop unused argument from method_do_shutdown_or_sleep()Daniel Mack
2015-04-12pam_system: use (void) to silence coverityZbigniew Jędrzejewski-Szmek
CID #996284.
2015-04-11shared: add terminal-util.[ch]Ronny Chevalier
2015-04-10shared: add process-util.[ch]Ronny Chevalier
2015-04-10shared: add formats-util.hRonny Chevalier
2015-04-07logind: drop "interactive" parameter from SetRebootToFirmwareSetup() bus callLennart Poettering
Newer dbus versions have an "allow interactive authentication" bit in the message header, hence it is not necessary to take a boolean for this explicitly.