summaryrefslogtreecommitdiff
path: root/src/login
AgeCommit message (Collapse)Author
2013-11-10button: don't exit if we cannot handle a button pressLennart Poettering
2013-11-08bus: port remaining code over to use bus_error_message()Lennart Poettering
2013-11-08Remove dead code and unexport some callsLennart Poettering
"make check-api-unused" informs us about code that is not used anymore or that is exported but only used internally. Fix these all over the place.
2013-11-07inhibit: more conversions to use bus_log_parse_error()Lennart Poettering
2013-11-07bus: log message parsing errors everywhere with a generalized ↵Lennart Poettering
bus_log_parse_error()
2013-11-07polkit: don't spawn local client if we access a remote systemLennart Poettering
2013-11-07loginctl: convert to sd-busSimon Peeters
NOTE: the show-* subcommands do not print some properties: this are those with types like (so), a(so), (uo),... we need to fix this, but I'm not sure how
2013-11-07pam: the DECIMAL_STR_MAX macro is awesome, let's use itLennart Poettering
2013-11-06pam_systemd: dup the fd received from logindZbigniew Jędrzejewski-Szmek
Otherwise sd_bus_message cleanup would close it.
2013-11-07pam: externally our booleans are ints, not unsignedsLennart Poettering
2013-11-07socket: rework things to have only one sockaddr formatterLennart Poettering
2013-11-07pam_systemd: pass 'unsigned' instead of 'bool' to sd_bus_message_read()Kay Sievers
2013-11-06pam_systemd: port to libsystemd-busZbigniew Jędrzejewski-Szmek
2013-11-06systemd_pam: treat debug as debug=1 and parse all paramsZbigniew Jędrzejewski-Szmek
systemd_pam would ignore all params after the first invalid one. Instead ignore just this one, and parse the rest. There's just one now, but as a matter of principle ;) Also, allow debug as an alias for debug=1, and don't treat invalid debug= options as fatal.
2013-11-06clients: unify how we invoke getopt_long()Lennart Poettering
Among other things this makes sure we always expose a --version command and show it in the help texts.
2013-11-06inhibit: don't return error code on --helpLennart Poettering
2013-11-06machined: keep track of the initial leader PID of a machineLennart Poettering
This way we can without races always determine the machine for a leader PID. This allows machine managers to query the machine for a forked off container/VM without a race where the child might already have died before we could read the cgroup information from /proc/$PID/cgroup.
2013-11-05login: port test-inhibit to libsystemd-busKay Sievers
2013-11-05logind: add virtual object paths that always can be used to refer to the ↵Lennart Poettering
callers session, user, seat or machine object This way clients can skip invoking GetSessionByPID() for their own PID or a similar call to access these objects.
2013-11-05logind: automatically determine client side PID if GetSessionByPID() is ↵Lennart Poettering
called with a PID == 0
2013-11-05logind: fix serialization for PrepareForSleep booleanLennart Poettering
2013-11-05logind: fix serialization of ListInhibitors() requestLennart Poettering
2013-11-05logind: expose linger state on User objectLennart Poettering
2013-11-05logind: fix serialization of ListSeats() bus callLennart Poettering
2013-11-05logind: port logind to libsystemd-busLennart Poettering
2013-11-05user-sessions: modernizationsLennart Poettering
2013-10-30general: various cleanupsLennart Poettering
2013-10-22inhibit: port to sd-busTom Gundersen
2013-10-15logind: allow unprivileged session-device accessDavid Herrmann
The session-device/control API was introduced for unprivileged device access from within a session. Add the required dbus policy to the default logind policies. Note: logind validates that only root and the user of a session can use the API. Furthermore, only a single API user gets access at a time.
2013-10-14list: make our list macros a bit easier to use by not requring type spec on ↵Lennart Poettering
each invocation We can determine the list entry type via the typeof() gcc construct, and so we should to make the macros much shorter to use.
2013-10-13Introduce udev object cleanup functionsZbigniew Jędrzejewski-Szmek
2013-10-13Fix write-only use of a few variablesZbigniew Jędrzejewski-Szmek
Since the invention of read-only memory, write-only memory has been considered deprecated. Where appropriate, either make use of the value, or avoid writing it, to make it clear that it is not used.
2013-10-10login: make sd_session_get_vt() actually workDavid Herrmann
We use VTNR, not VTNr as key. Until now sd_session_get_vt() just returns an error.
2013-10-10login: fix invalid free() in sd_session_get_vt()David Herrmann
We need to clear variables markes as _cleanup_free_. Otherwise, our error-paths might corrupt random memory.
2013-10-04logind: fix bus introspection data for TakeControl()Lennart Poettering
2013-10-03execute: more debugging messagesZbigniew Jędrzejewski-Szmek
2013-10-01logind: remove fbdev session-device supportDavid Herrmann
fbdev does not support access-handover so it is quite useless to route it through logind. If compositors want to use it they ought to open it themselves. It's highly recommended to be ignored entirely, though. fbdev is about to be deprecated in the kernel.
2013-10-01logind: send PropertyChanged during deactivationDavid Herrmann
We only send the PropertyChanged signal for the to-be-activated session but not for the to-be-deactivated one. Fix that so both listeners get notified about the new state.
2013-10-01logind: check whether first drmSetMaster succeededDavid Herrmann
The initial drmSetMaster may fail if there is an active master already. We must not assume that all existing clients comply to logind rules. We check for this during session-activation already but didn't during device setup. Fix this by checking the return code. As drmSetMaster has had horrible return codes in the past (0 for failure? EINVAL for denied access, ..) we need to be quite pedantic. To guarantee an open file-descriptor we need to close the device and reopen it without master if setting master failed first.
2013-10-01logind: fix session-device dbus notifyDavid Herrmann
Had this fix lying around here for some time. Thanks to missing type-checking for va-args we passed in the actual major/minor values instead of pointers to it. Fix it by saving the values on the stack first and passing in the pointers.
2013-09-26logind: never consider a closing session relevant for PK checksLennart Poettering
https://bugzilla.redhat.com/show_bug.cgi?id=1010215
2013-09-26logind: if a user is sitting in front of the computer and can shutdown the ↵Lennart Poettering
machine anyway he should also be able to reboot it
2013-09-26Move part of logind.c into a separate fileZbigniew Jędrzejewski-Szmek
liblogind-core.la was underlinked, missing a few functions defined in logind.c. They are moved to a new file, logind-core.c, and this file is linked into liblogind-core.la. In addition, logind-acl.c is attached to the liblogind-core.la, instead of systemd-logind directly.
2013-09-24logind: return -EINVAL when PID is wrongLukas Nykryn
dbus-send --print-reply --system --dest=org.freedesktop.login1 /org/freedesktop/login1 org.freedesktop.login1.Manager.GetUserByPID uint32:0 causes systemd-logind[29843]: Assertion 'pid >= 1' failed at src/login/logind.c:938, function manager_get_user_by_pid(). Aborting.
2013-09-20logind: put correct user object paths in introspection dataMantas Mikulėnas
Sync with user_bus_path() in logind-user-dbus.c
2013-09-19Add more tests and fix capability loggingZbigniew Jędrzejewski-Szmek
2013-09-17Remove six unused variables and add annotationZbigniew Jędrzejewski-Szmek
clang FTW!
2013-09-17logind: fix build for ARM with sizeof(dev_t) > sizeof(void*)David Herrmann
Unfortunately on ARM-32 systems dev_t can be 64bit and thus we cannot store it easily in void* keys for hashtables. Fix that by passing a pointer to the dev_t variable instead.
2013-09-17logind: implement generic multi-sessionDavid Herrmann
This enables the multi-session capability for seats that don't have VTs. For legacy seats with VTs, everything stays the same. However, all other seats now also get the multi-session capability. The only feature that was missing was session-switching. As logind can force a session-switch and signal that via the "Active" property, we only need a way to allow synchronized/delayed session switches. Compositors need to cleanup some devices before acknowledging the session switch. Therefore, we use the session-devices to give compositors a chance to block a session-switch until they cleaned everything up. If you activate a session on a seat without VTs, we send a PauseDevice signal to the active session for every active device. Only once the session acknowledged all these with a PauseDeviceComplete() call, we perform the final session switch. One important note is that delayed session-switching is meant for backwards compatibility. New compositors or other sessions should really try to deal correctly with forced session switches! They only need to handle EACCES/EPERM from syscalls and treat them as "PauseDevice" signal. Following logind patches will add a timeout to session-switches which forces the switch if the active session does not react in a timely fashion. Moreover, explicit ForceActivate() calls might also be supported. Hence, sessions must not crash if their devices get paused.
2013-09-17logind: introduce session-devicesDavid Herrmann
A session-device is a device that is bound to a seat and used by a session-controller to run the session. This currently includes DRM, fbdev and evdev devices. A session-device can be created via RequestDevice() on the dbus API of the session. You can drop it via ReleaseDevice() again. Once the session is destroyed or you drop control of the session, all session-devices are automatically destroyed. Session devices follow the session "active" state. A device can be active/running or inactive/paused. Whenever a session is not the active session, no session-device of it can be active. That is, if a session is not in foreground, all session-devices are paused. Whenever a session becomes active, all devices are resumed/activated by logind. If it fails, a device may stay paused. With every session-device you request, you also get a file-descriptor back. logind keeps a copy of this fd and uses kernel specific calls to pause/resume the file-descriptors. For example, a DRM fd is muted by logind as long as a given session is not active. Hence, the fd of the application is also muted. Once the session gets active, logind unmutes the fd and the application will get DRM access again. This, however, requires kernel support. DRM devices provide DRM-Master for synchronization, evdev devices have EVIOCREVOKE (pending on linux-input-ML). fbdev devices do not provide such synchronization methods (and never will). Note that for evdev devices, we call EVIOCREVOKE once a session gets inactive. However, this cannot be undone (the fd is still valid but mostly unusable). So we reopen a new fd once the session is activated and send it together with the ResumeDevice() signal. With this infrastructure in place, compositors can now run without CAP_SYS_ADMIN (that is, without being root). They use RequestControl() to acquire a session and listen for devices via udev_monitor. For every device they want to open, they call RequestDevice() on logind. This returns a fd which they can use now. They no longer have to open the devices themselves or call any privileged ioctls. This is all done by logind. Session-switches are still bound to VTs. Hence, compositors will get notified via the usual VT mechanisms and can cleanup their state. Once the VT switch is acknowledged as usual, logind will get notified via sysfs and pause the old-session's devices and resume the devices of the new session. To allow using this infrastructure with systems without VTs, we provide notification signals. logind sends PauseDevice("force") dbus signals to the current session controller for every device that it pauses. And it sends ResumeDevice signals for every device that it resumes. For seats with VTs this is sent _after_ the VT switch is acknowledged. Because the compositor already acknowledged that it cleaned-up all devices. However, for seats without VTs, this is used to notify the active compositor that the session is about to be deactivated. That is, logind sends PauseDevice("force") for each active device and then performs the session-switch. The session-switch changes the "Active" property of the session which can be monitored by the compositor. The new session is activated and the ResumeDevice events are sent. For seats without VTs, this is a forced session-switch. As this is not backwards-compatible (xserver actually crashes, weston drops the related devices, ..) we also provide an acknowledged session-switch. Note that this is never used for sessions with VTs. You use the acknowledged VT-switch on these seats. An acknowledged session switch sends PauseDevice("pause") instead of PauseDevice("force") to the active session. It schedules a short timeout and waits for the session to acknowledge each of them with PauseDeviceComplete(). Once all are acknowledged, or the session ran out of time, a PauseDevice("force") is sent for all remaining active devices and the session switch is performed. Note that this is only partially implemented, yet, as we don't allow multi-session without VTs, yet. A follow up commit will hook it up and implemented the acknowledgements+timeout. The implementation is quite simple. We use major/minor exclusively to identify devices on the bus. On RequestDevice() we retrieve the udev_device from the major/minor and search for an existing "Device" object. If no exists, we create it. This guarantees us that we are notified whenever the device changes seats or is removed. We create a new SessionDevice object and link it to the related Session and Device. Session->devices is a hashtable to lookup SessionDevice objects via major/minor. Device->session_devices is a linked list so we can release all linked session-devices once a device vanishes. Now we only have to hook this up in seat_set_active() so we correctly change device states during session-switches. As mentioned earlier, these are forced state-changes as VTs are currently used exclusively for multi-session implementations. Everything else are hooks to release all session-devices once the controller changes or a session is closed or removed.