From ce31ec116f9bf4ad45952b6a200f4181fac311a3 Mon Sep 17 00:00:00 2001
From: Luke Shumaker <lukeshu@sbcglobal.net>
Date: Tue, 13 Sep 2016 21:24:07 -0400
Subject: ./tools/notsd-move

---
 src/grp-initprogs/systemd-user-sessions/Makefile   | 48 +++++++++++++
 .../systemd-user-sessions.service.in               | 17 +++++
 .../systemd-user-sessions.service.xml              | 75 +++++++++++++++++++
 .../systemd-user-sessions/user-sessions.c          | 84 ++++++++++++++++++++++
 4 files changed, 224 insertions(+)
 create mode 100644 src/grp-initprogs/systemd-user-sessions/Makefile
 create mode 100644 src/grp-initprogs/systemd-user-sessions/systemd-user-sessions.service.in
 create mode 100644 src/grp-initprogs/systemd-user-sessions/systemd-user-sessions.service.xml
 create mode 100644 src/grp-initprogs/systemd-user-sessions/user-sessions.c

(limited to 'src/grp-initprogs/systemd-user-sessions')

diff --git a/src/grp-initprogs/systemd-user-sessions/Makefile b/src/grp-initprogs/systemd-user-sessions/Makefile
new file mode 100644
index 0000000000..91c84e46fe
--- /dev/null
+++ b/src/grp-initprogs/systemd-user-sessions/Makefile
@@ -0,0 +1,48 @@
+#  -*- Mode: makefile; indent-tabs-mode: t -*-
+#
+#  This file is part of systemd.
+#
+#  Copyright 2010-2012 Lennart Poettering
+#  Copyright 2010-2012 Kay Sievers
+#  Copyright 2013 Zbigniew Jędrzejewski-Szmek
+#  Copyright 2013 David Strauss
+#  Copyright 2016 Luke Shumaker
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+#
+#  systemd is distributed in the hope that it will be useful, but
+#  WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+#  Lesser General Public License for more details.
+#
+#  You should have received a copy of the GNU Lesser General Public License
+#  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+include $(dir $(lastword $(MAKEFILE_LIST)))/../../../config.mk
+include $(topsrcdir)/build-aux/Makefile.head.mk
+
+ifneq ($(HAVE_PAM),)
+
+systemd_user_sessions_SOURCES = \
+	src/user-sessions/user-sessions.c
+
+systemd_user_sessions_LDADD = \
+	libsystemd-shared.la
+
+rootlibexec_PROGRAMS += \
+	systemd-user-sessions
+
+nodist_systemunit_DATA += \
+	units/systemd-user-sessions.service
+
+MULTI_USER_TARGET_WANTS += \
+	systemd-user-sessions.service
+
+endif # HAVE_PAM
+
+EXTRA_DIST += \
+	units/systemd-user-sessions.service.in
+
+include $(topsrcdir)/build-aux/Makefile.tail.mk
diff --git a/src/grp-initprogs/systemd-user-sessions/systemd-user-sessions.service.in b/src/grp-initprogs/systemd-user-sessions/systemd-user-sessions.service.in
new file mode 100644
index 0000000000..b4ea5a134b
--- /dev/null
+++ b/src/grp-initprogs/systemd-user-sessions/systemd-user-sessions.service.in
@@ -0,0 +1,17 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Permit User Sessions
+Documentation=man:systemd-user-sessions.service(8)
+After=remote-fs.target nss-user-lookup.target network.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=@rootlibexecdir@/systemd-user-sessions start
+ExecStop=@rootlibexecdir@/systemd-user-sessions stop
diff --git a/src/grp-initprogs/systemd-user-sessions/systemd-user-sessions.service.xml b/src/grp-initprogs/systemd-user-sessions/systemd-user-sessions.service.xml
new file mode 100644
index 0000000000..67aba54119
--- /dev/null
+++ b/src/grp-initprogs/systemd-user-sessions/systemd-user-sessions.service.xml
@@ -0,0 +1,75 @@
+<?xml version="1.0"?>
+<!--*-nxml-*-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<!--
+  This file is part of systemd.
+
+  Copyright 2012 Lennart Poettering
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+-->
+<refentry id="systemd-user-sessions.service" conditional='HAVE_PAM'>
+
+  <refentryinfo>
+    <title>systemd-user-sessions.service</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Developer</contrib>
+        <firstname>Lennart</firstname>
+        <surname>Poettering</surname>
+        <email>lennart@poettering.net</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>systemd-user-sessions.service</refentrytitle>
+    <manvolnum>8</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>systemd-user-sessions.service</refname>
+    <refname>systemd-user-sessions</refname>
+    <refpurpose>Permit user logins after boot, prohibit user logins at shutdown</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <para><filename>systemd-user-sessions.service</filename></para>
+    <para><filename>/usr/lib/systemd/systemd-user-sessions</filename></para>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para><filename>systemd-user-sessions.service</filename> is a
+    service that controls user logins through
+    <citerefentry project='man-pages'><refentrytitle>pam_nologin</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
+    After basic system initialization is complete, it removes
+    <filename>/run/nologin</filename>, thus permitting logins. Before
+    system shutdown, it creates <filename>/run/nologin</filename>, thus
+    prohibiting further logins.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+    <para>
+      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry project='man-pages'><refentrytitle>pam_nologin</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+    </para>
+  </refsect1>
+
+</refentry>
diff --git a/src/grp-initprogs/systemd-user-sessions/user-sessions.c b/src/grp-initprogs/systemd-user-sessions/user-sessions.c
new file mode 100644
index 0000000000..639c0200e6
--- /dev/null
+++ b/src/grp-initprogs/systemd-user-sessions/user-sessions.c
@@ -0,0 +1,84 @@
+/***
+  This file is part of systemd.
+
+  Copyright 2010 Lennart Poettering
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <errno.h>
+#include <unistd.h>
+
+#include "basic/fileio-label.h"
+#include "basic/fileio.h"
+#include "basic/log.h"
+#include "basic/selinux-util.h"
+#include "basic/string-util.h"
+#include "basic/util.h"
+
+int main(int argc, char*argv[]) {
+
+        if (argc != 2) {
+                log_error("This program requires one argument.");
+                return EXIT_FAILURE;
+        }
+
+        log_set_target(LOG_TARGET_AUTO);
+        log_parse_environment();
+        log_open();
+
+        umask(0022);
+
+        mac_selinux_init();
+
+        if (streq(argv[1], "start")) {
+                int r = 0;
+
+                if (unlink("/run/nologin") < 0 && errno != ENOENT)
+                        r = log_error_errno(errno,
+                                            "Failed to remove /run/nologin file: %m");
+
+                if (unlink("/etc/nologin") < 0 && errno != ENOENT) {
+                        /* If the file doesn't exist and /etc simply
+                         * was read-only (in which case unlink()
+                         * returns EROFS even if the file doesn't
+                         * exist), don't complain */
+
+                        if (errno != EROFS || access("/etc/nologin", F_OK) >= 0) {
+                                log_error_errno(errno, "Failed to remove /etc/nologin file: %m");
+                                return EXIT_FAILURE;
+                        }
+                }
+
+                if (r < 0)
+                        return EXIT_FAILURE;
+
+        } else if (streq(argv[1], "stop")) {
+                int r;
+
+                r = write_string_file_atomic_label("/run/nologin", "System is going down.");
+                if (r < 0) {
+                        log_error_errno(r, "Failed to create /run/nologin: %m");
+                        return EXIT_FAILURE;
+                }
+
+        } else {
+                log_error("Unknown verb %s.", argv[1]);
+                return EXIT_FAILURE;
+        }
+
+        mac_selinux_finish();
+
+        return EXIT_SUCCESS;
+}
-- 
cgit v1.2.3-54-g00ecf