| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
restarted
When assigning a new session controller to a session, the VT is prepared so the
controller can expect the VT to be in a good default state.
However when logind is restarted and a session controller already took control
of a session, there's no need to prepare th VT otherwise logind may screw up
the VT state set by the controller.
This patch prevents the preparation of the VT in this case.
|
| |
|
|
| |
Fixes wrong indent introduced by the commit 43688c49d1fdb585196d94e2e30bb29755fa591b.
|
| |
|
|
| |
Fixes #5733
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch ensures that session devices are saved for each session.
In order to make the revokation logic work when logind is restarted, the
session devices are now saved in the session state files and their respective
file descriptors sent to PID1's fdstore in order to keep them open accross
restart.
This is mandatory in order to keep the revokation logic working. Indeed in case
of input-devices, the same file descriptors must be shared by logind and a
given session controller in order EVIOCREVOKE to work otherwise multiple
sessions can have device access in parallel.
This should be the only remaining and missing piece for making logind fully
restartable.
Fixes: #1163
|
| | |
|
| |
|
|
| |
elogind-dbus.c, back to logind-dbus.c.
|
| |
|
|
| |
so elogind-action.c is not needed any more.
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
In practice this doesn't matter much because the read that follows will
likely fail, but we'll get a better error message.
CID #1368233.
|
| |
|
|
|
|
|
|
| |
And then show it, to make things a bit friendlier to the user if we fail
acquiring some props.
In fact, this fixes a number of actual bugs, where we used an error
structure for output that we actually never got an error in.
|
| |
|
|
|
|
|
|
|
| |
The 'Sessions' property for both org.freedesktop.login1.User and
org.freedesktop.login1.Seat is marked as EmitsChangedSignal(false).
Trying to emit a change signal that includes the 'Sessions' property
leads to the signal not being sent at all.
Fixes #5210.
|
| |
|
|
| |
…and use it where possible.
|
| |
|
|
| |
free_and_strdup() handles NULL arg, so make use of that.
|
| |
|
|
|
|
|
| |
gperf-3.1 generates lookup functions that take a size_t length
parameter instead of unsigned int. Test for this at configure time.
Fixes: https://github.com/elogind/elogind/issues/5039
|
| | |
|
| |
|
|
|
|
| |
We want that elogind --user gets its own keyring as usual, even if the
barebones PAM snippet we ship upstream is used. If we don't do this we get the
basic keyring elogind --system sets up for us.
|
| |
|
|
|
|
|
|
| |
Let's use chase_symlinks() everywhere, and stop using GNU
canonicalize_file_name() everywhere. For most cases this should not change
behaviour, however increase exposure of our function to get better tested. Most
importantly in a few cases (most notably nspawn) it can take the correct root
directory into account when chasing symlinks.
|
| |
|
|
|
|
| |
We don't have plural in the name of any other -util files and this
inconsistency trips me up every time I try to type this file name
from memory. "formats-util" is even hard to pronounce.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Embedding sd_id128_t's in constant strings was rather cumbersome. We had
SD_ID128_CONST_STR which returned a const char[], but it had two problems:
- it wasn't possible to statically concatanate this array with a normal string
- gcc wasn't really able to optimize this, and generated code to perform the
"conversion" at runtime.
Because of this, even our own code in coredumpctl wasn't using
SD_ID128_CONST_STR.
Add a new macro to generate a constant string: SD_ID128_MAKE_STR.
It is not as elegant as SD_ID128_CONST_STR, because it requires a repetition
of the numbers, but in practice it is more convenient to use, and allows gcc
to generate smarter code:
$ size .libs/elogind{,-logind,-journald}{.old,}
text data bss dec hex filename
1265204 149564 4808 1419576 15a938 .libs/elogind.old
1260268 149564 4808 1414640 1595f0 .libs/elogind
246805 13852 209 260866 3fb02 .libs/elogind-logind.old
240973 13852 209 255034 3e43a .libs/elogind-logind
146839 4984 34 151857 25131 .libs/elogind-journald.old
146391 4984 34 151409 24f71 .libs/elogind-journald
It is also much easier to check if a certain binary uses a certain MESSAGE_ID:
$ strings .libs/elogind.old|grep MESSAGE_ID
MESSAGE_ID=%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x
MESSAGE_ID=%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x
MESSAGE_ID=%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x
MESSAGE_ID=%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x
$ strings .libs/elogind|grep MESSAGE_ID
MESSAGE_ID=c7a787079b354eaaa9e77b371893cd27
MESSAGE_ID=b07a249cd024414a82dd00cd181378ff
MESSAGE_ID=641257651c1b4ec9a8624d7a40a9e1e7
MESSAGE_ID=de5b426a63be47a7b6ac3eaac82e2f6f
MESSAGE_ID=d34d037fff1847e6ae669a370e694725
MESSAGE_ID=7d4958e842da4a758f6c1cdc7b36dcc5
MESSAGE_ID=1dee0369c7fc4736b7099b38ecb46ee7
MESSAGE_ID=39f53479d3a045ac8e11786248231fbf
MESSAGE_ID=be02cf6855d2428ba40df7e9d022f03d
MESSAGE_ID=7b05ebc668384222baa8881179cfda54
MESSAGE_ID=9d1aaa27d60140bd96365438aad20286
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This makes strjoin and strjoina more similar and avoids the useless final
argument.
spatch -I . -I ./src -I ./src/basic -I ./src/basic -I ./src/shared -I ./src/shared -I ./src/network -I ./src/locale -I ./src/login -I ./src/journal -I ./src/journal -I ./src/timedate -I ./src/timesync -I ./src/nspawn -I ./src/resolve -I ./src/resolve -I ./src/elogind -I ./src/core -I ./src/core -I ./src/libudev -I ./src/udev -I ./src/udev/net -I ./src/udev -I ./src/libelogind/sd-bus -I ./src/libelogind/sd-event -I ./src/libelogind/sd-login -I ./src/libelogind/sd-netlink -I ./src/libelogind/sd-network -I ./src/libelogind/sd-hwdb -I ./src/libelogind/sd-device -I ./src/libelogind/sd-id128 -I ./src/libelogind-network --sp-file coccinelle/strjoin.cocci --in-place $(git ls-files src/*.c)
git grep -e '\bstrjoin\b.*NULL' -l|xargs sed -i -r 's/strjoin\((.*), NULL\)/strjoin(\1)/'
This might have missed a few cases (spatch has a really hard time dealing
with _cleanup_ macros), but that's no big issue, they can always be fixed
later.
|
| | |
|
| |
|
|
| |
Fixes: #4431
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Without the tty it's really hard to tell which session is which.
New output:
$ ./loginctl
SESSION UID USER SEAT TTY
13 1002 zbyszek seat0 tty3
c1 42 gdm seat0 /dev/tty1
11 1002 zbyszek seat0 tty4
3 1002 zbyszek seat0 /dev/tty2
17 1002 zbyszek seat0 tty5
18 1002 zbyszek seat0 tty6
6 sessions listed.
|
| | |
|
| |
|
|
|
|
| |
Otherwise elogind-user@ fails because elogind validates the account
Fixes: #4342
|
| |
|
|
|
|
|
|
| |
It is impossible to ship a fully generic PAM configuration upstream.
Therefore, ship a minimal configuration with the elogind --user requirements,
and add a note to DISTRO_PORTING documenting this.
Fixes #4284
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a docker container is confined with AppArmor [1] and happens to run
on top of a kernel that supports mount mediation [2], e.g. any Ubuntu
kernel, mount(2) returns EACCES instead of EPERM. This then leads to:
elogind-logind[33]: Failed to mount per-user tmpfs directory /run/user/1000: Permission denied
login[42]: pam_elogind(login:session): Failed to create session: Access denied
and user sessions don't start.
This also applies to selinux that too returns EACCES on mount denial.
[1] https://github.com/docker/docker/blob/master/docs/security/apparmor.md#understand-the-policies
[2] http://bazaar.launchpad.net/~apparmor-dev/apparmor/master/view/head:/kernel-patches/4.7/0025-UBUNTU-SAUCE-apparmor-Add-the-ability-to-mediate-mou.patch
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The parsing functions for [User]TasksMax were inconsistent. Empty string and
"infinity" were interpreted as no limit for TasksMax but not accepted for
UserTasksMax. Update them so that they're consistent with other knobs.
* Empty string indicates the default value.
* "infinity" indicates no limit.
While at it, replace opencoded (uint64_t) -1 with CGROUP_LIMIT_MAX in TasksMax
handling.
v2: Update empty string to indicate the default value as suggested by Zbigniew
Jędrzejewski-Szmek.
v3: Fixed empty UserTasksMax handling.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds the boolean RemoveIPC= setting to service, socket, mount and swap
units (i.e. all unit types that may invoke processes). if turned on, and the
unit's user/group is not root, all IPC objects of the user/group are removed
when the service is shut down. The life-cycle of the IPC objects is hence bound
to the unit life-cycle.
This is particularly relevant for units with dynamic users, as it is essential
that no objects owned by the dynamic users survive the service exiting. In
fact, this patch adds code to imply RemoveIPC= if DynamicUser= is set.
In order to communicate the UID/GID of an executed process back to PID 1 this
adds a new "user lookup" socket pair, that is inherited into the forked
processes, and closed before the exec(). This is needed since we cannot do NSS
from PID 1 due to deadlock risks, However need to know the used UID/GID in
order to clean up IPC owned by it if the unit shuts down.
|
| | |
|
| |
|
|
|
|
|
| |
It is not needed to ask for authorization to put the system to sleep.
Such a system is most commonly a single-user laptop, and no user,
especially me, wants to enter the root password after hitting the
suspend key. ;-)
|
| |
|
|
|
|
| |
elogind only calls this when shutting down, rebooting or cancelling a
pending shutdown/reboot. Authorization is already needed there, so do
not question the user twice, just because they forgot to sudo.
|
| |
|
|
| |
debug mode, even if it was started from a tty.
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
the system fails.
|
| |
|
|
| |
failed.
|
| | |
|
| | |
|
| |
|
|
| |
isn't working.
|
| |
|
|
| |
cancelling a pending shutdown/reboot
|
| |
|
|
| |
allow extra wall messages.
|
| | |
|
| | |
|
| | |
|
