summaryrefslogtreecommitdiff
path: root/src/login
Commit message (Collapse)AuthorAge
* Disable_Dbus_activation_by_default.diffDebian Ecosystem Init Diversity Team2018-11-13
| | | Gbp-Pq: Name Disable_Dbus_activation_by_default.diff.patch
* Prep v239.2: Check process name of possibly stale PID file (#94)Sven Eden2018-11-12
|
* elogind: Try to register any of the signals report errors and return the ↵Stefan Stefanović2018-11-10
| | | | first error.
* elogind: Use SIG_BLOCK before signal handler registration.Stefan Stefanović2018-11-10
|
* Prep v239.2: Fix signal registration failure (#90)Sven Eden2018-11-09
| | | | | | | | | | | | The behaviour of sd_event_add_signal() has changed, it is no longer neccessary to mask the signal beforehand. Actually the masking causes it to be ignored, and thus the registration of the signal handler to fail. Bug: #90 Closes: #90 Signed-off-by: Sven Eden <sven.eden@prydeworx.com>
* pam_elogind: drop setting DBUS_SESSION_BUS_ADDRESSLennart Poettering2018-11-08
| | | | | | | | | | Since D-Bus 1.9.14 (2015-03-02) dbus looks in $XDG_RUNTIME_DIR/bus for the system bus on its own, hence we can finally drop setting this environment variable. gdbus since glib 2.45.3 (June 2015) also supports it. Closes: #87 Sigend-off-by: Sven Eden <sven.eden@prydeworx.com>
* Prep v239.2: Fix migration errors in loginSven Eden2018-11-08
|
* Prep v239.2: Update src/login/70-uaccess.rules to 70-uaccess.rules.m4Sven Eden2018-10-30
|
* logind: validate /run/user/1000 before we set itLennart Poettering2018-10-29
| | | | | | | | Let's be safe than sorry, in particular as logind doesn't set it up anymore, but user-runtime-dir@.service does, and logind doesn't really track success of that. (cherry picked from commit b92171124819305985ed292cc472f6668a027425)
* pam_systemd: explain in detail why pam_systemd does the PAM item mangling it ↵Lennart Poettering2018-10-29
| | | | | | | | | does in comments The old comments were imprecise, and misleading. Let's extend things and explain the situation in more detail. (cherry picked from commit 3a7369495bdbec38d897a48da511e126e373b253)
* logind: automatically GC lingering users for who now user@.service (nor ↵Lennart Poettering2018-10-29
| | | | | | | | | | | | | | | slice, not runtime dir service) is running anymore This heavily borrows from @intelfx' PR #5546, but watches all three units that are associated with a user now: the slice, the user@.service and user-runtime-dir@.service. The logic and reasoning behind it is the same though: there's no value in keeping lingering users around if all their three services are gone. Replaces: #5546 Fixes: #4162 (cherry picked from commit 4e5b605af202c770dfc8e3562d0f8d0440b2fe14)
* logind: improve error propagation of user_check_linger_file()Lennart Poettering2018-10-29
| | | | | | | | | | | Let's make this a bit prettier, and propagate unexpected access() errors correctly. (The callers of this function will suppress them, but it's nicer of they do that, rather than us doing that twice in both the callers and the callees) (cherry picked from commit 6996df9b864981980f5b713dc5c7d506a7a4b9bf)
* logind: add a RequiresMountsFor= dependency from the session scope unit to ↵Lennart Poettering2018-10-29
| | | | | | | | | | | | | | the home directory of the user This is useful so that during shutdown scope units are always terminated before the mounts necessary for the home directory. (Ideally we'd also add a similar dependency from the user@.service instance to the home directory, but this isn't as easy as that service is defined statically and not dynamically, and hence not easy to modify dynamically, in particular when it comes to deps) (cherry picked from commit d5ac9d060267820aabdf9af509a54a1830b27b7d)
* logind: change user-runtime-dir to query runtime dir size from logind via ↵Lennart Poettering2018-10-29
| | | | | | | | | | | | | | | | | | the bus I think this is a slightly cleaner approach than parsing the configuration file at multiple places, as this way there's only a single reload cycle for logind.conf, and that's systemd-logind.service's runtime. This means that logind and dbus become a requirement of user-runtime-dir, but given that XDG_RUNTIME_DIR is not set anyway without logind and dbus around this isn't really any limitation. This also simplifies linking a bit as this means user-runtime-dir doesn't have to link against any code of logind itself. (cherry picked from commit 07ee5adb356b9fde500c8a5226f24a314789832b)
* logind: optionally watch utmp for login dataLennart Poettering2018-10-29
| | | | | | | | This allows us to determine the TTY an ssh session is for, which is useful to to proper idle detection for ssh sessions. Fixes: #9622 (cherry picked from commit 3d0ef5c7e00155bc74f6f71c34cad518a4ff56ba)
* logind: add hashtable for finding session by leader PIDLennart Poettering2018-10-29
| | | | | | | This is useful later on, when we quickly want to find the session for a leader PID. (cherry picked from commit 238794b15082e6f61d0ce2943d39205289fff7f0)
* logind: optionally, keep the user@.service instance for eached logged in ↵Lennart Poettering2018-10-29
| | | | | | | | | | | | user around for a while This should speed up rapid logout/login cycles a bit. By default this timeout is now set to 10s. Fixes: #8410 Replaces: #4434 (cherry picked from commit 9afe9efb9340588db553950727a2a9672dc3db24)
* logind: minor session time handling tweaksLennart Poettering2018-10-29
| | | | (cherry picked from commit 061c6607a9f2e39a76ee74048f19b5de16c8fac3)
* logind: rework how we manage the slice and user-runtime-dir@.service unit ↵Lennart Poettering2018-10-29
| | | | | | | | | | | | | | | | | | | | | | for each user Instead of managing it explicitly, let's simplify things and rely on regular Wants=/Requires= dependencies to pull in these units from user@.service and the session scope, and StopWhenUneeded= to stop these auxiliary units again. This way, they can be pulled in easily by unrelated units too. This simplifies things quite a bit: for each session we now only need to manage the session scope, and for each user the user@.service, the other units are not something we need to manage anymore. This patch also makes sure that if user@.service of a user is masked we will continue to work, and user-runtime-dir@.service will still be correctly pulled in, as it is now a dependency of the scope unit. Fixes: #9461 Replaces: #5546 (cherry picked from commit 25a1ab4ed48b72e974f77a68dcbe3521014787bb)
* login: use free_and_replace() and TAKE_PTR()Yu Watanabe2018-10-29
| | | | (cherry picked from commit fb2367edd943d37f418725c90498a940016e80bd)
* logind: don't clobber bus error structure if we don't failLennart Poettering2018-10-29
| | | | (cherry picked from commit ea3a7cf6c34163834893f1f4c7af44c8245776ac)
* logind: propagate session stop errorsLennart Poettering2018-10-29
| | | | | | | | | | Let's propagate errors from stopping sessions via seat_stop(). This is similar to how we propagate such errors in user_stop() for all sessions associated with a user. Note that we propagate these errors, but we don't abort the function. (cherry picked from commit e6958b7ea33813b085966ac25817a957c0dad7f9)
* logind: introduce little helper that checks whether a session is readyLennart Poettering2018-10-29
| | | | (cherry picked from commit b1951bc83ffbbb92ba4de7b9cba845421c2f35b1)
* logind: use TAKE_PTR() where we canLennart Poettering2018-10-29
| | | | (cherry picked from commit 1b88ed3b7db37241323348f640f9adb61c0df47a)
* logind: prefer strjoin() over asprintf()Lennart Poettering2018-10-29
| | | | (cherry picked from commit d5ddc930150633f9ce38ed4a6dc9accfd7ceaaac)
* logind: don't rely on downgrade-to-boolLennart Poettering2018-10-29
| | | | (cherry picked from commit 709d058756da7139181355b63cfad2288eefddfe)
* logind: voidify a few callsLennart Poettering2018-10-29
| | | | (cherry picked from commit 75bbdf478c73d78bbe5bdee6f468c2e84a1844c6)
* logind: make better use of logging functionsLennart Poettering2018-10-29
| | | | (cherry picked from commit e555d12635007da7263d0a43ed7307e70a07720d)
* logind: never elect a session that is stopping as displayLennart Poettering2018-10-29
| | | | (cherry picked from commit 04857cd801022d9f9933efb484c6253572f09870)
* logind: make unit/job active checking more debuggableLennart Poettering2018-10-29
| | | | | | Let's log the error messages if we get any at debug level. (cherry picked from commit bd26aee1f6bea13fe25b3feb2a5e9cd1be522e7e)
* logind: fix bad error propagationLennart Poettering2018-10-29
| | | | (cherry picked from commit cce08496e7353e3e9903b42695aba3f9d259b90a)
* logind: correct bad clean-up pathLennart Poettering2018-10-29
| | | | (cherry picked from commit d88ffeeeefda4c3447223fd36f8e30f23c931e48)
* logind: save/restore User object's "stopping" field during restartsLennart Poettering2018-10-29
| | | | | | | Whether we are stopping or not is highly relevant, hence don't forget it across restarts. (cherry picked from commit d865bc024bf28c17120d7322a81e9a99997a59f6)
* logind: improve logging in manager_connect_console()Lennart Poettering2018-10-29
| | | | | | | | | | | | | | | | | let's make sure we log about every failure Also, complain about systems where /dev/tty0 exists but /sys/class/tty/tty0/active does not. Such systems (usually container environments) are pretty broken as they mount something that is not a VC to /dev/tty0 and they really shouldn't. Systems should either have a VC or not, but not badly fake one by mounting things wildly. This just adds a warning message, as before we'll simply turn off VC handling in this case. (cherry picked from commit 0b6d55cae9b8adc507fbea95d1b2874729a77386)
* logind: initialize Manager object with structure initialization tooLennart Poettering2018-10-29
| | | | (cherry picked from commit b25ba6cf673036e46cbaec77d3c7859ed83d3ca8)
* logind: turn of stdio locking when writing session files tooLennart Poettering2018-10-29
| | | | | | | This just copies what we already do for user and seat files to session files. (cherry picked from commit 44176400138e18d9087e0864ca97041416a90d47)
* logind: fix serialization/deserialization of user's "display session"Lennart Poettering2018-10-29
| | | | | | | | | | | Previously this was serialized as part of the user object. This didn't work however, as we load users first, and sessions seconds and hence referencing a session from the user load logic cannot work. Fix this by storing an IS_DISPLAY property along with each session, and make the session with this set display session when it is loaded. (cherry picked from commit 1c8280fd47b6561d35b15b3b6d49bdeacf891bfd)
* logind: rework Seat/Session/User object allocation and freeing a bitLennart Poettering2018-10-29
| | | | | | | | | | | | | | Let's update things a bit to follow current practices: - User structure initialization rather than zero-initialized allocation - Always propagate proper errors from allocation functions - Use _cleanup_ for freeing objects when allocation fails half-way - Make destructors return NULL (cherry picked from commit 8c29a4570993105fecc12288596d2ee77c7f82b8)
* login: avoid leak of name returned by uid_to_name()David Tardon2018-10-29
| | | | (cherry picked from commit e99742ef3e9d847da04e71fec0eb426063b25068)
* be consistent about sun_path lengthDavid Tardon2018-10-29
| | | | | | | Most places use the whole buffer for name, without leaving extra space for the trailing NUL. (cherry picked from commit f369f47c264dd56f630e91697006efd647542feb)
* shared/sleep-config: forbid hibernation if resume= is not configuredZbigniew Jędrzejewski-Szmek2018-10-29
| | | | (cherry picked from commit 5fdf2d51c244288ac41443d1bd81365fab7b7b81)
* logind: ensure seat0 CanGraphical state is writtenRay Strode2018-10-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For non-`seat0` seats, attaching a graphics card to a seat can lead to it getting created. This is because the graphics device is a "master device" which means that device is a seat-defining device. `seat0` may get created, even before the graphics driver is loaded, though. This is because the graphics driver is loaded asynchronously at startup, and `seat0` is the primary seat of system, associated with the system VTs. When a graphics card is attached to a seat the `CanGraphical` property on that seat will flip to `true`. For seats that haven't been created yet (non-`seat0` seats), this leads to `seat_start` getting called which ultimately causes the seat to get serialized to `/run/systemd/seats`. For `seat0`, which is already created, `seat_start` will return immediately, which means the updated `CanGraphical` state will never get written to `/run/systemd/seats`. The end result is that clients querying `sd_seat_can_graphical` won't get the correct answer for `seat0` in cases where the graphics device takes a long time to load until some other peice of seat state is updated. This commit fixes the problem by calling `seat_save` explicitly for already running seats at the time a graphics device is attached. (cherry picked from commit ad1bf59c67e8d05629a4db00bbbe4d4c1c37fe46)
* pam_systemd: support use in PID namespacesJürg Billeter2018-10-29
| | | | | | | Pass 0 as leader PID to CreateSession to let logind use the PID from the D-Bus credentials. This allows use of pam_systemd in PID namespaces. (cherry picked from commit da0da5eccf5f20874111e0681b111704bf9a1c92)
* user-runtime-dir: fix selinux regressionAlan Jenkins2018-10-29
| | | | | | | | | | Fix #9993. When this code was split out to user-runtime-dir, it forgot to include the call to mac_selinux_init(). So mkdir_label() stopped working. Fixes: a9f0f5e50104 ("logind: split %t directory creation to a helper unit") (cherry picked from commit 81375d802672f34205bef9f301c58854af5fc568)
* user-runtime-dir: downgrade a few log messages to LOG_DEBUG that we ignoreLennart Poettering2018-10-29
| | | | | | | | | | | As the comments already say it might be quite likely that $XDG_RUNTIME_DIR is not set up as mount, and we shouldn't complain about that. Moreover, let's make this idempotent, so that a runtime dir that is already gone and is removed again doesn't cause failure. (cherry picked from commit 3a13442bbf72e7ebdd0b4d60c2922ea7c5cc9496)
* Do not apply uaccess tag for /dev/kvm if mode is 0666Michael Biebl2018-10-29
| | | | (cherry picked from commit ace5e3111c0b8d8bfd84b32f2c689b0a4d92c061)
* login1: policy: Authorize active users to boot to firmwareCarlo Caione2018-10-29
| | | | | | | | | | Currently to set the flag to reboot into the firmware setup an authentication by an administrative user is required. Since we are already enabling active users to reboot the system, it is advisable to let the user decide if he wants to boot into the firmware setup without any more hassle. (cherry picked from commit ba9778d9b7e8c33acc0d9f41e747b1066196a201)
* login: fix typo in log messageYu Watanabe2018-10-29
| | | | | | Reported in #9590. (cherry picked from commit 948f7ce4fbbb393e3c6a12ab3fbc7023b4124e43)
* login: use parse_uid() when unmounting user runtime directoryYu Watanabe2018-10-29
| | | | | | | | | | | When unmounting user runtime directory, only UID is necessary, and the corresponding user may not exist anymore. This makes first try to parse the input by parse_uid(), and only if it fails, prase the input by get_user_creds(). Fixes #9541. (cherry picked from commit 86d18f3b09ec984ef3732567af992adb2dc77a8a)
* 238/239 : Fix session finalizationSven Eden2018-10-15
| | | | | | | | | | While migrating the v237/v238 commits, a migration error caused session_may_gc() to always return false. This caused closed sessions to stay on state "closing" forever. Bug: https://github.com/elogind/elogind/issues/82 Closes: https://github.com/elogind/elogind/issues/82 Signed-off-by: Sven Eden <sven.eden@prydeworx.com>