src/logind-session.c

   1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
   2
   3 /***
   4   This file is part of systemd.
   5
   6   Copyright 2011 Lennart Poettering
   7
   8   systemd is free software; you can redistribute it and/or modify it
   9   under the terms of the GNU General Public License as published by
  10   the Free Software Foundation; either version 2 of the License, or
  11   (at your option) any later version.
  12
  13   systemd is distributed in the hope that it will be useful, but
  14   WITHOUT ANY WARRANTY; without even the implied warranty of
  15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  16   General Public License for more details.
  17
  18   You should have received a copy of the GNU General Public License
  19   along with systemd; If not, see <http://www.gnu.org/licenses/>.
  20 ***/
  21
  22 #include <errno.h>
  23 #include <string.h>
  24 #include <unistd.h>
  25 #include <sys/epoll.h>
  26
  27 #include "logind-session.h"
  28 #include "strv.h"
  29 #include "util.h"
  30 #include "cgroup-util.h"
  31
  32 #define IDLE_THRESHOLD_USEC (5*USEC_PER_MINUTE)
  33
  34 Session* session_new(Manager *m, User *u, const char *id) {
  35         Session *s;
  36
  37         assert(m);
  38         assert(id);
  39
  40         s = new0(Session, 1);
  41         if (!s)
  42                 return NULL;
  43
  44         s->state_file = strappend("/run/systemd/sessions/", id);
  45         if (!s->state_file) {
  46                 free(s);
  47                 return NULL;
  48         }
  49
  50         s->id = file_name_from_path(s->state_file);
  51
  52         if (hashmap_put(m->sessions, s->id, s) < 0) {
  53                 free(s->id);
  54                 free(s);
  55                 return NULL;
  56         }
  57
  58         s->manager = m;
  59         s->pipe_fd = -1;
  60         s->user = u;
  61
  62         LIST_PREPEND(Session, sessions_by_user, u->sessions, s);
  63
  64         return s;
  65 }
  66
  67 void session_free(Session *s) {
  68         assert(s);
  69
  70         if (s->in_gc_queue)
  71                 LIST_REMOVE(Session, gc_queue, s->manager->session_gc_queue, s);
  72
  73         if (s->user) {
  74                 LIST_REMOVE(Session, sessions_by_user, s->user->sessions, s);
  75
  76                 if (s->user->display == s)
  77                         s->user->display = NULL;
  78         }
  79
  80         if (s->seat) {
  81                 if (s->seat->active == s)
  82                         s->seat->active = NULL;
  83
  84                 LIST_REMOVE(Session, sessions_by_seat, s->seat->sessions, s);
  85         }
  86
  87         if (s->cgroup_path)
  88                 hashmap_remove(s->manager->cgroups, s->cgroup_path);
  89
  90         free(s->cgroup_path);
  91         strv_free(s->controllers);
  92
  93         free(s->tty);
  94         free(s->display);
  95         free(s->remote_host);
  96         free(s->remote_user);
  97         free(s->service);
  98
  99         hashmap_remove(s->manager->sessions, s->id);
 100
 101         session_unset_pipe_fd(s);
 102
 103         free(s->state_file);
 104         free(s);
 105 }
 106
 107 int session_save(Session *s) {
 108         FILE *f;
 109         int r = 0;
 110         char *temp_path;
 111
 112         assert(s);
 113
 114         r = safe_mkdir("/run/systemd/sessions", 0755, 0, 0);
 115         if (r < 0)
 116                 goto finish;
 117
 118         r = fopen_temporary(s->state_file, &f, &temp_path);
 119         if (r < 0)
 120                 goto finish;
 121
 122         assert(s->user);
 123
 124         fchmod(fileno(f), 0644);
 125
 126         fprintf(f,
 127                 "# This is private data. Do not parse.\n"
 128                 "UID=%lu\n"
 129                 "USER=%s\n"
 130                 "ACTIVE=%i\n"
 131                 "REMOTE=%i\n"
 132                 "KILL_PROCESSES=%i\n",
 133                 (unsigned long) s->user->uid,
 134                 s->user->name,
 135                 session_is_active(s),
 136                 s->remote,
 137                 s->kill_processes);
 138
 139         if (s->type >= 0)
 140                 fprintf(f,
 141                         "TYPE=%s\n",
 142                         session_type_to_string(s->type));
 143
 144         if (s->cgroup_path)
 145                 fprintf(f,
 146                         "CGROUP=%s\n",
 147                         s->cgroup_path);
 148
 149         if (s->seat)
 150                 fprintf(f,
 151                         "SEAT=%s\n",
 152                         s->seat->id);
 153
 154         if (s->tty)
 155                 fprintf(f,
 156                         "TTY=%s\n",
 157                         s->tty);
 158
 159         if (s->display)
 160                 fprintf(f,
 161                         "DISPLAY=%s\n",
 162                         s->display);
 163
 164         if (s->remote_host)
 165                 fprintf(f,
 166                         "REMOTE_HOST=%s\n",
 167                         s->remote_host);
 168
 169         if (s->remote_user)
 170                 fprintf(f,
 171                         "REMOTE_USER=%s\n",
 172                         s->remote_user);
 173
 174         if (s->service)
 175                 fprintf(f,
 176                         "SERVICE=%s\n",
 177                         s->service);
 178
 179         if (s->seat && seat_is_vtconsole(s->seat))
 180                 fprintf(f,
 181                         "VTNR=%i\n",
 182                         s->vtnr);
 183
 184         if (s->leader > 0)
 185                 fprintf(f,
 186                         "LEADER=%lu\n",
 187                         (unsigned long) s->leader);
 188
 189         if (s->audit_id > 0)
 190                 fprintf(f,
 191                         "AUDIT=%llu\n",
 192                         (unsigned long long) s->audit_id);
 193
 194         fflush(f);
 195
 196         if (ferror(f) || rename(temp_path, s->state_file) < 0) {
 197                 r = -errno;
 198                 unlink(s->state_file);
 199                 unlink(temp_path);
 200         }
 201
 202         fclose(f);
 203         free(temp_path);
 204
 205 finish:
 206         if (r < 0)
 207                 log_error("Failed to save session data for %s: %s", s->id, strerror(-r));
 208
 209         return r;
 210 }
 211
 212 int session_load(Session *s) {
 213         char *remote = NULL,
 214                 *kill_processes = NULL,
 215                 *seat = NULL,
 216                 *vtnr = NULL,
 217                 *leader = NULL,
 218                 *audit_id = NULL,
 219                 *type = NULL;
 220
 221         int k, r;
 222
 223         assert(s);
 224
 225         r = parse_env_file(s->state_file, NEWLINE,
 226                            "REMOTE",         &remote,
 227                            "KILL_PROCESSES", &kill_processes,
 228                            "CGROUP",         &s->cgroup_path,
 229                            "SEAT",           &seat,
 230                            "TTY",            &s->tty,
 231                            "DISPLAY",        &s->display,
 232                            "REMOTE_HOST",    &s->remote_host,
 233                            "REMOTE_USER",    &s->remote_user,
 234                            "SERVICE",        &s->service,
 235                            "VTNR",           &vtnr,
 236                            "LEADER",         &leader,
 237                            "TYPE",           &type,
 238                            NULL);
 239
 240         if (r < 0)
 241                 goto finish;
 242
 243         if (remote) {
 244                 k = parse_boolean(remote);
 245                 if (k >= 0)
 246                         s->remote = k;
 247         }
 248
 249         if (kill_processes) {
 250                 k = parse_boolean(kill_processes);
 251                 if (k >= 0)
 252                         s->kill_processes = k;
 253         }
 254
 255         if (seat && !s->seat) {
 256                 Seat *o;
 257
 258                 o = hashmap_get(s->manager->seats, seat);
 259                 if (o)
 260                         seat_attach_session(o, s);
 261         }
 262
 263         if (vtnr && s->seat && seat_is_vtconsole(s->seat)) {
 264                 int v;
 265
 266                 k = safe_atoi(vtnr, &v);
 267                 if (k >= 0 && v >= 1)
 268                         s->vtnr = v;
 269         }
 270
 271         if (leader) {
 272                 pid_t pid;
 273
 274                 k = parse_pid(leader, &pid);
 275                 if (k >= 0 && pid >= 1) {
 276                         s->leader = pid;
 277
 278                         audit_session_from_pid(pid, &s->audit_id);
 279                 }
 280         }
 281
 282         if (type) {
 283                 SessionType t;
 284
 285                 t = session_type_from_string(type);
 286                 if (t >= 0)
 287                         s->type = t;
 288         }
 289
 290 finish:
 291         free(remote);
 292         free(kill_processes);
 293         free(seat);
 294         free(vtnr);
 295         free(leader);
 296         free(audit_id);
 297
 298         return r;
 299 }
 300
 301 int session_activate(Session *s) {
 302         int r;
 303         Session *old_active;
 304
 305         assert(s);
 306
 307         if (s->vtnr < 0)
 308                 return -ENOTSUP;
 309
 310         if (!s->seat)
 311                 return -ENOTSUP;
 312
 313         if (s->seat->active == s)
 314                 return 0;
 315
 316         assert(seat_is_vtconsole(s->seat));
 317
 318         r = chvt(s->vtnr);
 319         if (r < 0)
 320                 return r;
 321
 322         old_active = s->seat->active;
 323         s->seat->active = s;
 324
 325         return seat_apply_acls(s->seat, old_active);
 326 }
 327
 328
 329 static int session_link_x11_socket(Session *s) {
 330         char *t, *f, *c;
 331         size_t k;
 332
 333         assert(s);
 334         assert(s->user);
 335         assert(s->user->runtime_path);
 336
 337         if (s->user->display)
 338                 return 0;
 339
 340         if (!s->display || !display_is_local(s->display))
 341                 return 0;
 342
 343         k = strspn(s->display+1, "0123456789");
 344         f = new(char, sizeof("/tmp/.X11-unix/X") + k);
 345         if (!f) {
 346                 log_error("Out of memory");
 347                 return -ENOMEM;
 348         }
 349
 350         c = stpcpy(f, "/tmp/.X11-unix/X");
 351         memcpy(c, s->display+1, k);
 352         c[k] = 0;
 353
 354         if (access(f, F_OK) < 0) {
 355                 log_warning("Session %s has display %s with nonexisting socket %s.", s->id, s->display, f);
 356                 free(f);
 357                 return -ENOENT;
 358         }
 359
 360         t = strappend(s->user->runtime_path, "/display");
 361         if (!t) {
 362                 log_error("Out of memory");
 363                 free(f);
 364                 return -ENOMEM;
 365         }
 366
 367         if (link(f, t) < 0) {
 368                 if (errno == EEXIST) {
 369                         unlink(t);
 370
 371                         if (link(f, t) >= 0)
 372                                 goto done;
 373                 }
 374
 375                 if (symlink(f, t) < 0) {
 376
 377                         if (errno == EEXIST) {
 378                                 unlink(t);
 379
 380                                 if (symlink(f, t) >= 0)
 381                                         goto done;
 382                         }
 383
 384                         log_error("Failed to link %s to %s: %m", f, t);
 385                         free(f);
 386                         free(t);
 387                         return -errno;
 388                 }
 389         }
 390
 391 done:
 392         log_info("Linked %s to %s.", f, t);
 393         free(f);
 394         free(t);
 395
 396         s->user->display = s;
 397
 398         return 0;
 399 }
 400
 401 static int session_create_one_group(Session *s, const char *controller, const char *path) {
 402         int r;
 403
 404         assert(s);
 405         assert(controller);
 406         assert(path);
 407
 408         if (s->leader > 0)
 409                 r = cg_create_and_attach(controller, path, s->leader);
 410         else
 411                 r = cg_create(controller, path);
 412
 413         if (r < 0)
 414                 return r;
 415
 416         r = cg_set_task_access(controller, path, 0644, s->user->uid, s->user->gid);
 417         if (r >= 0)
 418                 r = cg_set_group_access(controller, path, 0755, s->user->uid, s->user->gid);
 419
 420         return r;
 421 }
 422
 423 static int session_create_cgroup(Session *s) {
 424         char **k;
 425         char *p;
 426         int r;
 427
 428         assert(s);
 429         assert(s->user);
 430         assert(s->user->cgroup_path);
 431
 432         if (!s->cgroup_path) {
 433                 if (asprintf(&p, "%s/%s", s->user->cgroup_path, s->id) < 0) {
 434                         log_error("Out of memory");
 435                         return -ENOMEM;
 436                 }
 437         } else
 438                 p = s->cgroup_path;
 439
 440         r = session_create_one_group(s, SYSTEMD_CGROUP_CONTROLLER, p);
 441         if (r < 0) {
 442                 log_error("Failed to create "SYSTEMD_CGROUP_CONTROLLER":%s: %s", p, strerror(-r));
 443                 free(p);
 444                 s->cgroup_path = NULL;
 445                 return r;
 446         }
 447
 448         s->cgroup_path = p;
 449
 450         STRV_FOREACH(k, s->controllers) {
 451
 452                 if (strv_contains(s->reset_controllers, *k))
 453                         continue;
 454
 455                 r = session_create_one_group(s, *k, p);
 456                 if (r < 0)
 457                         log_warning("Failed to create %s:%s: %s", *k, p, strerror(-r));
 458         }
 459
 460         STRV_FOREACH(k, s->manager->controllers) {
 461
 462                 if (strv_contains(s->reset_controllers, *k) ||
 463                     strv_contains(s->controllers, *k))
 464                         continue;
 465
 466                 r = session_create_one_group(s, *k, p);
 467                 if (r < 0)
 468                         log_warning("Failed to create %s:%s: %s", *k, p, strerror(-r));
 469         }
 470
 471         if (s->leader > 0) {
 472
 473                 STRV_FOREACH(k, s->reset_controllers) {
 474                         r = cg_attach(*k, "/", s->leader);
 475                         if (r < 0)
 476                                 log_warning("Failed to reset controller %s: %s", *k, strerror(-r));
 477
 478                 }
 479         }
 480
 481         hashmap_put(s->manager->cgroups, s->cgroup_path, s);
 482
 483         return 0;
 484 }
 485
 486 int session_start(Session *s) {
 487         int r;
 488
 489         assert(s);
 490         assert(s->user);
 491
 492         if (s->started)
 493                 return 0;
 494
 495         r = user_start(s->user);
 496         if (r < 0)
 497                 return r;
 498
 499         log_info("New session %s of user %s.", s->id, s->user->name);
 500
 501         /* Create cgroup */
 502         r = session_create_cgroup(s);
 503         if (r < 0)
 504                 return r;
 505
 506         /* Create X11 symlink */
 507         session_link_x11_socket(s);
 508
 509         /* Save session data */
 510         session_save(s);
 511
 512         dual_timestamp_get(&s->timestamp);
 513
 514         s->started = true;
 515
 516         session_send_signal(s, true);
 517
 518         if (s->seat) {
 519                 if (s->seat->active == s)
 520                         seat_send_changed(s->seat, "Sessions\0ActiveSession\0");
 521                 else
 522                         seat_send_changed(s->seat, "Sessions\0");
 523         }
 524
 525         user_send_changed(s->user, "Sessions\0");
 526
 527         return 0;
 528 }
 529
 530 static bool session_shall_kill(Session *s) {
 531         assert(s);
 532
 533         if (!s->kill_processes)
 534                 return false;
 535
 536         if (strv_contains(s->manager->kill_exclude_users, s->user->name))
 537                 return false;
 538
 539         if (strv_isempty(s->manager->kill_only_users))
 540                 return true;
 541
 542         return strv_contains(s->manager->kill_only_users, s->user->name);
 543 }
 544
 545 static int session_kill_cgroup(Session *s) {
 546         int r;
 547         char **k;
 548
 549         assert(s);
 550
 551         if (!s->cgroup_path)
 552                 return 0;
 553
 554         cg_trim(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, false);
 555
 556         if (session_shall_kill(s)) {
 557
 558                 r = cg_kill_recursive_and_wait(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, true);
 559                 if (r < 0)
 560                         log_error("Failed to kill session cgroup: %s", strerror(-r));
 561
 562         } else {
 563                 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, true);
 564                 if (r < 0)
 565                         log_error("Failed to check session cgroup: %s", strerror(-r));
 566                 else if (r > 0) {
 567                         r = cg_delete(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path);
 568                         if (r < 0)
 569                                 log_error("Failed to delete session cgroup: %s", strerror(-r));
 570                 } else
 571                         r = -EBUSY;
 572         }
 573
 574         STRV_FOREACH(k, s->user->manager->controllers)
 575                 cg_trim(*k, s->cgroup_path, true);
 576
 577         hashmap_remove(s->manager->cgroups, s->cgroup_path);
 578
 579         free(s->cgroup_path);
 580         s->cgroup_path = NULL;
 581
 582         return r;
 583 }
 584
 585 static int session_unlink_x11_socket(Session *s) {
 586         char *t;
 587         int r;
 588
 589         assert(s);
 590         assert(s->user);
 591
 592         if (s->user->display != s)
 593                 return 0;
 594
 595         s->user->display = NULL;
 596
 597         t = strappend(s->user->runtime_path, "/display");
 598         if (!t) {
 599                 log_error("Out of memory");
 600                 return -ENOMEM;
 601         }
 602
 603         r = unlink(t);
 604         free(t);
 605
 606         return r < 0 ? -errno : 0;
 607 }
 608
 609 int session_stop(Session *s) {
 610         int r = 0, k;
 611
 612         assert(s);
 613
 614         if (s->started)
 615                 log_info("Removed session %s.", s->id);
 616
 617         /* Kill cgroup */
 618         k = session_kill_cgroup(s);
 619         if (k < 0)
 620                 r = k;
 621
 622         /* Remove X11 symlink */
 623         session_unlink_x11_socket(s);
 624
 625         unlink(s->state_file);
 626         session_add_to_gc_queue(s);
 627         user_add_to_gc_queue(s->user);
 628
 629         if (s->started)
 630                 session_send_signal(s, false);
 631
 632         if (s->seat) {
 633                 if (s->seat->active == s)
 634                         seat_set_active(s->seat, NULL);
 635
 636                 seat_send_changed(s->seat, "Sessions\0");
 637         }
 638
 639         user_send_changed(s->user, "Sessions\0");
 640
 641         s->started = false;
 642
 643         return r;
 644 }
 645
 646 bool session_is_active(Session *s) {
 647         assert(s);
 648
 649         if (!s->seat)
 650                 return true;
 651
 652         return s->seat->active == s;
 653 }
 654
 655 int session_get_idle_hint(Session *s, dual_timestamp *t) {
 656         char *p;
 657         struct stat st;
 658         usec_t u, n;
 659         bool b;
 660         int k;
 661
 662         assert(s);
 663
 664         if (s->idle_hint) {
 665                 if (t)
 666                         *t = s->idle_hint_timestamp;
 667
 668                 return s->idle_hint;
 669         }
 670
 671         if (isempty(s->tty))
 672                 goto dont_know;
 673
 674         if (s->tty[0] != '/') {
 675                 p = strappend("/dev/", s->tty);
 676                 if (!p)
 677                         return -ENOMEM;
 678         } else
 679                 p = NULL;
 680
 681         if (!startswith(p ? p : s->tty, "/dev/")) {
 682                 free(p);
 683                 goto dont_know;
 684         }
 685
 686         k = lstat(p ? p : s->tty, &st);
 687         free(p);
 688
 689         if (k < 0)
 690                 goto dont_know;
 691
 692         u = timespec_load(&st.st_atim);
 693         n = now(CLOCK_REALTIME);
 694         b = u + IDLE_THRESHOLD_USEC < n;
 695
 696         if (t)
 697                 dual_timestamp_from_realtime(t, u + b ? IDLE_THRESHOLD_USEC : 0);
 698
 699         return b;
 700
 701 dont_know:
 702         if (t)
 703                 *t = s->idle_hint_timestamp;
 704
 705         return 0;
 706 }
 707
 708 void session_set_idle_hint(Session *s, bool b) {
 709         assert(s);
 710
 711         if (s->idle_hint == b)
 712                 return;
 713
 714         s->idle_hint = b;
 715         dual_timestamp_get(&s->idle_hint_timestamp);
 716
 717         session_send_changed(s,
 718                              "IdleHint\0"
 719                              "IdleSinceHint\0"
 720                              "IdleSinceHintMonotonic\0");
 721
 722         if (s->seat)
 723                 seat_send_changed(s->seat,
 724                                   "IdleHint\0"
 725                                   "IdleSinceHint\0"
 726                                   "IdleSinceHintMonotonic\0");
 727
 728         user_send_changed(s->user,
 729                           "IdleHint\0"
 730                           "IdleSinceHint\0"
 731                           "IdleSinceHintMonotonic\0");
 732
 733         manager_send_changed(s->manager,
 734                              "IdleHint\0"
 735                              "IdleSinceHint\0"
 736                              "IdleSinceHintMonotonic\0");
 737 }
 738
 739 int session_set_pipe_fd(Session *s, int fd) {
 740         struct epoll_event ev;
 741         int r;
 742
 743         assert(s);
 744         assert(fd >= 0);
 745         assert(s->pipe_fd < 0);
 746
 747         r = hashmap_put(s->manager->pipe_fds, INT_TO_PTR(fd + 1), s);
 748         if (r < 0)
 749                 return r;
 750
 751         zero(ev);
 752         ev.events = 0;
 753         ev.data.u32 = FD_PIPE_BASE + fd;
 754
 755         if (epoll_ctl(s->manager->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
 756                 assert_se(hashmap_remove(s->manager->pipe_fds, INT_TO_PTR(fd + 1)) == s);
 757                 return -errno;
 758         }
 759
 760         s->pipe_fd = fd;
 761         return 0;
 762 }
 763
 764 void session_unset_pipe_fd(Session *s) {
 765         assert(s);
 766
 767         if (s->pipe_fd < 0)
 768                 return;
 769
 770         assert_se(hashmap_remove(s->manager->pipe_fds, INT_TO_PTR(s->pipe_fd + 1)) == s);
 771
 772         assert_se(epoll_ctl(s->manager->epoll_fd, EPOLL_CTL_DEL, s->pipe_fd, NULL) == 0);
 773
 774         close_nointr_nofail(s->pipe_fd);
 775         s->pipe_fd = -1;
 776 }
 777
 778 int session_check_gc(Session *s) {
 779         int r;
 780
 781         assert(s);
 782
 783         if (s->pipe_fd >= 0) {
 784
 785                 r = pipe_eof(s->pipe_fd);
 786                 if (r < 0)
 787                         return r;
 788
 789                 if (r == 0)
 790                         return 1;
 791         }
 792
 793         if (s->cgroup_path) {
 794
 795                 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, false);
 796                 if (r < 0)
 797                         return r;
 798
 799                 if (r <= 0)
 800                         return 1;
 801         }
 802
 803         return 0;
 804 }
 805
 806 void session_add_to_gc_queue(Session *s) {
 807         assert(s);
 808
 809         if (s->in_gc_queue)
 810                 return;
 811
 812         LIST_PREPEND(Session, gc_queue, s->manager->session_gc_queue, s);
 813         s->in_gc_queue = true;
 814 }
 815
 816 static const char* const session_type_table[_SESSION_TYPE_MAX] = {
 817         [SESSION_TTY] = "tty",
 818         [SESSION_X11] = "x11",
 819         [SESSION_UNSPECIFIED] = "unspecified"
 820 };
 821
 822 DEFINE_STRING_TABLE_LOOKUP(session_type, SessionType);