X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Flogin%2Flogind-session.c;h=84e199f6a27f6644c68f2514d2d25a9f60c5c290;hp=a72b13ee0363c3826836706c36c4f4dd64439c00;hb=5d3c70eec7861aa623adeac659ac4a6f890557d2;hpb=c506027af881a9e4210845a7a8a6ec5910aa0f3b diff --git a/src/login/logind-session.c b/src/login/logind-session.c index a72b13ee0..84e199f6a 100644 --- a/src/login/logind-session.c +++ b/src/login/logind-session.c @@ -1,5 +1,3 @@ -/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ - /*** This file is part of systemd. @@ -21,39 +19,36 @@ #include #include -#include #include +#include #include #include #include #include -#include "sd-id128.h" #include "sd-messages.h" -#include "strv.h" -#include "util.h" -#include "mkdir.h" -#include "path-util.h" -#include "fileio.h" -#include "audit.h" -#include "bus-util.h" + +#include "alloc-util.h" +#include "audit-util.h" #include "bus-error.h" +#include "bus-util.h" +#include "escape.h" +#include "fd-util.h" +#include "fileio.h" +#include "formats-util.h" +#include "io-util.h" #include "logind-session.h" +#include "mkdir.h" +#include "parse-util.h" +#include "path-util.h" +#include "string-table.h" +#include "terminal-util.h" +#include "user-util.h" +#include "util.h" -static unsigned devt_hash_func(const void *p) { - uint64_t u = *(const dev_t*)p; - - return uint64_hash_func(&u); -} - -static int devt_compare_func(const void *_a, const void *_b) { - dev_t a, b; - - a = *(const dev_t*) _a; - b = *(const dev_t*) _b; +#define RELEASE_USEC (20*USEC_PER_SEC) - return a < b ? -1 : (a > b ? 1 : 0); -} +static void session_remove_fifo(Session *s); Session* session_new(Manager *m, const char *id) { Session *s; @@ -72,14 +67,14 @@ Session* session_new(Manager *m, const char *id) { return NULL; } - s->devices = hashmap_new(devt_hash_func, devt_compare_func); + s->devices = hashmap_new(&devt_hash_ops); if (!s->devices) { free(s->state_file); free(s); return NULL; } - s->id = path_get_file_name(s->state_file); + s->id = basename(s->state_file); if (hashmap_put(m->sessions, s->id, s) < 0) { hashmap_free(s->devices); @@ -103,6 +98,8 @@ void session_free(Session *s) { if (s->in_gc_queue) LIST_REMOVE(gc_queue, s->manager->session_gc_queue, s); + s->timer_event_source = sd_event_source_unref(s->timer_event_source); + session_remove_fifo(s); session_drop_controller(s); @@ -125,6 +122,7 @@ void session_free(Session *s) { if (s->seat->pending_switch == s) s->seat->pending_switch = NULL; + seat_evict_position(s->seat, s); LIST_REMOVE(sessions_by_seat, s->seat->sessions, s); } @@ -133,7 +131,9 @@ void session_free(Session *s) { free(s->scope); } +#if 0 /// elogind does not support systemd scope_jobs free(s->scope_job); +#endif // 0 sd_bus_message_unref(s->create_message); @@ -142,6 +142,7 @@ void session_free(Session *s) { free(s->remote_host); free(s->remote_user); free(s->service); + free(s->desktop); hashmap_remove(s->manager->sessions, s->id); @@ -172,11 +173,11 @@ int session_save(Session *s) { r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0); if (r < 0) - goto finish; + goto fail; r = fopen_temporary(s->state_file, &f, &temp_path); if (r < 0) - goto finish; + goto fail; assert(s->user); @@ -184,12 +185,12 @@ int session_save(Session *s) { fprintf(f, "# This is private data. Do not parse.\n" - "UID=%lu\n" + "UID="UID_FMT"\n" "USER=%s\n" "ACTIVE=%i\n" "STATE=%s\n" "REMOTE=%i\n", - (unsigned long) s->user->uid, + s->user->uid, s->user->name, session_is_active(s), session_state_to_string(session_get_state(s)), @@ -203,9 +204,10 @@ int session_save(Session *s) { if (s->scope) fprintf(f, "SCOPE=%s\n", s->scope); - +#if 0 /// elogind does not support systemd scope_jobs if (s->scope_job) fprintf(f, "SCOPE_JOB=%s\n", s->scope_job); +#endif // 0 if (s->fifo_path) fprintf(f, "FIFO=%s\n", s->fifo_path); @@ -219,53 +221,104 @@ int session_save(Session *s) { if (s->display) fprintf(f, "DISPLAY=%s\n", s->display); - if (s->remote_host) - fprintf(f, "REMOTE_HOST=%s\n", s->remote_host); + if (s->remote_host) { + _cleanup_free_ char *escaped; + + escaped = cescape(s->remote_host); + if (!escaped) { + r = -ENOMEM; + goto fail; + } + + fprintf(f, "REMOTE_HOST=%s\n", escaped); + } + + if (s->remote_user) { + _cleanup_free_ char *escaped; - if (s->remote_user) - fprintf(f, "REMOTE_USER=%s\n", s->remote_user); + escaped = cescape(s->remote_user); + if (!escaped) { + r = -ENOMEM; + goto fail; + } + + fprintf(f, "REMOTE_USER=%s\n", escaped); + } + + if (s->service) { + _cleanup_free_ char *escaped; + + escaped = cescape(s->service); + if (!escaped) { + r = -ENOMEM; + goto fail; + } + + fprintf(f, "SERVICE=%s\n", escaped); + } - if (s->service) - fprintf(f, "SERVICE=%s\n", s->service); + if (s->desktop) { + _cleanup_free_ char *escaped; + + + escaped = cescape(s->desktop); + if (!escaped) { + r = -ENOMEM; + goto fail; + } + + fprintf(f, "DESKTOP=%s\n", escaped); + } if (s->seat && seat_has_vts(s->seat)) fprintf(f, "VTNR=%u\n", s->vtnr); + if (!s->vtnr) + fprintf(f, "POSITION=%u\n", s->position); + if (s->leader > 0) - fprintf(f, "LEADER=%lu\n", (unsigned long) s->leader); + fprintf(f, "LEADER="PID_FMT"\n", s->leader); if (s->audit_id > 0) fprintf(f, "AUDIT=%"PRIu32"\n", s->audit_id); if (dual_timestamp_is_set(&s->timestamp)) fprintf(f, - "REALTIME=%llu\n" - "MONOTONIC=%llu\n", - (unsigned long long) s->timestamp.realtime, - (unsigned long long) s->timestamp.monotonic); + "REALTIME="USEC_FMT"\n" + "MONOTONIC="USEC_FMT"\n", + s->timestamp.realtime, + s->timestamp.monotonic); if (s->controller) fprintf(f, "CONTROLLER=%s\n", s->controller); - fflush(f); + r = fflush_and_check(f); + if (r < 0) + goto fail; - if (ferror(f) || rename(temp_path, s->state_file) < 0) { + if (rename(temp_path, s->state_file) < 0) { r = -errno; - unlink(s->state_file); - unlink(temp_path); + goto fail; } -finish: - if (r < 0) - log_error("Failed to save session data for %s: %s", s->id, strerror(-r)); + return 0; - return r; +fail: + (void) unlink(s->state_file); + + if (temp_path) + (void) unlink(temp_path); + + return log_error_errno(r, "Failed to save session data %s: %m", s->state_file); } + int session_load(Session *s) { _cleanup_free_ char *remote = NULL, *seat = NULL, *vtnr = NULL, + *state = NULL, + *position = NULL, *leader = NULL, *type = NULL, *class = NULL, @@ -281,7 +334,9 @@ int session_load(Session *s) { r = parse_env_file(s->state_file, NEWLINE, "REMOTE", &remote, "SCOPE", &s->scope, +#if 0 /// elogind does not support systemd scope_jobs "SCOPE_JOB", &s->scope_job, +#endif // 0 "FIFO", &s->fifo_path, "SEAT", &seat, "TTY", &s->tty, @@ -289,7 +344,10 @@ int session_load(Session *s) { "REMOTE_HOST", &s->remote_host, "REMOTE_USER", &s->remote_user, "SERVICE", &s->service, + "DESKTOP", &s->desktop, "VTNR", &vtnr, + "STATE", &state, + "POSITION", &position, "LEADER", &leader, "TYPE", &type, "CLASS", &class, @@ -299,10 +357,8 @@ int session_load(Session *s) { "CONTROLLER", &controller, NULL); - if (r < 0) { - log_error("Failed to read %s: %s", s->state_file, strerror(-r)); - return r; - } + if (r < 0) + return log_error_errno(r, "Failed to read %s: %m", s->state_file); if (!s->user) { uid_t u; @@ -319,7 +375,7 @@ int session_load(Session *s) { return r; } - user = hashmap_get(s->manager->users, ULONG_TO_PTR((unsigned long) u)); + user = hashmap_get(s->manager->users, UID_TO_PTR(u)); if (!user) { log_error("User of session %s not known.", s->id); return -ENOENT; @@ -350,6 +406,13 @@ int session_load(Session *s) { if (!s->seat || !seat_has_vts(s->seat)) s->vtnr = 0; + if (position && s->seat) { + unsigned int npos; + + safe_atou(position, &npos); + seat_claim_position(s->seat, s, npos); + } + if (leader) { k = parse_pid(leader, &s->leader); if (k >= 0) @@ -372,30 +435,27 @@ int session_load(Session *s) { s->class = c; } + if (state && streq(state, "closing")) + s->stopping = true; + if (s->fifo_path) { int fd; /* If we open an unopened pipe for reading we will not get an EOF. to trigger an EOF we hence open it for - reading, but close it right-away which then will - trigger the EOF. */ + writing, but close it right away which then will + trigger the EOF. This will happen immediately if no + other process has the FIFO open for writing, i. e. + when the session died before logind (re)started. */ fd = session_create_fifo(s); - if (fd >= 0) - close_nointr_nofail(fd); - } - - if (realtime) { - unsigned long long l; - if (sscanf(realtime, "%llu", &l) > 0) - s->timestamp.realtime = l; + safe_close(fd); } - if (monotonic) { - unsigned long long l; - if (sscanf(monotonic, "%llu", &l) > 0) - s->timestamp.monotonic = l; - } + if (realtime) + timestamp_deserialize(realtime, &s->timestamp.realtime); + if (monotonic) + timestamp_deserialize(monotonic, &s->timestamp.monotonic); if (controller) { if (bus_name_has_owner(s->manager->bus, controller, NULL) > 0) @@ -414,7 +474,7 @@ int session_activate(Session *s) { assert(s->user); if (!s->seat) - return -ENOTSUP; + return -EOPNOTSUPP; if (s->seat->active == s) return 0; @@ -422,7 +482,7 @@ int session_activate(Session *s) { /* on seats with VTs, we let VTs manage session-switching */ if (seat_has_vts(s->seat)) { if (!s->vtnr) - return -ENOTSUP; + return -EOPNOTSUPP; return chvt(s->vtnr); } @@ -444,99 +504,37 @@ int session_activate(Session *s) { return 0; } -static int session_link_x11_socket(Session *s) { - _cleanup_free_ char *t = NULL, *f = NULL; - char *c; - size_t k; - - assert(s); - assert(s->user); - assert(s->user->runtime_path); - - if (s->user->display) - return 0; - - if (!s->display || !display_is_local(s->display)) - return 0; - - k = strspn(s->display+1, "0123456789"); - f = new(char, sizeof("/tmp/.X11-unix/X") + k); - if (!f) - return log_oom(); - - c = stpcpy(f, "/tmp/.X11-unix/X"); - memcpy(c, s->display+1, k); - c[k] = 0; - - if (access(f, F_OK) < 0) { - log_warning("Session %s has display %s with non-existing socket %s.", s->id, s->display, f); - return -ENOENT; - } - - /* Note that this cannot be in a subdir to avoid - * vulnerabilities since we are privileged but the runtime - * path is owned by the user */ - - t = strappend(s->user->runtime_path, "/X11-display"); - if (!t) - return log_oom(); - - if (link(f, t) < 0) { - if (errno == EEXIST) { - unlink(t); - - if (link(f, t) >= 0) - goto done; - } - - if (symlink(f, t) < 0) { - - if (errno == EEXIST) { - unlink(t); - - if (symlink(f, t) >= 0) - goto done; - } - - log_error("Failed to link %s to %s: %m", f, t); - return -errno; - } - } - -done: - log_info("Linked %s to %s.", f, t); - s->user->display = s; - - return 0; -} - +#if 0 /// UNNEEDED by elogind static int session_start_scope(Session *s) { int r; assert(s); assert(s->user); - assert(s->user->slice); if (!s->scope) { - _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; - _cleanup_free_ char *description = NULL; - const char *kill_mode; - char *scope, *job; - - description = strjoin("Session ", s->id, " of user ", s->user->name, NULL); - if (!description) - return log_oom(); + _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; + char *scope, *job = NULL; + const char *description; scope = strjoin("session-", s->id, ".scope", NULL); if (!scope) return log_oom(); - kill_mode = manager_shall_kill(s->manager, s->user->name) ? "control-group" : "none"; - - r = manager_start_scope(s->manager, scope, s->leader, s->user->slice, description, "systemd-user-sessions.service", kill_mode, &error, &job); + description = strjoina("Session ", s->id, " of user ", s->user->name); + + r = manager_start_scope( + s->manager, + scope, + s->leader, + s->user->slice, + description, + "systemd-logind.service", + "systemd-user-sessions.service", + (uint64_t) -1, /* disable TasksMax= for the scope, rely on the slice setting for it */ + &error, + &job); if (r < 0) { - log_error("Failed to start session scope %s: %s %s", - scope, bus_error_message(&error, r), error.name); + log_error_errno(r, "Failed to start session scope %s: %s", scope, bus_error_message(&error, r)); free(scope); return r; } else { @@ -548,10 +546,30 @@ static int session_start_scope(Session *s) { } if (s->scope) - hashmap_put(s->manager->session_units, s->scope, s); + (void) hashmap_put(s->manager->session_units, s->scope, s); + + return 0; +} +#else +static int session_start_cgroup(Session *s) { + int r; + + assert(s); + assert(s->user); + assert(s->leader > 0); + + /* First, create our own group */ + r = cg_create(SYSTEMD_CGROUP_CONTROLLER, s->id); + if (r < 0) + return log_error_errno(r, "Failed to create cgroup %s: %m", s->id); + + r = cg_attach(SYSTEMD_CGROUP_CONTROLLER, s->id, s->leader); + if (r < 0) + log_warning_errno(r, "Failed to attach PID %d to cgroup %s: %m", s->leader, s->id); return 0; } +#endif // 0 int session_start(Session *s) { int r; @@ -569,21 +587,22 @@ int session_start(Session *s) { return r; /* Create cgroup */ +#if 0 /// elogind does its own session management r = session_start_scope(s); +#else + r = session_start_cgroup(s); +#endif // 0 if (r < 0) return r; - log_struct(s->type == SESSION_TTY || s->type == SESSION_X11 ? LOG_INFO : LOG_DEBUG, - MESSAGE_ID(SD_MESSAGE_SESSION_START), + log_struct(s->class == SESSION_BACKGROUND ? LOG_DEBUG : LOG_INFO, + LOG_MESSAGE_ID(SD_MESSAGE_SESSION_START), "SESSION_ID=%s", s->id, "USER_ID=%s", s->user->name, - "LEADER=%lu", (unsigned long) s->leader, - "MESSAGE=New session %s of user %s.", s->id, s->user->name, + "LEADER="PID_FMT, s->leader, + LOG_MESSAGE("New session %s of user %s.", s->id, s->user->name), NULL); - /* Create X11 symlink */ - session_link_x11_socket(s); - if (!dual_timestamp_is_set(&s->timestamp)) dual_timestamp_get(&s->timestamp); @@ -592,29 +611,30 @@ int session_start(Session *s) { s->started = true; - /* Save session data */ + user_elect_display(s->user); + + /* Save data */ session_save(s); user_save(s->user); + if (s->seat) + seat_save(s->seat); + /* Send signals */ session_send_signal(s, true); - + user_send_changed(s->user, "Sessions", "Display", NULL); if (s->seat) { - seat_save(s->seat); - if (s->seat->active == s) seat_send_changed(s->seat, "Sessions", "ActiveSession", NULL); else seat_send_changed(s->seat, "Sessions", NULL); } - user_send_changed(s->user, "Sessions", NULL); - return 0; } -static int session_stop_scope(Session *s) { - _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; - char *job; +#if 0 /// UNNEEDED by elogind +static int session_stop_scope(Session *s, bool force) { + _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; int r; assert(s); @@ -622,39 +642,46 @@ static int session_stop_scope(Session *s) { if (!s->scope) return 0; - r = manager_stop_unit(s->manager, s->scope, &error, &job); - if (r < 0) { - log_error("Failed to stop session scope: %s", bus_error_message(&error, r)); - return r; - } + /* Let's always abandon the scope first. This tells systemd that we are not interested anymore, and everything + * that is left in the scope is "left-over". Informing systemd about this has the benefit that it will log + * when killing any processes left after this point. */ + r = manager_abandon_scope(s->manager, s->scope, &error); + if (r < 0) + log_warning_errno(r, "Failed to abandon session scope, ignoring: %s", bus_error_message(&error, r)); - free(s->scope_job); - s->scope_job = job; + /* Optionally, let's kill everything that's left now. */ + if (force || manager_shall_kill(s->manager, s->user->name)) { + char *job = NULL; + + r = manager_stop_unit(s->manager, s->scope, &error, &job); + if (r < 0) + return log_error_errno(r, "Failed to stop session scope: %s", bus_error_message(&error, r)); + + free(s->scope_job); + s->scope_job = job; + } else + s->scope_job = mfree(s->scope_job); return 0; } - -static int session_unlink_x11_socket(Session *s) { - _cleanup_free_ char *t = NULL; +#else +static int session_stop_cgroup(Session *s, bool force) { + _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; int r; assert(s); - assert(s->user); - - if (s->user->display != s) - return 0; - - s->user->display = NULL; - t = strappend(s->user->runtime_path, "/X11-display"); - if (!t) - return log_oom(); + if (force || manager_shall_kill(s->manager, s->user->name)) { + r = session_kill(s, KILL_ALL, SIGTERM); + if (r < 0) + return r; + } - r = unlink(t); - return r < 0 ? -errno : 0; + return 0; } +#endif // 0 -int session_stop(Session *s) { +int session_stop(Session *s, bool force) { int r; assert(s); @@ -662,8 +689,24 @@ int session_stop(Session *s) { if (!s->user) return -ESTALE; + s->timer_event_source = sd_event_source_unref(s->timer_event_source); + + if (s->seat) + seat_evict_position(s->seat, s); + + /* We are going down, don't care about FIFOs anymore */ + session_remove_fifo(s); + /* Kill cgroup */ - r = session_stop_scope(s); +#if 0 /// elogind does not start scopes, but sessions + r = session_stop_scope(s, force); +#else + r = session_stop_cgroup(s, force); +#endif // 0 + + s->stopping = true; + + user_elect_display(s->user); session_save(s); user_save(s->user); @@ -672,7 +715,6 @@ int session_stop(Session *s) { } int session_finalize(Session *s) { - int r = 0; SessionDevice *sd; assert(s); @@ -681,22 +723,24 @@ int session_finalize(Session *s) { return -ESTALE; if (s->started) - log_struct(s->type == SESSION_TTY || s->type == SESSION_X11 ? LOG_INFO : LOG_DEBUG, - MESSAGE_ID(SD_MESSAGE_SESSION_STOP), + log_struct(s->class == SESSION_BACKGROUND ? LOG_DEBUG : LOG_INFO, + LOG_MESSAGE_ID(SD_MESSAGE_SESSION_STOP), "SESSION_ID=%s", s->id, "USER_ID=%s", s->user->name, - "LEADER=%lu", (unsigned long) s->leader, - "MESSAGE=Removed session %s.", s->id, + "LEADER="PID_FMT, s->leader, + LOG_MESSAGE("Removed session %s.", s->id), NULL); + s->timer_event_source = sd_event_source_unref(s->timer_event_source); + + if (s->seat) + seat_evict_position(s->seat, s); + /* Kill session devices */ while ((sd = hashmap_first(s->devices))) session_device_free(sd); - /* Remove X11 symlink */ - session_unlink_x11_socket(s); - - unlink(s->state_file); + (void) unlink(s->state_file); session_add_to_gc_queue(s); user_add_to_gc_queue(s->user); @@ -709,14 +753,49 @@ int session_finalize(Session *s) { if (s->seat->active == s) seat_set_active(s->seat, NULL); - seat_send_changed(s->seat, "Sessions", NULL); seat_save(s->seat); + seat_send_changed(s->seat, "Sessions", NULL); } - user_send_changed(s->user, "Sessions", NULL); user_save(s->user); + user_send_changed(s->user, "Sessions", "Display", NULL); - return r; + return 0; +} + +#if 0 /// UNNEEDED by elogind +static int release_timeout_callback(sd_event_source *es, uint64_t usec, void *userdata) { + Session *s = userdata; + + assert(es); + assert(s); + + session_stop(s, false); + return 0; +} +#endif // 0 + +int session_release(Session *s) { + assert(s); + + if (!s->started || s->stopping) + return 0; + + if (s->timer_event_source) + return 0; + +#if 0 /// UNNEEDED by elogind + return sd_event_add_time(s->manager->event, + &s->timer_event_source, + CLOCK_MONOTONIC, + now(CLOCK_MONOTONIC) + RELEASE_USEC, 0, + release_timeout_callback, s); +#else + /* In systemd, session release is triggered by user jobs + dying. In elogind we don't have that so go ahead and stop + now. */ + return session_stop(s, false); +#endif // 0 } bool session_is_active(Session *s) { @@ -781,7 +860,7 @@ int session_get_idle_hint(Session *s, dual_timestamp *t) { /* Graphical sessions should really implement a real * idle hint logic */ - if (s->display) + if (SESSION_TYPE_IS_GRAPHICAL(s->type)) goto dont_know; /* For sessions with an explicitly configured tty, let's check @@ -836,6 +915,23 @@ void session_set_idle_hint(Session *s, bool b) { manager_send_changed(s->manager, "IdleHint", "IdleSinceHint", "IdleSinceHintMonotonic", NULL); } +int session_get_locked_hint(Session *s) { + assert(s); + + return s->locked_hint; +} + +void session_set_locked_hint(Session *s, bool b) { + assert(s); + + if (s->locked_hint == b) + return; + + s->locked_hint = b; + + session_send_changed(s, "LockedHint", NULL); +} + static int session_dispatch_fifo(sd_event_source *es, int fd, uint32_t revents, void *userdata) { Session *s = userdata; @@ -845,7 +941,7 @@ static int session_dispatch_fifo(sd_event_source *es, int fd, uint32_t revents, /* EOF on the FIFO means the session died abnormally. */ session_remove_fifo(s); - session_stop(s); + session_stop(s, false); return 1; } @@ -877,11 +973,13 @@ int session_create_fifo(Session *s) { } if (!s->fifo_event_source) { - r = sd_event_add_io(s->manager->event, s->fifo_fd, 0, session_dispatch_fifo, s, &s->fifo_event_source); + r = sd_event_add_io(s->manager->event, &s->fifo_event_source, s->fifo_fd, 0, session_dispatch_fifo, s); if (r < 0) return r; - r = sd_event_source_set_priority(s->fifo_event_source, SD_EVENT_PRIORITY_IDLE); + /* Let's make sure we noticed dead sessions before we process new bus requests (which might create new + * sessions). */ + r = sd_event_source_set_priority(s->fifo_event_source, SD_EVENT_PRIORITY_NORMAL-10); if (r < 0) return r; } @@ -894,27 +992,19 @@ int session_create_fifo(Session *s) { return r; } -void session_remove_fifo(Session *s) { +static void session_remove_fifo(Session *s) { assert(s); - if (s->fifo_event_source) - s->fifo_event_source = sd_event_source_unref(s->fifo_event_source); - - if (s->fifo_fd >= 0) { - close_nointr_nofail(s->fifo_fd); - s->fifo_fd = -1; - } + s->fifo_event_source = sd_event_source_unref(s->fifo_event_source); + s->fifo_fd = safe_close(s->fifo_fd); if (s->fifo_path) { unlink(s->fifo_path); - free(s->fifo_path); - s->fifo_path = NULL; + s->fifo_path = mfree(s->fifo_path); } } bool session_check_gc(Session *s, bool drop_not_started) { - int r; - assert(s); if (drop_not_started && !s->started) @@ -924,19 +1014,17 @@ bool session_check_gc(Session *s, bool drop_not_started) { return false; if (s->fifo_fd >= 0) { - r = pipe_eof(s->fifo_fd); - if (r < 0) - return true; - - if (r == 0) + if (pipe_eof(s->fifo_fd) <= 0) return true; } +#if 0 /// elogind supports neither scopes nor jobs if (s->scope_job && manager_job_is_active(s->manager, s->scope_job)) return true; if (s->scope && manager_unit_is_active(s->manager, s->scope)) return true; +#endif // 0 return false; } @@ -954,14 +1042,16 @@ void session_add_to_gc_queue(Session *s) { SessionState session_get_state(Session *s) { assert(s); - if (s->closing) + /* always check closing first */ + if (s->stopping || s->timer_event_source) return SESSION_CLOSING; - if (s->scope_job) - return SESSION_OPENING; - +#if 0 /// elogind does not support systemd scope_jobs + if (s->scope_job || s->fifo_fd < 0) +#else if (s->fifo_fd < 0) - return SESSION_CLOSING; +#endif // 0 + return SESSION_OPENING; if (session_is_active(s)) return SESSION_ACTIVE; @@ -972,105 +1062,164 @@ SessionState session_get_state(Session *s) { int session_kill(Session *s, KillWho who, int signo) { assert(s); +#if 0 /// Without direct cgroup support, elogind can not kill sessions if (!s->scope) return -ESRCH; return manager_kill_unit(s->manager, s->scope, who, signo, NULL); +#else + if (who == KILL_LEADER) { + if (s->leader <= 0) + return -ESRCH; + + /* FIXME: verify that leader is in cgroup? */ + + if (kill(s->leader, signo) < 0) { + return log_error_errno(errno, "Failed to kill process leader %d for session %s: %m", s->leader, s->id); + } + return 0; + } else + return cg_kill_recursive (SYSTEMD_CGROUP_CONTROLLER, s->id, signo, + CGROUP_IGNORE_SELF | CGROUP_REMOVE, + NULL, NULL, NULL); +#endif // 0 } static int session_open_vt(Session *s) { - char path[128]; + char path[sizeof("/dev/tty") + DECIMAL_STR_MAX(s->vtnr)]; - if (!s->vtnr) - return -1; + if (s->vtnr < 1) + return -ENODEV; if (s->vtfd >= 0) return s->vtfd; sprintf(path, "/dev/tty%u", s->vtnr); - s->vtfd = open(path, O_RDWR | O_CLOEXEC | O_NONBLOCK | O_NOCTTY); - if (s->vtfd < 0) { - log_error("cannot open VT %s of session %s: %m", path, s->id); - return -1; - } + s->vtfd = open_terminal(path, O_RDWR | O_CLOEXEC | O_NONBLOCK | O_NOCTTY); + if (s->vtfd < 0) + return log_error_errno(s->vtfd, "cannot open VT %s of session %s: %m", path, s->id); return s->vtfd; } -static int session_vt_fn(sd_event_source *source, const struct signalfd_siginfo *si, void *data) { - Session *s = data; - - if (s->vtfd >= 0) - ioctl(s->vtfd, VT_RELDISP, 1); - - return 0; -} - -void session_mute_vt(Session *s) { +int session_prepare_vt(Session *s) { int vt, r; struct vt_mode mode = { 0 }; - sigset_t mask; + + if (s->vtnr < 1) + return 0; vt = session_open_vt(s); if (vt < 0) - return; + return vt; - r = ioctl(vt, KDSKBMODE, K_OFF); - if (r < 0) + r = fchown(vt, s->user->uid, -1); + if (r < 0) { + r = log_error_errno(errno, + "Cannot change owner of /dev/tty%u: %m", + s->vtnr); goto error; + } - r = ioctl(vt, KDSETMODE, KD_GRAPHICS); - if (r < 0) + r = ioctl(vt, KDSKBMODE, K_OFF); + if (r < 0) { + r = log_error_errno(errno, + "Cannot set K_OFF on /dev/tty%u: %m", + s->vtnr); goto error; + } - sigemptyset(&mask); - sigaddset(&mask, SIGUSR1); - sigprocmask(SIG_BLOCK, &mask, NULL); - - r = sd_event_add_signal(s->manager->event, SIGUSR1, session_vt_fn, s, &s->vt_source); - if (r < 0) + r = ioctl(vt, KDSETMODE, KD_GRAPHICS); + if (r < 0) { + r = log_error_errno(errno, + "Cannot set KD_GRAPHICS on /dev/tty%u: %m", + s->vtnr); goto error; + } /* Oh, thanks to the VT layer, VT_AUTO does not work with KD_GRAPHICS. * So we need a dummy handler here which just acknowledges *all* VT * switch requests. */ mode.mode = VT_PROCESS; - mode.relsig = SIGUSR1; - mode.acqsig = SIGUSR1; + mode.relsig = SIGRTMIN; + mode.acqsig = SIGRTMIN + 1; r = ioctl(vt, VT_SETMODE, &mode); - if (r < 0) + if (r < 0) { + r = log_error_errno(errno, + "Cannot set VT_PROCESS on /dev/tty%u: %m", + s->vtnr); goto error; + } - return; + return 0; error: - log_error("cannot mute VT %u for session %s (%d/%d)", s->vtnr, s->id, r, errno); session_restore_vt(s); + return r; } void session_restore_vt(Session *s) { - _cleanup_free_ char *utf8; - int vt, kb = K_XLATE; - struct vt_mode mode = { 0 }; + + static const struct vt_mode mode = { + .mode = VT_AUTO, + }; + + _cleanup_free_ char *utf8 = NULL; + int vt, kb, old_fd; + + /* We need to get a fresh handle to the virtual terminal, + * since the old file-descriptor is potentially in a hung-up + * state after the controlling process exited; we do a + * little dance to avoid having the terminal be available + * for reuse before we've cleaned it up. + */ + old_fd = s->vtfd; + s->vtfd = -1; vt = session_open_vt(s); + safe_close(old_fd); + if (vt < 0) return; - sd_event_source_unref(s->vt_source); - s->vt_source = NULL; - - ioctl(vt, KDSETMODE, KD_TEXT); + (void) ioctl(vt, KDSETMODE, KD_TEXT); if (read_one_line_file("/sys/module/vt/parameters/default_utf8", &utf8) >= 0 && *utf8 == '1') kb = K_UNICODE; - ioctl(vt, KDSKBMODE, kb); + else + kb = K_XLATE; - mode.mode = VT_AUTO; - ioctl(vt, VT_SETMODE, &mode); + (void) ioctl(vt, KDSKBMODE, kb); - close_nointr_nofail(vt); - s->vtfd = -1; + (void) ioctl(vt, VT_SETMODE, &mode); + (void) fchown(vt, 0, (gid_t) -1); + + s->vtfd = safe_close(s->vtfd); +} + +void session_leave_vt(Session *s) { + int r; + + assert(s); + + /* This is called whenever we get a VT-switch signal from the kernel. + * We acknowledge all of them unconditionally. Note that session are + * free to overwrite those handlers and we only register them for + * sessions with controllers. Legacy sessions are not affected. + * However, if we switch from a non-legacy to a legacy session, we must + * make sure to pause all device before acknowledging the switch. We + * process the real switch only after we are notified via sysfs, so the + * legacy session might have already started using the devices. If we + * don't pause the devices before the switch, we might confuse the + * session we switch to. */ + + if (s->vtfd < 0) + return; + + session_device_pause_all(s); + r = ioctl(s->vtfd, VT_RELDISP, 1); + if (r < 0) + log_debug_errno(errno, "Cannot release VT of session %s: %m", s->id); } bool session_is_controller(Session *s, const char *sender) { @@ -1079,30 +1228,41 @@ bool session_is_controller(Session *s, const char *sender) { return streq_ptr(s->controller, sender); } -static void session_swap_controller(Session *s, char *name) { +static void session_release_controller(Session *s, bool notify) { + _cleanup_free_ char *name = NULL; SessionDevice *sd; - if (s->controller) { - manager_drop_busname(s->manager, s->controller); - free(s->controller); + if (!s->controller) + return; + + name = s->controller; + + /* By resetting the controller before releasing the devices, we won't + * send notification signals. This avoids sending useless notifications + * if the controller is released on disconnects. */ + if (!notify) s->controller = NULL; - /* Drop all devices as they're now unused. Do that after the - * controller is released to avoid sending out useles - * dbus signals. */ - while ((sd = hashmap_first(s->devices))) - session_device_free(sd); + while ((sd = hashmap_first(s->devices))) + session_device_free(sd); - if (!name) - session_restore_vt(s); - } + s->controller = NULL; + s->track = sd_bus_track_unref(s->track); +} - s->controller = name; - session_save(s); +static int on_bus_track(sd_bus_track *track, void *userdata) { + Session *s = userdata; + + assert(track); + assert(s); + + session_drop_controller(s); + + return 0; } int session_set_controller(Session *s, const char *sender, bool force) { - char *t; + _cleanup_free_ char *name = NULL; int r; assert(s); @@ -1113,17 +1273,18 @@ int session_set_controller(Session *s, const char *sender, bool force) { if (s->controller && !force) return -EBUSY; - t = strdup(sender); - if (!t) + name = strdup(sender); + if (!name) return -ENOMEM; - r = manager_watch_busname(s->manager, sender); - if (r) { - free(t); + s->track = sd_bus_track_unref(s->track); + r = sd_bus_track_new(s->manager->bus, &s->track, on_bus_track, s); + if (r < 0) return r; - } - session_swap_controller(s, t); + r = sd_bus_track_add_name(s->track, name); + if (r < 0) + return r; /* When setting a session controller, we forcibly mute the VT and set * it into graphics-mode. Applications can override that by changing @@ -1133,7 +1294,16 @@ int session_set_controller(Session *s, const char *sender, bool force) { * exits. * If logind crashes/restarts, we restore the controller during restart * or reset the VT in case it crashed/exited, too. */ - session_mute_vt(s); + r = session_prepare_vt(s); + if (r < 0) { + s->track = sd_bus_track_unref(s->track); + return r; + } + + session_release_controller(s, true); + s->controller = name; + name = NULL; + session_save(s); return 0; } @@ -1144,7 +1314,10 @@ void session_drop_controller(Session *s) { if (!s->controller) return; - session_swap_controller(s, NULL); + s->track = sd_bus_track_unref(s->track); + session_release_controller(s, false); + session_save(s); + session_restore_vt(s); } static const char* const session_state_table[_SESSION_STATE_MAX] = { @@ -1157,9 +1330,12 @@ static const char* const session_state_table[_SESSION_STATE_MAX] = { DEFINE_STRING_TABLE_LOOKUP(session_state, SessionState); static const char* const session_type_table[_SESSION_TYPE_MAX] = { + [SESSION_UNSPECIFIED] = "unspecified", [SESSION_TTY] = "tty", [SESSION_X11] = "x11", - [SESSION_UNSPECIFIED] = "unspecified" + [SESSION_WAYLAND] = "wayland", + [SESSION_MIR] = "mir", + [SESSION_WEB] = "web", }; DEFINE_STRING_TABLE_LOOKUP(session_type, SessionType);