X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Flogin%2Flogind-session.c;h=a726fb1bedcae8cf195985109ef77094eb972257;hp=475ebcaa5ea27265ba78839b98ffd0c1308ac054;hb=6a5c729ef481ec9e770c6ed039abaf0e14145802;hpb=9eb977db5b89b44f254ab40c1876a76b7d7ea2d0 diff --git a/src/login/logind-session.c b/src/login/logind-session.c index 475ebcaa5..ff2c95c55 100644 --- a/src/login/logind-session.c +++ b/src/login/logind-session.c @@ -1,5 +1,3 @@ -/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ - /*** This file is part of systemd. @@ -20,25 +18,44 @@ ***/ #include +#include +#include +#include +#include #include +#include #include -#include -#include -#include "strv.h" -#include "util.h" +#include "sd-messages.h" + +#include "alloc-util.h" +#include "audit-util.h" +#include "bus-error.h" +#include "bus-util.h" +#include "escape.h" +#include "fd-util.h" +#include "fileio.h" +#include "formats-util.h" +#include "io-util.h" +#include "logind-session.h" #include "mkdir.h" +#include "parse-util.h" #include "path-util.h" -#include "cgroup-util.h" -#include "logind-session.h" +#include "string-table.h" +#include "terminal-util.h" +#include "user-util.h" +#include "util.h" -#define IDLE_THRESHOLD_USEC (5*USEC_PER_MINUTE) +// #define RELEASE_USEC (20*USEC_PER_SEC) -Session* session_new(Manager *m, User *u, const char *id) { +static void session_remove_fifo(Session *s); + +Session* session_new(Manager *m, const char *id) { Session *s; assert(m); assert(id); + assert(session_id_valid(id)); s = new0(Session, 1); if (!s) @@ -50,9 +67,17 @@ Session* session_new(Manager *m, User *u, const char *id) { return NULL; } - s->id = path_get_file_name(s->state_file); + s->devices = hashmap_new(&devt_hash_ops); + if (!s->devices) { + free(s->state_file); + free(s); + return NULL; + } + + s->id = basename(s->state_file); if (hashmap_put(m->sessions, s->id, s) < 0) { + hashmap_free(s->devices); free(s->state_file); free(s); return NULL; @@ -60,21 +85,32 @@ Session* session_new(Manager *m, User *u, const char *id) { s->manager = m; s->fifo_fd = -1; - s->user = u; - - LIST_PREPEND(Session, sessions_by_user, u->sessions, s); + s->vtfd = -1; return s; } void session_free(Session *s) { + SessionDevice *sd; + assert(s); if (s->in_gc_queue) - LIST_REMOVE(Session, gc_queue, s->manager->session_gc_queue, s); + LIST_REMOVE(gc_queue, s->manager->session_gc_queue, s); + + s->timer_event_source = sd_event_source_unref(s->timer_event_source); + + session_remove_fifo(s); + + session_drop_controller(s); + + while ((sd = hashmap_first(s->devices))) + session_device_free(sd); + + hashmap_free(s->devices); if (s->user) { - LIST_REMOVE(Session, sessions_by_user, s->user->sessions, s); + LIST_REMOVE(sessions_by_user, s->user->sessions, s); if (s->user->display == s) s->user->display = NULL; @@ -83,46 +119,65 @@ void session_free(Session *s) { if (s->seat) { if (s->seat->active == s) s->seat->active = NULL; + if (s->seat->pending_switch == s) + s->seat->pending_switch = NULL; + + seat_evict_position(s->seat, s); + LIST_REMOVE(sessions_by_seat, s->seat->sessions, s); + } - LIST_REMOVE(Session, sessions_by_seat, s->seat->sessions, s); + if (s->scope) { + hashmap_remove(s->manager->session_units, s->scope); + free(s->scope); } - if (s->cgroup_path) - hashmap_remove(s->manager->cgroups, s->cgroup_path); +#if 0 /// elogind does not support systemd scope_jobs + free(s->scope_job); +#endif // 0 - free(s->cgroup_path); - strv_free(s->controllers); + sd_bus_message_unref(s->create_message); free(s->tty); free(s->display); free(s->remote_host); free(s->remote_user); free(s->service); + free(s->desktop); hashmap_remove(s->manager->sessions, s->id); - session_remove_fifo(s); free(s->state_file); free(s); } +void session_set_user(Session *s, User *u) { + assert(s); + assert(!s->user); + + s->user = u; + LIST_PREPEND(sessions_by_user, u->sessions, s); +} + int session_save(Session *s) { - FILE *f; + _cleanup_free_ char *temp_path = NULL; + _cleanup_fclose_ FILE *f = NULL; int r = 0; - char *temp_path; assert(s); + if (!s->user) + return -ESTALE; + if (!s->started) return 0; - r = safe_mkdir("/run/systemd/sessions", 0755, 0, 0); + r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0); if (r < 0) - goto finish; + goto fail; r = fopen_temporary(s->state_file, &f, &temp_path); if (r < 0) - goto finish; + goto fail; assert(s->user); @@ -130,109 +185,147 @@ int session_save(Session *s) { fprintf(f, "# This is private data. Do not parse.\n" - "UID=%lu\n" + "UID="UID_FMT"\n" "USER=%s\n" "ACTIVE=%i\n" - "REMOTE=%i\n" - "KILL_PROCESSES=%i\n", - (unsigned long) s->user->uid, + "STATE=%s\n" + "REMOTE=%i\n", + s->user->uid, s->user->name, session_is_active(s), - s->remote, - s->kill_processes); + session_state_to_string(session_get_state(s)), + s->remote); if (s->type >= 0) - fprintf(f, - "TYPE=%s\n", - session_type_to_string(s->type)); + fprintf(f, "TYPE=%s\n", session_type_to_string(s->type)); if (s->class >= 0) - fprintf(f, - "CLASS=%s\n", - session_class_to_string(s->class)); + fprintf(f, "CLASS=%s\n", session_class_to_string(s->class)); - if (s->cgroup_path) - fprintf(f, - "CGROUP=%s\n", - s->cgroup_path); + if (s->scope) + fprintf(f, "SCOPE=%s\n", s->scope); +#if 0 /// elogind does not support systemd scope_jobs + if (s->scope_job) + fprintf(f, "SCOPE_JOB=%s\n", s->scope_job); +#endif // 0 if (s->fifo_path) - fprintf(f, - "FIFO=%s\n", - s->fifo_path); + fprintf(f, "FIFO=%s\n", s->fifo_path); if (s->seat) - fprintf(f, - "SEAT=%s\n", - s->seat->id); + fprintf(f, "SEAT=%s\n", s->seat->id); if (s->tty) - fprintf(f, - "TTY=%s\n", - s->tty); + fprintf(f, "TTY=%s\n", s->tty); if (s->display) - fprintf(f, - "DISPLAY=%s\n", - s->display); + fprintf(f, "DISPLAY=%s\n", s->display); - if (s->remote_host) - fprintf(f, - "REMOTE_HOST=%s\n", - s->remote_host); + if (s->remote_host) { + _cleanup_free_ char *escaped; - if (s->remote_user) - fprintf(f, - "REMOTE_USER=%s\n", - s->remote_user); + escaped = cescape(s->remote_host); + if (!escaped) { + r = -ENOMEM; + goto fail; + } - if (s->service) - fprintf(f, - "SERVICE=%s\n", - s->service); + fprintf(f, "REMOTE_HOST=%s\n", escaped); + } - if (s->seat && seat_can_multi_session(s->seat)) - fprintf(f, - "VTNR=%i\n", - s->vtnr); + if (s->remote_user) { + _cleanup_free_ char *escaped; + + escaped = cescape(s->remote_user); + if (!escaped) { + r = -ENOMEM; + goto fail; + } + + fprintf(f, "REMOTE_USER=%s\n", escaped); + } + + if (s->service) { + _cleanup_free_ char *escaped; + + escaped = cescape(s->service); + if (!escaped) { + r = -ENOMEM; + goto fail; + } + + fprintf(f, "SERVICE=%s\n", escaped); + } + + if (s->desktop) { + _cleanup_free_ char *escaped; + + + escaped = cescape(s->desktop); + if (!escaped) { + r = -ENOMEM; + goto fail; + } + + fprintf(f, "DESKTOP=%s\n", escaped); + } + + if (s->seat && seat_has_vts(s->seat)) + fprintf(f, "VTNR=%u\n", s->vtnr); + + if (!s->vtnr) + fprintf(f, "POSITION=%u\n", s->position); if (s->leader > 0) - fprintf(f, - "LEADER=%lu\n", - (unsigned long) s->leader); + fprintf(f, "LEADER="PID_FMT"\n", s->leader); if (s->audit_id > 0) + fprintf(f, "AUDIT=%"PRIu32"\n", s->audit_id); + + if (dual_timestamp_is_set(&s->timestamp)) fprintf(f, - "AUDIT=%llu\n", - (unsigned long long) s->audit_id); + "REALTIME="USEC_FMT"\n" + "MONOTONIC="USEC_FMT"\n", + s->timestamp.realtime, + s->timestamp.monotonic); - fflush(f); + if (s->controller) + fprintf(f, "CONTROLLER=%s\n", s->controller); - if (ferror(f) || rename(temp_path, s->state_file) < 0) { + r = fflush_and_check(f); + if (r < 0) + goto fail; + + if (rename(temp_path, s->state_file) < 0) { r = -errno; - unlink(s->state_file); - unlink(temp_path); + goto fail; } - fclose(f); - free(temp_path); + return 0; -finish: - if (r < 0) - log_error("Failed to save session data for %s: %s", s->id, strerror(-r)); +fail: + (void) unlink(s->state_file); - return r; + if (temp_path) + (void) unlink(temp_path); + + return log_error_errno(r, "Failed to save session data %s: %m", s->state_file); } + int session_load(Session *s) { - char *remote = NULL, - *kill_processes = NULL, + _cleanup_free_ char *remote = NULL, *seat = NULL, *vtnr = NULL, + *state = NULL, + *position = NULL, *leader = NULL, - *audit_id = NULL, *type = NULL, - *class = NULL; + *class = NULL, + *uid = NULL, + *realtime = NULL, + *monotonic = NULL, + *controller = NULL; int k, r; @@ -240,8 +333,10 @@ int session_load(Session *s) { r = parse_env_file(s->state_file, NEWLINE, "REMOTE", &remote, - "KILL_PROCESSES", &kill_processes, - "CGROUP", &s->cgroup_path, + "SCOPE", &s->scope, +#if 0 /// elogind does not support systemd scope_jobs + "SCOPE_JOB", &s->scope_job, +#endif // 0 "FIFO", &s->fifo_path, "SEAT", &seat, "TTY", &s->tty, @@ -249,14 +344,45 @@ int session_load(Session *s) { "REMOTE_HOST", &s->remote_host, "REMOTE_USER", &s->remote_user, "SERVICE", &s->service, + "DESKTOP", &s->desktop, "VTNR", &vtnr, + "STATE", &state, + "POSITION", &position, "LEADER", &leader, "TYPE", &type, "CLASS", &class, + "UID", &uid, + "REALTIME", &realtime, + "MONOTONIC", &monotonic, + "CONTROLLER", &controller, NULL); if (r < 0) - goto finish; + return log_error_errno(r, "Failed to read %s: %m", s->state_file); + + if (!s->user) { + uid_t u; + User *user; + + if (!uid) { + log_error("UID not specified for session %s", s->id); + return -ENOENT; + } + + r = parse_uid(uid, &u); + if (r < 0) { + log_error("Failed to parse UID value %s for session %s.", uid, s->id); + return r; + } + + user = hashmap_get(s->manager->users, UID_TO_PTR(u)); + if (!user) { + log_error("User of session %s not known.", s->id); + return -ENOENT; + } + + session_set_user(s, user); + } if (remote) { k = parse_boolean(remote); @@ -264,26 +390,27 @@ int session_load(Session *s) { s->remote = k; } - if (kill_processes) { - k = parse_boolean(kill_processes); - if (k >= 0) - s->kill_processes = k; - } + if (vtnr) + safe_atou(vtnr, &s->vtnr); if (seat && !s->seat) { Seat *o; o = hashmap_get(s->manager->seats, seat); if (o) - seat_attach_session(o, s); + r = seat_attach_session(o, s); + if (!o || r < 0) + log_error("Cannot attach session %s to seat %s", s->id, seat); } - if (vtnr && s->seat && seat_can_multi_session(s->seat)) { - int v; + if (!s->seat || !seat_has_vts(s->seat)) + s->vtnr = 0; - k = safe_atoi(vtnr, &v); - if (k >= 0 && v >= 1) - s->vtnr = v; + if (position && s->seat) { + unsigned int npos; + + safe_atou(position, &npos); + seat_claim_position(s->seat, s, npos); } if (leader) { @@ -308,235 +435,150 @@ int session_load(Session *s) { s->class = c; } + if (state && streq(state, "closing")) + s->stopping = true; + if (s->fifo_path) { int fd; /* If we open an unopened pipe for reading we will not get an EOF. to trigger an EOF we hence open it for - reading, but close it right-away which then will - trigger the EOF. */ + writing, but close it right away which then will + trigger the EOF. This will happen immediately if no + other process has the FIFO open for writing, i. e. + when the session died before logind (re)started. */ fd = session_create_fifo(s); - if (fd >= 0) - close_nointr_nofail(fd); + safe_close(fd); } -finish: - free(remote); - free(kill_processes); - free(seat); - free(vtnr); - free(leader); - free(audit_id); - free(class); + if (realtime) + timestamp_deserialize(realtime, &s->timestamp.realtime); + if (monotonic) + timestamp_deserialize(monotonic, &s->timestamp.monotonic); + + if (controller) { + if (bus_name_has_owner(s->manager->bus, controller, NULL) > 0) + session_set_controller(s, controller, false); + else + session_restore_vt(s); + } return r; } int session_activate(Session *s) { - int r; + unsigned int num_pending; assert(s); - - if (s->vtnr < 0) - return -ENOTSUP; + assert(s->user); if (!s->seat) - return -ENOTSUP; + return -EOPNOTSUPP; if (s->seat->active == s) return 0; - assert(seat_is_vtconsole(s->seat)); - - r = chvt(s->vtnr); - if (r < 0) - return r; - - return seat_set_active(s->seat, s); -} - -static int session_link_x11_socket(Session *s) { - char *t, *f, *c; - size_t k; - - assert(s); - assert(s->user); - assert(s->user->runtime_path); - - if (s->user->display) - return 0; - - if (!s->display || !display_is_local(s->display)) - return 0; - - k = strspn(s->display+1, "0123456789"); - f = new(char, sizeof("/tmp/.X11-unix/X") + k); - if (!f) { - log_error("Out of memory"); - return -ENOMEM; - } - - c = stpcpy(f, "/tmp/.X11-unix/X"); - memcpy(c, s->display+1, k); - c[k] = 0; + /* on seats with VTs, we let VTs manage session-switching */ + if (seat_has_vts(s->seat)) { + if (!s->vtnr) + return -EOPNOTSUPP; - if (access(f, F_OK) < 0) { - log_warning("Session %s has display %s with nonexisting socket %s.", s->id, s->display, f); - free(f); - return -ENOENT; + return chvt(s->vtnr); } - /* Note that this cannot be in a subdir to avoid - * vulnerabilities since we are privileged but the runtime - * path is owned by the user */ - - t = strappend(s->user->runtime_path, "/X11-display"); - if (!t) { - log_error("Out of memory"); - free(f); - return -ENOMEM; - } - - if (link(f, t) < 0) { - if (errno == EEXIST) { - unlink(t); - - if (link(f, t) >= 0) - goto done; - } - - if (symlink(f, t) < 0) { - - if (errno == EEXIST) { - unlink(t); - - if (symlink(f, t) >= 0) - goto done; - } + /* On seats without VTs, we implement session-switching in logind. We + * try to pause all session-devices and wait until the session + * controller acknowledged them. Once all devices are asleep, we simply + * switch the active session and be done. + * We save the session we want to switch to in seat->pending_switch and + * seat_complete_switch() will perform the final switch. */ - log_error("Failed to link %s to %s: %m", f, t); - free(f); - free(t); - return -errno; - } - } + s->seat->pending_switch = s; -done: - log_info("Linked %s to %s.", f, t); - free(f); - free(t); - - s->user->display = s; + /* if no devices are running, immediately perform the session switch */ + num_pending = session_device_try_pause_all(s); + if (!num_pending) + seat_complete_switch(s->seat); return 0; } -static int session_create_one_group(Session *s, const char *controller, const char *path) { +#if 0 /// UNNEEDED by elogind +static int session_start_scope(Session *s) { int r; assert(s); - assert(controller); - assert(path); + assert(s->user); - if (s->leader > 0) { - r = cg_create_and_attach(controller, path, s->leader); - if (r < 0) - r = cg_create(controller, path); - } else - r = cg_create(controller, path); + if (!s->scope) { + _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; + char *scope, *job = NULL; + const char *description; + + scope = strjoin("session-", s->id, ".scope", NULL); + if (!scope) + return log_oom(); + + description = strjoina("Session ", s->id, " of user ", s->user->name, NULL); + + r = manager_start_scope( + s->manager, + scope, + s->leader, + s->user->slice, + description, + "systemd-logind.service", + "systemd-user-sessions.service", + (uint64_t) -1, /* disable TasksMax= for the scope, rely on the slice setting for it */ + &error, + &job); + if (r < 0) { + log_error_errno(r, "Failed to start session scope %s: %s", scope, bus_error_message(&error, r)); + free(scope); + return r; + } else { + s->scope = scope; - if (r < 0) - return r; + free(s->scope_job); + s->scope_job = job; + } + } - r = cg_set_task_access(controller, path, 0644, s->user->uid, s->user->gid, -1); - if (r >= 0) - r = cg_set_group_access(controller, path, 0755, s->user->uid, s->user->gid); + if (s->scope) + (void) hashmap_put(s->manager->session_units, s->scope, s); - return r; + return 0; } +#endif // 0 -static int session_create_cgroup(Session *s) { - char **k; - char *p; +static int session_start_cgroup(Session *s) { int r; assert(s); assert(s->user); - assert(s->user->cgroup_path); + assert(s->leader > 0); - if (!s->cgroup_path) { - if (asprintf(&p, "%s/%s", s->user->cgroup_path, s->id) < 0) { - log_error("Out of memory"); - return -ENOMEM; - } - } else - p = s->cgroup_path; - - r = session_create_one_group(s, SYSTEMD_CGROUP_CONTROLLER, p); - if (r < 0) { - log_error("Failed to create "SYSTEMD_CGROUP_CONTROLLER":%s: %s", p, strerror(-r)); - free(p); - s->cgroup_path = NULL; - return r; - } - - s->cgroup_path = p; - - STRV_FOREACH(k, s->controllers) { - - if (strv_contains(s->reset_controllers, *k)) - continue; - - r = session_create_one_group(s, *k, p); - if (r < 0) - log_warning("Failed to create %s:%s: %s", *k, p, strerror(-r)); - } - - STRV_FOREACH(k, s->manager->controllers) { - - if (strv_contains(s->reset_controllers, *k) || - strv_contains(s->manager->reset_controllers, *k) || - strv_contains(s->controllers, *k)) - continue; - - r = session_create_one_group(s, *k, p); - if (r < 0) - log_warning("Failed to create %s:%s: %s", *k, p, strerror(-r)); - } - - if (s->leader > 0) { - - STRV_FOREACH(k, s->reset_controllers) { - r = cg_attach(*k, "/", s->leader); - if (r < 0) - log_warning("Failed to reset controller %s: %s", *k, strerror(-r)); - - } - - STRV_FOREACH(k, s->manager->reset_controllers) { - - if (strv_contains(s->reset_controllers, *k) || - strv_contains(s->controllers, *k)) - continue; - - r = cg_attach(*k, "/", s->leader); - if (r < 0) - log_warning("Failed to reset controller %s: %s", *k, strerror(-r)); - - } - } + /* First, create our own group */ + r = cg_create(SYSTEMD_CGROUP_CONTROLLER, s->id); + if (r < 0) + return log_error_errno(r, "Failed to create cgroup %s: %m", s->id); - hashmap_put(s->manager->cgroups, s->cgroup_path, s); + r = cg_attach(SYSTEMD_CGROUP_CONTROLLER, s->id, s->leader); + if (r < 0) + log_warning_errno(r, "Failed to attach PID %d to cgroup %s: %m", s->leader, s->id); return 0; } + int session_start(Session *s) { int r; assert(s); - assert(s->user); + + if (!s->user) + return -ESTALE; if (s->started) return 0; @@ -545,175 +587,217 @@ int session_start(Session *s) { if (r < 0) return r; - log_full(s->type == SESSION_TTY || s->type == SESSION_X11 ? LOG_INFO : LOG_DEBUG, - "New session %s of user %s.", s->id, s->user->name); - /* Create cgroup */ - r = session_create_cgroup(s); +/// elogind does its own session management without systemd units, +/// slices and scopes +#if 0 + r = session_start_scope(s); +#else + r = session_start_cgroup(s); +#endif // 0 if (r < 0) return r; - /* Create X11 symlink */ - session_link_x11_socket(s); + log_struct(s->class == SESSION_BACKGROUND ? LOG_DEBUG : LOG_INFO, + LOG_MESSAGE_ID(SD_MESSAGE_SESSION_START), + "SESSION_ID=%s", s->id, + "USER_ID=%s", s->user->name, + "LEADER="PID_FMT, s->leader, + LOG_MESSAGE("New session %s of user %s.", s->id, s->user->name), + NULL); - dual_timestamp_get(&s->timestamp); + if (!dual_timestamp_is_set(&s->timestamp)) + dual_timestamp_get(&s->timestamp); if (s->seat) seat_read_active_vt(s->seat); s->started = true; - /* Save session data */ + user_elect_display(s->user); + + /* Save data */ session_save(s); user_save(s->user); + if (s->seat) + seat_save(s->seat); + /* Send signals */ session_send_signal(s, true); - + user_send_changed(s->user, "Sessions", "Display", NULL); if (s->seat) { - seat_save(s->seat); - if (s->seat->active == s) - seat_send_changed(s->seat, "Sessions\0ActiveSession\0"); + seat_send_changed(s->seat, "Sessions", "ActiveSession", NULL); else - seat_send_changed(s->seat, "Sessions\0"); + seat_send_changed(s->seat, "Sessions", NULL); } - user_send_changed(s->user, "Sessions\0"); - return 0; } -static bool session_shall_kill(Session *s) { - assert(s); - - if (!s->kill_processes) - return false; - - if (strv_contains(s->manager->kill_exclude_users, s->user->name)) - return false; - - if (strv_isempty(s->manager->kill_only_users)) - return true; - - return strv_contains(s->manager->kill_only_users, s->user->name); -} - -static int session_terminate_cgroup(Session *s) { +#if 0 /// UNNEEDED by elogind +static int session_stop_scope(Session *s, bool force) { + _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; + char *job = NULL; int r; - char **k; assert(s); - if (!s->cgroup_path) + if (!s->scope) return 0; - cg_trim(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, false); - - if (session_shall_kill(s)) { - - r = cg_kill_recursive_and_wait(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, true); - if (r < 0) - log_error("Failed to kill session cgroup: %s", strerror(-r)); - - } else { - if (s->leader > 0) { - Session *t; - - /* We still send a HUP to the leader process, - * even if we are not supposed to kill the - * whole cgroup. But let's first check the - * leader still exists and belongs to our - * session... */ - - r = manager_get_session_by_pid(s->manager, s->leader, &t); - if (r > 0 && t == s) { - kill(s->leader, SIGTERM); /* for normal processes */ - kill(s->leader, SIGHUP); /* for shells */ - kill(s->leader, SIGCONT); /* in case they are stopped */ - } + if (force || manager_shall_kill(s->manager, s->user->name)) { + r = manager_stop_unit(s->manager, s->scope, &error, &job); + if (r < 0) { + log_error("Failed to stop session scope: %s", bus_error_message(&error, r)); + return r; } - r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, true); - if (r < 0) - log_error("Failed to check session cgroup: %s", strerror(-r)); - else if (r > 0) { - r = cg_delete(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path); - if (r < 0) - log_error("Failed to delete session cgroup: %s", strerror(-r)); + free(s->scope_job); + s->scope_job = job; + } else { + r = manager_abandon_scope(s->manager, s->scope, &error); + if (r < 0) { + log_error("Failed to abandon session scope: %s", bus_error_message(&error, r)); + return r; } } - STRV_FOREACH(k, s->user->manager->controllers) - cg_trim(*k, s->cgroup_path, true); + return 0; +} +#endif // 0 - hashmap_remove(s->manager->cgroups, s->cgroup_path); +static int session_stop_cgroup(Session *s, bool force) { + _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; + int r; + + assert(s); - free(s->cgroup_path); - s->cgroup_path = NULL; + if (force || manager_shall_kill(s->manager, s->user->name)) { + r = session_kill(s, KILL_ALL, SIGTERM); + if (r < 0) + return r; + } return 0; } -static int session_unlink_x11_socket(Session *s) { - char *t; +int session_stop(Session *s, bool force) { int r; assert(s); - assert(s->user); - if (s->user->display != s) - return 0; + if (!s->user) + return -ESTALE; - s->user->display = NULL; + s->timer_event_source = sd_event_source_unref(s->timer_event_source); - t = strappend(s->user->runtime_path, "/X11-display"); - if (!t) { - log_error("Out of memory"); - return -ENOMEM; - } + if (s->seat) + seat_evict_position(s->seat, s); + + /* We are going down, don't care about FIFOs anymore */ + session_remove_fifo(s); - r = unlink(t); - free(t); + /* Kill cgroup */ +#if 0 /// elogind does not start scopes, but sessions + r = session_stop_scope(s, force); +#else + r = session_stop_cgroup(s, force); +#endif // 0 + + s->stopping = true; + + user_elect_display(s->user); + + session_save(s); + user_save(s->user); - return r < 0 ? -errno : 0; + return r; } -int session_stop(Session *s) { - int r = 0, k; +int session_finalize(Session *s) { + SessionDevice *sd; assert(s); + if (!s->user) + return -ESTALE; + if (s->started) - log_full(s->type == SESSION_TTY || s->type == SESSION_X11 ? LOG_INFO : LOG_DEBUG, - "Removed session %s.", s->id); + log_struct(s->class == SESSION_BACKGROUND ? LOG_DEBUG : LOG_INFO, + LOG_MESSAGE_ID(SD_MESSAGE_SESSION_STOP), + "SESSION_ID=%s", s->id, + "USER_ID=%s", s->user->name, + "LEADER="PID_FMT, s->leader, + LOG_MESSAGE("Removed session %s.", s->id), + NULL); - /* Kill cgroup */ - k = session_terminate_cgroup(s); - if (k < 0) - r = k; + s->timer_event_source = sd_event_source_unref(s->timer_event_source); - /* Remove X11 symlink */ - session_unlink_x11_socket(s); + if (s->seat) + seat_evict_position(s->seat, s); + + /* Kill session devices */ + while ((sd = hashmap_first(s->devices))) + session_device_free(sd); - unlink(s->state_file); + (void) unlink(s->state_file); session_add_to_gc_queue(s); user_add_to_gc_queue(s->user); - if (s->started) + if (s->started) { session_send_signal(s, false); + s->started = false; + } if (s->seat) { if (s->seat->active == s) seat_set_active(s->seat, NULL); - seat_send_changed(s->seat, "Sessions\0"); + seat_save(s->seat); + seat_send_changed(s->seat, "Sessions", NULL); } - user_send_changed(s->user, "Sessions\0"); + user_save(s->user); + user_send_changed(s->user, "Sessions", "Display", NULL); - s->started = false; + return 0; +} - return r; +#if 0 /// UNNEEDED by elogind +static int release_timeout_callback(sd_event_source *es, uint64_t usec, void *userdata) { + Session *s = userdata; + + assert(es); + assert(s); + + session_stop(s, false); + return 0; +} +#endif // 0 + +int session_release(Session *s) { + assert(s); + + if (!s->started || s->stopping) + return 0; + + if (s->timer_event_source) + return 0; + + /* In systemd, session release is triggered by user jobs + dying. In elogind we don't have that so go ahead and stop + now. */ +#if 0 + return sd_event_add_time(s->manager->event, + &s->timer_event_source, + CLOCK_MONOTONIC, + now(CLOCK_MONOTONIC) + RELEASE_USEC, 0, + release_timeout_callback, s); + +#else + return session_stop(s, false); +#endif // 0 } bool session_is_active(Session *s) { @@ -725,15 +809,50 @@ bool session_is_active(Session *s) { return s->seat->active == s; } -int session_get_idle_hint(Session *s, dual_timestamp *t) { - char *p; +static int get_tty_atime(const char *tty, usec_t *atime) { + _cleanup_free_ char *p = NULL; struct stat st; - usec_t u, n; - bool b; - int k; + + assert(tty); + assert(atime); + + if (!path_is_absolute(tty)) { + p = strappend("/dev/", tty); + if (!p) + return -ENOMEM; + + tty = p; + } else if (!path_startswith(tty, "/dev/")) + return -ENOENT; + + if (lstat(tty, &st) < 0) + return -errno; + + *atime = timespec_load(&st.st_atim); + return 0; +} + +static int get_process_ctty_atime(pid_t pid, usec_t *atime) { + _cleanup_free_ char *p = NULL; + int r; + + assert(pid > 0); + assert(atime); + + r = get_ctty(pid, NULL, &p); + if (r < 0) + return r; + + return get_tty_atime(p, atime); +} + +int session_get_idle_hint(Session *s, dual_timestamp *t) { + usec_t atime = 0, n; + int r; assert(s); + /* Explicit idle hint is set */ if (s->idle_hint) { if (t) *t = s->idle_hint_timestamp; @@ -741,41 +860,43 @@ int session_get_idle_hint(Session *s, dual_timestamp *t) { return s->idle_hint; } - if (isempty(s->tty)) + /* Graphical sessions should really implement a real + * idle hint logic */ + if (s->display) goto dont_know; - if (s->tty[0] != '/') { - p = strappend("/dev/", s->tty); - if (!p) - return -ENOMEM; - } else - p = NULL; - - if (!startswith(p ? p : s->tty, "/dev/")) { - free(p); - goto dont_know; + /* For sessions with an explicitly configured tty, let's check + * its atime */ + if (s->tty) { + r = get_tty_atime(s->tty, &atime); + if (r >= 0) + goto found_atime; } - k = lstat(p ? p : s->tty, &st); - free(p); + /* For sessions with a leader but no explicitly configured + * tty, let's check the controlling tty of the leader */ + if (s->leader > 0) { + r = get_process_ctty_atime(s->leader, &atime); + if (r >= 0) + goto found_atime; + } - if (k < 0) - goto dont_know; +dont_know: + if (t) + *t = s->idle_hint_timestamp; - u = timespec_load(&st.st_atim); - n = now(CLOCK_REALTIME); - b = u + IDLE_THRESHOLD_USEC < n; + return 0; +found_atime: if (t) - dual_timestamp_from_realtime(t, u + b ? IDLE_THRESHOLD_USEC : 0); + dual_timestamp_from_realtime(t, atime); - return b; + n = now(CLOCK_REALTIME); -dont_know: - if (t) - *t = s->idle_hint_timestamp; + if (s->manager->idle_action_usec <= 0) + return 0; - return 0; + return atime + s->manager->idle_action_usec <= n; } void session_set_idle_hint(Session *s, bool b) { @@ -787,26 +908,27 @@ void session_set_idle_hint(Session *s, bool b) { s->idle_hint = b; dual_timestamp_get(&s->idle_hint_timestamp); - session_send_changed(s, - "IdleHint\0" - "IdleSinceHint\0" - "IdleSinceHintMonotonic\0"); + session_send_changed(s, "IdleHint", "IdleSinceHint", "IdleSinceHintMonotonic", NULL); if (s->seat) - seat_send_changed(s->seat, - "IdleHint\0" - "IdleSinceHint\0" - "IdleSinceHintMonotonic\0"); + seat_send_changed(s->seat, "IdleHint", "IdleSinceHint", "IdleSinceHintMonotonic", NULL); - user_send_changed(s->user, - "IdleHint\0" - "IdleSinceHint\0" - "IdleSinceHintMonotonic\0"); + user_send_changed(s->user, "IdleHint", "IdleSinceHint", "IdleSinceHintMonotonic", NULL); + manager_send_changed(s->manager, "IdleHint", "IdleSinceHint", "IdleSinceHintMonotonic", NULL); +} + +static int session_dispatch_fifo(sd_event_source *es, int fd, uint32_t revents, void *userdata) { + Session *s = userdata; + + assert(s); + assert(s->fifo_fd == fd); + + /* EOF on the FIFO means the session died abnormally. */ + + session_remove_fifo(s); + session_stop(s, false); - manager_send_changed(s->manager, - "IdleHint\0" - "IdleSinceHint\0" - "IdleSinceHintMonotonic\0"); + return 1; } int session_create_fifo(Session *s) { @@ -816,7 +938,7 @@ int session_create_fifo(Session *s) { /* Create FIFO */ if (!s->fifo_path) { - r = safe_mkdir("/run/systemd/sessions", 0755, 0, 0); + r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0); if (r < 0) return r; @@ -829,22 +951,20 @@ int session_create_fifo(Session *s) { /* Open reading side */ if (s->fifo_fd < 0) { - struct epoll_event ev; - s->fifo_fd = open(s->fifo_path, O_RDONLY|O_CLOEXEC|O_NDELAY); if (s->fifo_fd < 0) return -errno; - r = hashmap_put(s->manager->session_fds, INT_TO_PTR(s->fifo_fd + 1), s); + } + + if (!s->fifo_event_source) { + r = sd_event_add_io(s->manager->event, &s->fifo_event_source, s->fifo_fd, 0, session_dispatch_fifo, s); if (r < 0) return r; - zero(ev); - ev.events = 0; - ev.data.u32 = FD_FIFO_BASE + s->fifo_fd; - - if (epoll_ctl(s->manager->epoll_fd, EPOLL_CTL_ADD, s->fifo_fd, &ev) < 0) - return -errno; + r = sd_event_source_set_priority(s->fifo_event_source, SD_EVENT_PRIORITY_IDLE); + if (r < 0) + return r; } /* Open writing side */ @@ -855,52 +975,45 @@ int session_create_fifo(Session *s) { return r; } -void session_remove_fifo(Session *s) { +static void session_remove_fifo(Session *s) { assert(s); - if (s->fifo_fd >= 0) { - assert_se(hashmap_remove(s->manager->session_fds, INT_TO_PTR(s->fifo_fd + 1)) == s); - assert_se(epoll_ctl(s->manager->epoll_fd, EPOLL_CTL_DEL, s->fifo_fd, NULL) == 0); - close_nointr_nofail(s->fifo_fd); - s->fifo_fd = -1; - } + s->fifo_event_source = sd_event_source_unref(s->fifo_event_source); + s->fifo_fd = safe_close(s->fifo_fd); if (s->fifo_path) { unlink(s->fifo_path); - free(s->fifo_path); - s->fifo_path = NULL; + s->fifo_path = mfree(s->fifo_path); } } -int session_check_gc(Session *s, bool drop_not_started) { - int r; - +bool session_check_gc(Session *s, bool drop_not_started) { assert(s); if (drop_not_started && !s->started) - return 0; - - if (s->fifo_fd >= 0) { + return false; - r = pipe_eof(s->fifo_fd); - if (r < 0) - return r; + if (!s->user) + return false; - if (r == 0) - return 1; + if (s->fifo_fd >= 0) { + if (pipe_eof(s->fifo_fd) <= 0) + return true; } - if (s->cgroup_path) { +#if 0 /// elogind supports neither scopes nor jobs + if (s->scope_job && manager_job_is_active(s->manager, s->scope_job)) + return true; - r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, false); - if (r < 0) - return r; + if (s->scope && manager_unit_is_active(s->manager, s->scope)) + return true; +#endif // 0 - if (r <= 0) - return 1; - } + if ( s->user->manager + && (cg_is_empty_recursive (SYSTEMD_CGROUP_CONTROLLER, s->user->manager->cgroup_root) > 0) ) + return true; - return 0; + return false; } void session_add_to_gc_queue(Session *s) { @@ -909,55 +1022,310 @@ void session_add_to_gc_queue(Session *s) { if (s->in_gc_queue) return; - LIST_PREPEND(Session, gc_queue, s->manager->session_gc_queue, s); + LIST_PREPEND(gc_queue, s->manager->session_gc_queue, s); s->in_gc_queue = true; } -int session_kill(Session *s, KillWho who, int signo) { - int r = 0; - Set *pid_set = NULL; +SessionState session_get_state(Session *s) { + assert(s); + + /* always check closing first */ + if (s->stopping || s->timer_event_source) + return SESSION_CLOSING; + +#if 0 /// elogind does not support systemd scope_jobs + if (s->scope_job || s->fifo_fd < 0) +#else + if (s->fifo_fd < 0) +#endif // 0 + return SESSION_OPENING; + + if (session_is_active(s)) + return SESSION_ACTIVE; + return SESSION_ONLINE; +} + +int session_kill(Session *s, KillWho who, int signo) { assert(s); - if (!s->cgroup_path) +#if 0 /// Without direct cgroup support, elogind can not kill sessions + if (!s->scope) return -ESRCH; - if (s->leader <= 0 && who == KILL_LEADER) - return -ESRCH; + return manager_kill_unit(s->manager, s->scope, who, signo, NULL); +#else + if (who == KILL_LEADER) { + if (s->leader <= 0) + return -ESRCH; - if (s->leader > 0) - if (kill(s->leader, signo) < 0) - r = -errno; + /* FIXME: verify that leader is in cgroup? */ + + if (kill(s->leader, signo) < 0) { + return log_error_errno(errno, "Failed to kill process leader %d for session %s: %m", s->leader, s->id); + } + return 0; + } else { + bool sigcont = false; + bool ignore_self = true; + bool rem = true; + return cg_kill_recursive (SYSTEMD_CGROUP_CONTROLLER, s->id, signo, + sigcont, ignore_self, rem, NULL); + } +#endif // 0 +} - if (who == KILL_ALL) { - int q; +static int session_open_vt(Session *s) { + char path[sizeof("/dev/tty") + DECIMAL_STR_MAX(s->vtnr)]; - pid_set = set_new(trivial_hash_func, trivial_compare_func); - if (!pid_set) - return -ENOMEM; + if (s->vtnr < 1) + return -ENODEV; - if (s->leader > 0) { - q = set_put(pid_set, LONG_TO_PTR(s->leader)); - if (q < 0) - r = q; - } + if (s->vtfd >= 0) + return s->vtfd; + + sprintf(path, "/dev/tty%u", s->vtnr); + s->vtfd = open_terminal(path, O_RDWR | O_CLOEXEC | O_NONBLOCK | O_NOCTTY); + if (s->vtfd < 0) + return log_error_errno(s->vtfd, "cannot open VT %s of session %s: %m", path, s->id); - q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, signo, false, true, false, pid_set); - if (q < 0) - if (q != -EAGAIN && q != -ESRCH && q != -ENOENT) - r = q; + return s->vtfd; +} + +int session_prepare_vt(Session *s) { + int vt, r; + struct vt_mode mode = { 0 }; + + if (s->vtnr < 1) + return 0; + + vt = session_open_vt(s); + if (vt < 0) + return vt; + + r = fchown(vt, s->user->uid, -1); + if (r < 0) { + r = log_error_errno(errno, + "Cannot change owner of /dev/tty%u: %m", + s->vtnr); + goto error; } - if (pid_set) - set_free(pid_set); + r = ioctl(vt, KDSKBMODE, K_OFF); + if (r < 0) { + r = log_error_errno(errno, + "Cannot set K_OFF on /dev/tty%u: %m", + s->vtnr); + goto error; + } + + r = ioctl(vt, KDSETMODE, KD_GRAPHICS); + if (r < 0) { + r = log_error_errno(errno, + "Cannot set KD_GRAPHICS on /dev/tty%u: %m", + s->vtnr); + goto error; + } + /* Oh, thanks to the VT layer, VT_AUTO does not work with KD_GRAPHICS. + * So we need a dummy handler here which just acknowledges *all* VT + * switch requests. */ + mode.mode = VT_PROCESS; + mode.relsig = SIGRTMIN; + mode.acqsig = SIGRTMIN + 1; + r = ioctl(vt, VT_SETMODE, &mode); + if (r < 0) { + r = log_error_errno(errno, + "Cannot set VT_PROCESS on /dev/tty%u: %m", + s->vtnr); + goto error; + } + + return 0; + +error: + session_restore_vt(s); return r; } +void session_restore_vt(Session *s) { + + static const struct vt_mode mode = { + .mode = VT_AUTO, + }; + + _cleanup_free_ char *utf8 = NULL; + int vt, kb, old_fd; + + /* We need to get a fresh handle to the virtual terminal, + * since the old file-descriptor is potentially in a hung-up + * state after the controlling process exited; we do a + * little dance to avoid having the terminal be available + * for reuse before we've cleaned it up. + */ + old_fd = s->vtfd; + s->vtfd = -1; + + vt = session_open_vt(s); + safe_close(old_fd); + + if (vt < 0) + return; + + (void) ioctl(vt, KDSETMODE, KD_TEXT); + + if (read_one_line_file("/sys/module/vt/parameters/default_utf8", &utf8) >= 0 && *utf8 == '1') + kb = K_UNICODE; + else + kb = K_XLATE; + + (void) ioctl(vt, KDSKBMODE, kb); + + (void) ioctl(vt, VT_SETMODE, &mode); + (void) fchown(vt, 0, (gid_t) -1); + + s->vtfd = safe_close(s->vtfd); +} + +void session_leave_vt(Session *s) { + int r; + + assert(s); + + /* This is called whenever we get a VT-switch signal from the kernel. + * We acknowledge all of them unconditionally. Note that session are + * free to overwrite those handlers and we only register them for + * sessions with controllers. Legacy sessions are not affected. + * However, if we switch from a non-legacy to a legacy session, we must + * make sure to pause all device before acknowledging the switch. We + * process the real switch only after we are notified via sysfs, so the + * legacy session might have already started using the devices. If we + * don't pause the devices before the switch, we might confuse the + * session we switch to. */ + + if (s->vtfd < 0) + return; + + session_device_pause_all(s); + r = ioctl(s->vtfd, VT_RELDISP, 1); + if (r < 0) + log_debug_errno(errno, "Cannot release VT of session %s: %m", s->id); +} + +bool session_is_controller(Session *s, const char *sender) { + assert(s); + + return streq_ptr(s->controller, sender); +} + +static void session_release_controller(Session *s, bool notify) { + _cleanup_free_ char *name = NULL; + SessionDevice *sd; + + if (!s->controller) + return; + + name = s->controller; + + /* By resetting the controller before releasing the devices, we won't + * send notification signals. This avoids sending useless notifications + * if the controller is released on disconnects. */ + if (!notify) + s->controller = NULL; + + while ((sd = hashmap_first(s->devices))) + session_device_free(sd); + + s->controller = NULL; + s->track = sd_bus_track_unref(s->track); +} + +static int on_bus_track(sd_bus_track *track, void *userdata) { + Session *s = userdata; + + assert(track); + assert(s); + + session_drop_controller(s); + + return 0; +} + +int session_set_controller(Session *s, const char *sender, bool force) { + _cleanup_free_ char *name = NULL; + int r; + + assert(s); + assert(sender); + + if (session_is_controller(s, sender)) + return 0; + if (s->controller && !force) + return -EBUSY; + + name = strdup(sender); + if (!name) + return -ENOMEM; + + s->track = sd_bus_track_unref(s->track); + r = sd_bus_track_new(s->manager->bus, &s->track, on_bus_track, s); + if (r < 0) + return r; + + r = sd_bus_track_add_name(s->track, name); + if (r < 0) + return r; + + /* When setting a session controller, we forcibly mute the VT and set + * it into graphics-mode. Applications can override that by changing + * VT state after calling TakeControl(). However, this serves as a good + * default and well-behaving controllers can now ignore VTs entirely. + * Note that we reset the VT on ReleaseControl() and if the controller + * exits. + * If logind crashes/restarts, we restore the controller during restart + * or reset the VT in case it crashed/exited, too. */ + r = session_prepare_vt(s); + if (r < 0) { + s->track = sd_bus_track_unref(s->track); + return r; + } + + session_release_controller(s, true); + s->controller = name; + name = NULL; + session_save(s); + + return 0; +} + +void session_drop_controller(Session *s) { + assert(s); + + if (!s->controller) + return; + + s->track = sd_bus_track_unref(s->track); + session_release_controller(s, false); + session_save(s); + session_restore_vt(s); +} + +static const char* const session_state_table[_SESSION_STATE_MAX] = { + [SESSION_OPENING] = "opening", + [SESSION_ONLINE] = "online", + [SESSION_ACTIVE] = "active", + [SESSION_CLOSING] = "closing" +}; + +DEFINE_STRING_TABLE_LOOKUP(session_state, SessionState); + static const char* const session_type_table[_SESSION_TYPE_MAX] = { + [SESSION_UNSPECIFIED] = "unspecified", [SESSION_TTY] = "tty", [SESSION_X11] = "x11", - [SESSION_UNSPECIFIED] = "unspecified" + [SESSION_WAYLAND] = "wayland", + [SESSION_MIR] = "mir", + [SESSION_WEB] = "web", }; DEFINE_STRING_TABLE_LOOKUP(session_type, SessionType); @@ -965,7 +1333,8 @@ DEFINE_STRING_TABLE_LOOKUP(session_type, SessionType); static const char* const session_class_table[_SESSION_CLASS_MAX] = { [SESSION_USER] = "user", [SESSION_GREETER] = "greeter", - [SESSION_LOCK_SCREEN] = "lock-screen" + [SESSION_LOCK_SCREEN] = "lock-screen", + [SESSION_BACKGROUND] = "background" }; DEFINE_STRING_TABLE_LOOKUP(session_class, SessionClass);