X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Flogin%2Flogind-session.c;h=f1c08c0a55eefdb97f450a64f907faa2dbe79a23;hp=5a1cb81ccfd7c13f982816e705c843101d577a36;hb=01c94c5d0aff09b4c0e429d483c8eeba40017071;hpb=baccf3e40bab6c0b69992ae29c396930de4660c9 diff --git a/src/login/logind-session.c b/src/login/logind-session.c index 5a1cb81cc..f1c08c0a5 100644 --- a/src/login/logind-session.c +++ b/src/login/logind-session.c @@ -28,9 +28,7 @@ #include #include -#include "sd-id128.h" #include "sd-messages.h" -#include "strv.h" #include "util.h" #include "mkdir.h" #include "path-util.h" @@ -38,27 +36,13 @@ #include "audit.h" #include "bus-util.h" #include "bus-error.h" +#include "cgroup-util.h" +#include "def.h" #include "logind-session.h" - -#define RELEASE_USEC (20*USEC_PER_SEC) +#include "formats-util.h" static void session_remove_fifo(Session *s); -static unsigned long devt_hash_func(const void *p, const uint8_t hash_key[HASH_KEY_SIZE]) { - uint64_t u = *(const dev_t*)p; - - return uint64_hash_func(&u, hash_key); -} - -static int devt_compare_func(const void *_a, const void *_b) { - dev_t a, b; - - a = *(const dev_t*) _a; - b = *(const dev_t*) _b; - - return a < b ? -1 : (a > b ? 1 : 0); -} - Session* session_new(Manager *m, const char *id) { Session *s; @@ -76,7 +60,7 @@ Session* session_new(Manager *m, const char *id) { return NULL; } - s->devices = hashmap_new(devt_hash_func, devt_compare_func); + s->devices = hashmap_new(&devt_hash_ops); if (!s->devices) { free(s->state_file); free(s); @@ -135,13 +119,6 @@ void session_free(Session *s) { LIST_REMOVE(sessions_by_seat, s->seat->sessions, s); } - if (s->scope) { - hashmap_remove(s->manager->session_units, s->scope); - free(s->scope); - } - - free(s->scope_job); - sd_bus_message_unref(s->create_message); free(s->tty); @@ -153,8 +130,6 @@ void session_free(Session *s) { hashmap_remove(s->manager->sessions, s->id); - s->vt_source = sd_event_source_unref(s->vt_source); - free(s->state_file); free(s); } @@ -211,11 +186,6 @@ int session_save(Session *s) { if (s->class >= 0) fprintf(f, "CLASS=%s\n", session_class_to_string(s->class)); - if (s->scope) - fprintf(f, "SCOPE=%s\n", s->scope); - if (s->scope_job) - fprintf(f, "SCOPE_JOB=%s\n", s->scope_job); - if (s->fifo_path) fprintf(f, "FIFO=%s\n", s->fifo_path); @@ -309,7 +279,7 @@ int session_save(Session *s) { finish: if (r < 0) - log_error("Failed to save session data %s: %s", s->state_file, strerror(-r)); + log_error_errno(r, "Failed to save session data %s: %m", s->state_file); return r; } @@ -318,6 +288,7 @@ int session_load(Session *s) { _cleanup_free_ char *remote = NULL, *seat = NULL, *vtnr = NULL, + *state = NULL, *pos = NULL, *leader = NULL, *type = NULL, @@ -333,8 +304,6 @@ int session_load(Session *s) { r = parse_env_file(s->state_file, NEWLINE, "REMOTE", &remote, - "SCOPE", &s->scope, - "SCOPE_JOB", &s->scope_job, "FIFO", &s->fifo_path, "SEAT", &seat, "TTY", &s->tty, @@ -344,6 +313,7 @@ int session_load(Session *s) { "SERVICE", &s->service, "DESKTOP", &s->desktop, "VTNR", &vtnr, + "STATE", &state, "POS", &pos, "LEADER", &leader, "TYPE", &type, @@ -354,10 +324,8 @@ int session_load(Session *s) { "CONTROLLER", &controller, NULL); - if (r < 0) { - log_error("Failed to read %s: %s", s->state_file, strerror(-r)); - return r; - } + if (r < 0) + return log_error_errno(r, "Failed to read %s: %m", s->state_file); if (!s->user) { uid_t u; @@ -374,7 +342,7 @@ int session_load(Session *s) { return r; } - user = hashmap_get(s->manager->users, ULONG_TO_PTR((unsigned long) u)); + user = hashmap_get(s->manager->users, UID_TO_PTR(u)); if (!user) { log_error("User of session %s not known.", s->id); return -ENOENT; @@ -434,13 +402,18 @@ int session_load(Session *s) { s->class = c; } + if (state && streq(state, "closing")) + s->stopping = true; + if (s->fifo_path) { int fd; /* If we open an unopened pipe for reading we will not get an EOF. to trigger an EOF we hence open it for - reading, but close it right-away which then will - trigger the EOF. */ + writing, but close it right away which then will + trigger the EOF. This will happen immediately if no + other process has the FIFO open for writing, i. e. + when the session died before logind (re)started. */ fd = session_create_fifo(s); safe_close(fd); @@ -475,7 +448,7 @@ int session_activate(Session *s) { assert(s->user); if (!s->seat) - return -ENOTSUP; + return -EOPNOTSUPP; if (s->seat->active == s) return 0; @@ -483,7 +456,7 @@ int session_activate(Session *s) { /* on seats with VTs, we let VTs manage session-switching */ if (seat_has_vts(s->seat)) { if (!s->vtnr) - return -ENOTSUP; + return -EOPNOTSUPP; return chvt(s->vtnr); } @@ -505,42 +478,21 @@ int session_activate(Session *s) { return 0; } -static int session_start_scope(Session *s) { +static int session_start_cgroup(Session *s) { int r; assert(s); assert(s->user); - assert(s->user->slice); - - if (!s->scope) { - _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; - _cleanup_free_ char *description = NULL; - char *scope, *job = NULL; - - description = strjoin("Session ", s->id, " of user ", s->user->name, NULL); - if (!description) - return log_oom(); - - scope = strjoin("session-", s->id, ".scope", NULL); - if (!scope) - return log_oom(); - - r = manager_start_scope(s->manager, scope, s->leader, s->user->slice, description, "systemd-logind.service", "systemd-user-sessions.service", &error, &job); - if (r < 0) { - log_error("Failed to start session scope %s: %s %s", - scope, bus_error_message(&error, r), error.name); - free(scope); - return r; - } else { - s->scope = scope; + assert(s->leader > 0); - free(s->scope_job); - s->scope_job = job; - } - } + /* First, create our own group */ + r = cg_create(SYSTEMD_CGROUP_CONTROLLER, s->id); + if (r < 0) + return log_error_errno(r, "Failed to create cgroup %s: %m", s->id); - if (s->scope) - hashmap_put(s->manager->session_units, s->scope, s); + r = cg_attach(SYSTEMD_CGROUP_CONTROLLER, s->id, s->leader); + if (r < 0) + log_warning_errno(r, "Failed to attach PID %d to cgroup %s: %m", s->leader, s->id); return 0; } @@ -560,17 +512,16 @@ int session_start(Session *s) { if (r < 0) return r; - /* Create cgroup */ - r = session_start_scope(s); + r = session_start_cgroup(s); if (r < 0) return r; log_struct(s->class == SESSION_BACKGROUND ? LOG_DEBUG : LOG_INFO, - MESSAGE_ID(SD_MESSAGE_SESSION_START), + LOG_MESSAGE_ID(SD_MESSAGE_SESSION_START), "SESSION_ID=%s", s->id, "USER_ID=%s", s->user->name, "LEADER="PID_FMT, s->leader, - "MESSAGE=New session %s of user %s.", s->id, s->user->name, + LOG_MESSAGE("New session %s of user %s.", s->id, s->user->name), NULL); if (!dual_timestamp_is_set(&s->timestamp)) @@ -602,31 +553,16 @@ int session_start(Session *s) { return 0; } -static int session_stop_scope(Session *s, bool force) { +static int session_stop_cgroup(Session *s, bool force) { _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; - char *job = NULL; int r; assert(s); - if (!s->scope) - return 0; - if (force || manager_shall_kill(s->manager, s->user->name)) { - r = manager_stop_unit(s->manager, s->scope, &error, &job); - if (r < 0) { - log_error("Failed to stop session scope: %s", bus_error_message(&error, r)); - return r; - } - - free(s->scope_job); - s->scope_job = job; - } else { - r = manager_abandon_scope(s->manager, s->scope, &error); - if (r < 0) { - log_error("Failed to abandon session scope: %s", bus_error_message(&error, r)); + r = session_kill(s, KILL_ALL, SIGTERM); + if (r < 0) return r; - } } return 0; @@ -646,7 +582,7 @@ int session_stop(Session *s, bool force) { session_remove_fifo(s); /* Kill cgroup */ - r = session_stop_scope(s, force); + r = session_stop_cgroup(s, force); s->stopping = true; @@ -669,11 +605,11 @@ int session_finalize(Session *s) { if (s->started) log_struct(s->class == SESSION_BACKGROUND ? LOG_DEBUG : LOG_INFO, - MESSAGE_ID(SD_MESSAGE_SESSION_STOP), + LOG_MESSAGE_ID(SD_MESSAGE_SESSION_STOP), "SESSION_ID=%s", s->id, "USER_ID=%s", s->user->name, "LEADER="PID_FMT, s->leader, - "MESSAGE=Removed session %s.", s->id, + LOG_MESSAGE("Removed session %s.", s->id), NULL); s->timer_event_source = sd_event_source_unref(s->timer_event_source); @@ -705,28 +641,19 @@ int session_finalize(Session *s) { return r; } -static int release_timeout_callback(sd_event_source *es, uint64_t usec, void *userdata) { - Session *s = userdata; - - assert(es); - assert(s); - - session_stop(s, false); - return 0; -} - -void session_release(Session *s) { +int session_release(Session *s) { assert(s); if (!s->started || s->stopping) - return; + return 0; - if (!s->timer_event_source) - sd_event_add_time(s->manager->event, - &s->timer_event_source, - CLOCK_MONOTONIC, - now(CLOCK_MONOTONIC) + RELEASE_USEC, 0, - release_timeout_callback, s); + if (s->timer_event_source) + return 0; + + /* In systemd, session release is triggered by user jobs + dying. In elogind we don't have that so go ahead and stop + now. */ + return session_stop(s, false); } bool session_is_active(Session *s) { @@ -931,10 +858,7 @@ bool session_check_gc(Session *s, bool drop_not_started) { return true; } - if (s->scope_job && manager_job_is_active(s->manager, s->scope_job)) - return true; - - if (s->scope && manager_unit_is_active(s->manager, s->scope)) + if (cg_is_empty_recursive (SYSTEMD_CGROUP_CONTROLLER, s->id, false) > 0) return true; return false; @@ -957,7 +881,7 @@ SessionState session_get_state(Session *s) { if (s->stopping || s->timer_event_source) return SESSION_CLOSING; - if (s->scope_job || s->fifo_fd < 0) + if (s->fifo_fd < 0) return SESSION_OPENING; if (session_is_active(s)) @@ -969,10 +893,23 @@ SessionState session_get_state(Session *s) { int session_kill(Session *s, KillWho who, int signo) { assert(s); - if (!s->scope) - return -ESRCH; + if (who == KILL_LEADER) { + if (s->leader <= 0) + return -ESRCH; + + /* FIXME: verify that leader is in cgroup? */ - return manager_kill_unit(s->manager, s->scope, who, signo, NULL); + if (kill(s->leader, signo) < 0) { + return log_error_errno(errno, "Failed to kill process leader %d for session %s: %m", s->leader, s->id); + } + return 0; + } else { + bool sigcont = false; + bool ignore_self = true; + bool rem = true; + return cg_kill_recursive (SYSTEMD_CGROUP_CONTROLLER, s->id, signo, + sigcont, ignore_self, rem, NULL); + } } static int session_open_vt(Session *s) { @@ -986,27 +923,15 @@ static int session_open_vt(Session *s) { sprintf(path, "/dev/tty%u", s->vtnr); s->vtfd = open(path, O_RDWR | O_CLOEXEC | O_NONBLOCK | O_NOCTTY); - if (s->vtfd < 0) { - log_error("cannot open VT %s of session %s: %m", path, s->id); - return -errno; - } + if (s->vtfd < 0) + return log_error_errno(errno, "cannot open VT %s of session %s: %m", path, s->id); return s->vtfd; } -static int session_vt_fn(sd_event_source *source, const struct signalfd_siginfo *si, void *data) { - Session *s = data; - - if (s->vtfd >= 0) - ioctl(s->vtfd, VT_RELDISP, 1); - - return 0; -} - int session_prepare_vt(Session *s) { int vt, r; struct vt_mode mode = { 0 }; - sigset_t mask; if (s->vtnr < 1) return 0; @@ -1018,42 +943,34 @@ int session_prepare_vt(Session *s) { r = fchown(vt, s->user->uid, -1); if (r < 0) { r = -errno; - log_error("Cannot change owner of /dev/tty%u: %m", s->vtnr); + log_error_errno(errno, "Cannot change owner of /dev/tty%u: %m", s->vtnr); goto error; } r = ioctl(vt, KDSKBMODE, K_OFF); if (r < 0) { r = -errno; - log_error("Cannot set K_OFF on /dev/tty%u: %m", s->vtnr); + log_error_errno(errno, "Cannot set K_OFF on /dev/tty%u: %m", s->vtnr); goto error; } r = ioctl(vt, KDSETMODE, KD_GRAPHICS); if (r < 0) { r = -errno; - log_error("Cannot set KD_GRAPHICS on /dev/tty%u: %m", s->vtnr); + log_error_errno(errno, "Cannot set KD_GRAPHICS on /dev/tty%u: %m", s->vtnr); goto error; } - sigemptyset(&mask); - sigaddset(&mask, SIGUSR1); - sigprocmask(SIG_BLOCK, &mask, NULL); - - r = sd_event_add_signal(s->manager->event, &s->vt_source, SIGUSR1, session_vt_fn, s); - if (r < 0) - goto error; - /* Oh, thanks to the VT layer, VT_AUTO does not work with KD_GRAPHICS. * So we need a dummy handler here which just acknowledges *all* VT * switch requests. */ mode.mode = VT_PROCESS; - mode.relsig = SIGUSR1; - mode.acqsig = SIGUSR1; + mode.relsig = SIGRTMIN; + mode.acqsig = SIGRTMIN + 1; r = ioctl(vt, VT_SETMODE, &mode); if (r < 0) { r = -errno; - log_error("Cannot set VT_PROCESS on /dev/tty%u: %m", s->vtnr); + log_error_errno(errno, "Cannot set VT_PROCESS on /dev/tty%u: %m", s->vtnr); goto error; } @@ -1073,53 +990,76 @@ void session_restore_vt(Session *s) { if (vt < 0) return; - s->vt_source = sd_event_source_unref(s->vt_source); - - ioctl(vt, KDSETMODE, KD_TEXT); + (void) ioctl(vt, KDSETMODE, KD_TEXT); if (read_one_line_file("/sys/module/vt/parameters/default_utf8", &utf8) >= 0 && *utf8 == '1') kb = K_UNICODE; - ioctl(vt, KDSKBMODE, kb); + (void) ioctl(vt, KDSKBMODE, kb); mode.mode = VT_AUTO; - ioctl(vt, VT_SETMODE, &mode); + (void) ioctl(vt, VT_SETMODE, &mode); fchown(vt, 0, -1); s->vtfd = safe_close(s->vtfd); } +void session_leave_vt(Session *s) { + int r; + + assert(s); + + /* This is called whenever we get a VT-switch signal from the kernel. + * We acknowledge all of them unconditionally. Note that session are + * free to overwrite those handlers and we only register them for + * sessions with controllers. Legacy sessions are not affected. + * However, if we switch from a non-legacy to a legacy session, we must + * make sure to pause all device before acknowledging the switch. We + * process the real switch only after we are notified via sysfs, so the + * legacy session might have already started using the devices. If we + * don't pause the devices before the switch, we might confuse the + * session we switch to. */ + + if (s->vtfd < 0) + return; + + session_device_pause_all(s); + r = ioctl(s->vtfd, VT_RELDISP, 1); + if (r < 0) + log_debug_errno(errno, "Cannot release VT of session %s: %m", s->id); +} + bool session_is_controller(Session *s, const char *sender) { assert(s); return streq_ptr(s->controller, sender); } -static void session_swap_controller(Session *s, char *name) { +static void session_release_controller(Session *s, bool notify) { + _cleanup_free_ char *name = NULL; SessionDevice *sd; - if (s->controller) { - manager_drop_busname(s->manager, s->controller); - free(s->controller); - s->controller = NULL; + if (!s->controller) + return; - /* Drop all devices as they're now unused. Do that after the - * controller is released to avoid sending out useles - * dbus signals. */ - while ((sd = hashmap_first(s->devices))) - session_device_free(sd); + name = s->controller; - if (!name) - session_restore_vt(s); - } + /* By resetting the controller before releasing the devices, we won't + * send notification signals. This avoids sending useless notifications + * if the controller is released on disconnects. */ + if (!notify) + s->controller = NULL; - s->controller = name; - session_save(s); + while ((sd = hashmap_first(s->devices))) + session_device_free(sd); + + s->controller = NULL; + manager_drop_busname(s->manager, name); } int session_set_controller(Session *s, const char *sender, bool force) { - char *t; + _cleanup_free_ char *name = NULL; int r; assert(s); @@ -1130,15 +1070,13 @@ int session_set_controller(Session *s, const char *sender, bool force) { if (s->controller && !force) return -EBUSY; - t = strdup(sender); - if (!t) + name = strdup(sender); + if (!name) return -ENOMEM; - r = manager_watch_busname(s->manager, sender); - if (r) { - free(t); + r = manager_watch_busname(s->manager, name); + if (r) return r; - } /* When setting a session controller, we forcibly mute the VT and set * it into graphics-mode. Applications can override that by changing @@ -1149,10 +1087,15 @@ int session_set_controller(Session *s, const char *sender, bool force) { * If logind crashes/restarts, we restore the controller during restart * or reset the VT in case it crashed/exited, too. */ r = session_prepare_vt(s); - if (r < 0) + if (r < 0) { + manager_drop_busname(s->manager, name); return r; + } - session_swap_controller(s, t); + session_release_controller(s, true); + s->controller = name; + name = NULL; + session_save(s); return 0; } @@ -1163,7 +1106,9 @@ void session_drop_controller(Session *s) { if (!s->controller) return; - session_swap_controller(s, NULL); + session_release_controller(s, false); + session_save(s); + session_restore_vt(s); } static const char* const session_state_table[_SESSION_STATE_MAX] = { @@ -1181,6 +1126,7 @@ static const char* const session_type_table[_SESSION_TYPE_MAX] = { [SESSION_X11] = "x11", [SESSION_WAYLAND] = "wayland", [SESSION_MIR] = "mir", + [SESSION_WEB] = "web", }; DEFINE_STRING_TABLE_LOOKUP(session_type, SessionType);