#include <sys/epoll.h>
#include <fcntl.h>
+#include <systemd/sd-id128.h>
+#include <systemd/sd-messages.h>
+
#include "strv.h"
#include "util.h"
#include "mkdir.h"
#include "path-util.h"
#include "cgroup-util.h"
+#include "fileio.h"
+#include "dbus-common.h"
#include "logind-session.h"
-#define IDLE_THRESHOLD_USEC (5*USEC_PER_MINUTE)
-
-Session* session_new(Manager *m, User *u, const char *id) {
+Session* session_new(Manager *m, const char *id) {
Session *s;
assert(m);
s->manager = m;
s->fifo_fd = -1;
- s->user = u;
-
- LIST_PREPEND(Session, sessions_by_user, u->sessions, s);
return s;
}
LIST_REMOVE(Session, sessions_by_seat, s->seat->sessions, s);
}
- if (s->cgroup_path)
- hashmap_remove(s->manager->session_cgroups, s->cgroup_path);
+ if (s->scope) {
+ hashmap_remove(s->manager->session_units, s->scope);
+ free(s->scope);
+ }
+
+ free(s->scope_job);
- free(s->cgroup_path);
- strv_free(s->controllers);
+ if (s->create_message)
+ dbus_message_unref(s->create_message);
free(s->tty);
free(s->display);
free(s);
}
+void session_set_user(Session *s, User *u) {
+ assert(s);
+ assert(!s->user);
+
+ s->user = u;
+ LIST_PREPEND(Session, sessions_by_user, u->sessions, s);
+}
+
int session_save(Session *s) {
- FILE *f;
+ _cleanup_fclose_ FILE *f = NULL;
+ _cleanup_free_ char *temp_path = NULL;
int r = 0;
- char *temp_path;
assert(s);
+ if (!s->user)
+ return -ESTALE;
+
if (!s->started)
return 0;
"USER=%s\n"
"ACTIVE=%i\n"
"STATE=%s\n"
- "REMOTE=%i\n"
- "KILL_PROCESSES=%i\n",
+ "REMOTE=%i\n",
(unsigned long) s->user->uid,
s->user->name,
session_is_active(s),
session_state_to_string(session_get_state(s)),
- s->remote,
- s->kill_processes);
+ s->remote);
if (s->type >= 0)
- fprintf(f,
- "TYPE=%s\n",
- session_type_to_string(s->type));
+ fprintf(f, "TYPE=%s\n", session_type_to_string(s->type));
if (s->class >= 0)
- fprintf(f,
- "CLASS=%s\n",
- session_class_to_string(s->class));
+ fprintf(f, "CLASS=%s\n", session_class_to_string(s->class));
- if (s->cgroup_path)
- fprintf(f,
- "CGROUP=%s\n",
- s->cgroup_path);
+ if (s->scope)
+ fprintf(f, "SCOPE=%s\n", s->scope);
+
+ if (s->scope_job)
+ fprintf(f, "SCOPE_JOB=%s\n", s->scope_job);
if (s->fifo_path)
- fprintf(f,
- "FIFO=%s\n",
- s->fifo_path);
+ fprintf(f, "FIFO=%s\n", s->fifo_path);
if (s->seat)
- fprintf(f,
- "SEAT=%s\n",
- s->seat->id);
+ fprintf(f, "SEAT=%s\n", s->seat->id);
if (s->tty)
- fprintf(f,
- "TTY=%s\n",
- s->tty);
+ fprintf(f, "TTY=%s\n", s->tty);
if (s->display)
- fprintf(f,
- "DISPLAY=%s\n",
- s->display);
+ fprintf(f, "DISPLAY=%s\n", s->display);
if (s->remote_host)
- fprintf(f,
- "REMOTE_HOST=%s\n",
- s->remote_host);
+ fprintf(f, "REMOTE_HOST=%s\n", s->remote_host);
if (s->remote_user)
- fprintf(f,
- "REMOTE_USER=%s\n",
- s->remote_user);
+ fprintf(f, "REMOTE_USER=%s\n", s->remote_user);
if (s->service)
- fprintf(f,
- "SERVICE=%s\n",
- s->service);
+ fprintf(f, "SERVICE=%s\n", s->service);
if (s->seat && seat_can_multi_session(s->seat))
- fprintf(f,
- "VTNR=%i\n",
- s->vtnr);
+ fprintf(f, "VTNR=%i\n", s->vtnr);
if (s->leader > 0)
- fprintf(f,
- "LEADER=%lu\n",
- (unsigned long) s->leader);
+ fprintf(f, "LEADER=%lu\n", (unsigned long) s->leader);
if (s->audit_id > 0)
+ fprintf(f, "AUDIT=%"PRIu32"\n", s->audit_id);
+
+ if (dual_timestamp_is_set(&s->timestamp))
fprintf(f,
- "AUDIT=%llu\n",
- (unsigned long long) s->audit_id);
+ "REALTIME=%llu\n"
+ "MONOTONIC=%llu\n",
+ (unsigned long long) s->timestamp.realtime,
+ (unsigned long long) s->timestamp.monotonic);
fflush(f);
unlink(temp_path);
}
- fclose(f);
- free(temp_path);
-
finish:
if (r < 0)
log_error("Failed to save session data for %s: %s", s->id, strerror(-r));
}
int session_load(Session *s) {
- char *remote = NULL,
- *kill_processes = NULL,
+ _cleanup_free_ char *remote = NULL,
*seat = NULL,
*vtnr = NULL,
*leader = NULL,
*audit_id = NULL,
*type = NULL,
- *class = NULL;
+ *class = NULL,
+ *uid = NULL,
+ *realtime = NULL,
+ *monotonic = NULL;
int k, r;
r = parse_env_file(s->state_file, NEWLINE,
"REMOTE", &remote,
- "KILL_PROCESSES", &kill_processes,
- "CGROUP", &s->cgroup_path,
+ "SCOPE", &s->scope,
+ "SCOPE_JOB", &s->scope_job,
"FIFO", &s->fifo_path,
"SEAT", &seat,
"TTY", &s->tty,
"LEADER", &leader,
"TYPE", &type,
"CLASS", &class,
+ "UID", &uid,
+ "REALTIME", &realtime,
+ "MONOTONIC", &monotonic,
NULL);
- if (r < 0)
- goto finish;
+ if (r < 0) {
+ log_error("Failed to read %s: %s", s->state_file, strerror(-r));
+ return r;
+ }
+
+ if (!s->user) {
+ uid_t u;
+ User *user;
+
+ if (!uid) {
+ log_error("UID not specified for session %s", s->id);
+ return -ENOENT;
+ }
+
+ r = parse_uid(uid, &u);
+ if (r < 0) {
+ log_error("Failed to parse UID value %s for session %s.", uid, s->id);
+ return r;
+ }
+
+ user = hashmap_get(s->manager->users, ULONG_TO_PTR((unsigned long) u));
+ if (!user) {
+ log_error("User of session %s not known.", s->id);
+ return -ENOENT;
+ }
+
+ session_set_user(s, user);
+ }
if (remote) {
k = parse_boolean(remote);
s->remote = k;
}
- if (kill_processes) {
- k = parse_boolean(kill_processes);
- if (k >= 0)
- s->kill_processes = k;
- }
-
if (seat && !s->seat) {
Seat *o;
close_nointr_nofail(fd);
}
-finish:
- free(remote);
- free(kill_processes);
- free(seat);
- free(vtnr);
- free(leader);
- free(audit_id);
- free(class);
+ if (realtime) {
+ unsigned long long l;
+ if (sscanf(realtime, "%llu", &l) > 0)
+ s->timestamp.realtime = l;
+ }
+
+ if (monotonic) {
+ unsigned long long l;
+ if (sscanf(monotonic, "%llu", &l) > 0)
+ s->timestamp.monotonic = l;
+ }
return r;
}
int r;
assert(s);
+ assert(s->user);
if (s->vtnr < 0)
return -ENOTSUP;
return 0;
}
-static int session_create_one_group(Session *s, const char *controller, const char *path) {
- int r;
-
- assert(s);
- assert(controller);
- assert(path);
-
- if (s->leader > 0) {
- r = cg_create_and_attach(controller, path, s->leader);
- if (r < 0)
- r = cg_create(controller, path);
- } else
- r = cg_create(controller, path);
-
- if (r < 0)
- return r;
-
- r = cg_set_task_access(controller, path, 0644, s->user->uid, s->user->gid, -1);
- if (r >= 0)
- r = cg_set_group_access(controller, path, 0755, s->user->uid, s->user->gid);
-
- return r;
-}
-
-static int session_create_cgroup(Session *s) {
- char **k;
- char *p;
+static int session_start_scope(Session *s) {
+ DBusError error;
int r;
assert(s);
assert(s->user);
- assert(s->user->cgroup_path);
+ assert(s->user->slice);
- if (!s->cgroup_path) {
- if (asprintf(&p, "%s/%s", s->user->cgroup_path, s->id) < 0)
- return log_oom();
- } else
- p = s->cgroup_path;
+ dbus_error_init(&error);
- r = session_create_one_group(s, SYSTEMD_CGROUP_CONTROLLER, p);
- if (r < 0) {
- log_error("Failed to create "SYSTEMD_CGROUP_CONTROLLER":%s: %s", p, strerror(-r));
- free(p);
- s->cgroup_path = NULL;
- return r;
- }
-
- s->cgroup_path = p;
-
- STRV_FOREACH(k, s->controllers) {
-
- if (strv_contains(s->reset_controllers, *k))
- continue;
-
- r = session_create_one_group(s, *k, p);
- if (r < 0)
- log_warning("Failed to create %s:%s: %s", *k, p, strerror(-r));
- }
-
- STRV_FOREACH(k, s->manager->controllers) {
-
- if (strv_contains(s->reset_controllers, *k) ||
- strv_contains(s->manager->reset_controllers, *k) ||
- strv_contains(s->controllers, *k))
- continue;
-
- r = session_create_one_group(s, *k, p);
- if (r < 0)
- log_warning("Failed to create %s:%s: %s", *k, p, strerror(-r));
- }
-
- if (s->leader > 0) {
+ if (!s->scope) {
+ _cleanup_free_ char *description = NULL;
+ char *scope, *job;
- STRV_FOREACH(k, s->reset_controllers) {
- r = cg_attach(*k, "/", s->leader);
- if (r < 0)
- log_warning("Failed to reset controller %s: %s", *k, strerror(-r));
-
- }
+ scope = strjoin("session-", s->id, ".scope", NULL);
+ if (!scope)
+ return log_oom();
- STRV_FOREACH(k, s->manager->reset_controllers) {
+ description = strjoin("Session ", s->id, " of user ", s->user->name, NULL);
- if (strv_contains(s->reset_controllers, *k) ||
- strv_contains(s->controllers, *k))
- continue;
+ r = manager_start_scope(s->manager, scope, s->leader, s->user->slice, description, &error, &job);
+ if (r < 0) {
+ log_error("Failed to start session scope: %s %s", bus_error(&error, r), error.name);
+ dbus_error_free(&error);
- r = cg_attach(*k, "/", s->leader);
- if (r < 0)
- log_warning("Failed to reset controller %s: %s", *k, strerror(-r));
+ free(scope);
+ return r;
+ } else {
+ s->scope = scope;
+ free(s->scope_job);
+ s->scope_job = job;
}
}
- hashmap_put(s->manager->session_cgroups, s->cgroup_path, s);
+ if (s->scope)
+ hashmap_put(s->manager->session_units, s->scope, s);
return 0;
}
int r;
assert(s);
- assert(s->user);
+
+ if (!s->user)
+ return -ESTALE;
if (s->started)
return 0;
if (r < 0)
return r;
- log_full(s->type == SESSION_TTY || s->type == SESSION_X11 ? LOG_INFO : LOG_DEBUG,
- "New session %s of user %s.", s->id, s->user->name);
-
/* Create cgroup */
- r = session_create_cgroup(s);
+ r = session_start_scope(s);
if (r < 0)
return r;
+ log_struct(s->type == SESSION_TTY || s->type == SESSION_X11 ? LOG_INFO : LOG_DEBUG,
+ MESSAGE_ID(SD_MESSAGE_SESSION_START),
+ "SESSION_ID=%s", s->id,
+ "USER_ID=%s", s->user->name,
+ "LEADER=%lu", (unsigned long) s->leader,
+ "MESSAGE=New session %s of user %s.", s->id, s->user->name,
+ NULL);
+
/* Create X11 symlink */
session_link_x11_socket(s);
- dual_timestamp_get(&s->timestamp);
+ if (!dual_timestamp_is_set(&s->timestamp))
+ dual_timestamp_get(&s->timestamp);
if (s->seat)
seat_read_active_vt(s->seat);
return 0;
}
-static bool session_shall_kill(Session *s) {
- assert(s);
+/* static bool session_shall_kill(Session *s) { */
+/* assert(s); */
- if (!s->kill_processes)
- return false;
+/* if (!s->kill_processes) */
+/* return false; */
- if (strv_contains(s->manager->kill_exclude_users, s->user->name))
- return false;
+/* if (strv_contains(s->manager->kill_exclude_users, s->user->name)) */
+/* return false; */
- if (strv_isempty(s->manager->kill_only_users))
- return true;
+/* if (strv_isempty(s->manager->kill_only_users)) */
+/* return true; */
- return strv_contains(s->manager->kill_only_users, s->user->name);
-}
+/* return strv_contains(s->manager->kill_only_users, s->user->name); */
+/* } */
-static int session_terminate_cgroup(Session *s) {
+static int session_stop_scope(Session *s) {
+ DBusError error;
+ char *job;
int r;
- char **k;
assert(s);
- if (!s->cgroup_path)
- return 0;
-
- cg_trim(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, false);
-
- if (session_shall_kill(s)) {
+ dbus_error_init(&error);
- r = cg_kill_recursive_and_wait(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, true);
- if (r < 0)
- log_error("Failed to kill session cgroup: %s", strerror(-r));
-
- } else {
- if (s->leader > 0) {
- Session *t;
-
- /* We still send a HUP to the leader process,
- * even if we are not supposed to kill the
- * whole cgroup. But let's first check the
- * leader still exists and belongs to our
- * session... */
-
- r = manager_get_session_by_pid(s->manager, s->leader, &t);
- if (r > 0 && t == s) {
- kill(s->leader, SIGTERM); /* for normal processes */
- kill(s->leader, SIGHUP); /* for shells */
- kill(s->leader, SIGCONT); /* in case they are stopped */
- }
- }
+ if (!s->scope)
+ return 0;
- r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, true);
- if (r < 0)
- log_error("Failed to check session cgroup: %s", strerror(-r));
- else if (r > 0) {
- r = cg_delete(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path);
- if (r < 0)
- log_error("Failed to delete session cgroup: %s", strerror(-r));
- }
+ r = manager_stop_unit(s->manager, s->scope, &error, &job);
+ if (r < 0) {
+ log_error("Failed to stop session scope: %s", bus_error(&error, r));
+ dbus_error_free(&error);
+ return r;
}
- STRV_FOREACH(k, s->user->manager->controllers)
- cg_trim(*k, s->cgroup_path, true);
-
- hashmap_remove(s->manager->session_cgroups, s->cgroup_path);
-
- free(s->cgroup_path);
- s->cgroup_path = NULL;
+ free(s->scope_job);
+ s->scope_job = job;
return 0;
}
assert(s);
+ if (!s->user)
+ return -ESTALE;
+
if (s->started)
- log_full(s->type == SESSION_TTY || s->type == SESSION_X11 ? LOG_INFO : LOG_DEBUG,
- "Removed session %s.", s->id);
+ log_struct(s->type == SESSION_TTY || s->type == SESSION_X11 ? LOG_INFO : LOG_DEBUG,
+ MESSAGE_ID(SD_MESSAGE_SESSION_STOP),
+ "SESSION_ID=%s", s->id,
+ "USER_ID=%s", s->user->name,
+ "LEADER=%lu", (unsigned long) s->leader,
+ "MESSAGE=Removed session %s.", s->id,
+ NULL);
/* Kill cgroup */
- k = session_terminate_cgroup(s);
+ k = session_stop_scope(s);
if (k < 0)
r = k;
if (s->started)
session_send_signal(s, false);
+ s->started = false;
+
if (s->seat) {
if (s->seat->active == s)
seat_set_active(s->seat, NULL);
seat_send_changed(s->seat, "Sessions\0");
+ seat_save(s->seat);
}
user_send_changed(s->user, "Sessions\0");
-
- s->started = false;
+ user_save(s->user);
return r;
}
return s->seat->active == s;
}
-int session_get_idle_hint(Session *s, dual_timestamp *t) {
- char *p;
+static int get_tty_atime(const char *tty, usec_t *atime) {
+ _cleanup_free_ char *p = NULL;
struct stat st;
- usec_t u, n;
- bool b;
- int k;
+
+ assert(tty);
+ assert(atime);
+
+ if (!path_is_absolute(tty)) {
+ p = strappend("/dev/", tty);
+ if (!p)
+ return -ENOMEM;
+
+ tty = p;
+ } else if (!path_startswith(tty, "/dev/"))
+ return -ENOENT;
+
+ if (lstat(tty, &st) < 0)
+ return -errno;
+
+ *atime = timespec_load(&st.st_atim);
+ return 0;
+}
+
+static int get_process_ctty_atime(pid_t pid, usec_t *atime) {
+ _cleanup_free_ char *p = NULL;
+ int r;
+
+ assert(pid > 0);
+ assert(atime);
+
+ r = get_ctty(pid, NULL, &p);
+ if (r < 0)
+ return r;
+
+ return get_tty_atime(p, atime);
+}
+
+int session_get_idle_hint(Session *s, dual_timestamp *t) {
+ usec_t atime = 0, n;
+ int r;
assert(s);
+ /* Explicit idle hint is set */
if (s->idle_hint) {
if (t)
*t = s->idle_hint_timestamp;
return s->idle_hint;
}
- if (isempty(s->tty))
+ /* Graphical sessions should really implement a real
+ * idle hint logic */
+ if (s->display)
goto dont_know;
- if (s->tty[0] != '/') {
- p = strappend("/dev/", s->tty);
- if (!p)
- return -ENOMEM;
- } else
- p = NULL;
-
- if (!startswith(p ? p : s->tty, "/dev/")) {
- free(p);
- goto dont_know;
+ /* For sessions with an explicitly configured tty, let's check
+ * its atime */
+ if (s->tty) {
+ r = get_tty_atime(s->tty, &atime);
+ if (r >= 0)
+ goto found_atime;
}
- k = lstat(p ? p : s->tty, &st);
- free(p);
+ /* For sessions with a leader but no explicitly configured
+ * tty, let's check the controlling tty of the leader */
+ if (s->leader > 0) {
+ r = get_process_ctty_atime(s->leader, &atime);
+ if (r >= 0)
+ goto found_atime;
+ }
- if (k < 0)
- goto dont_know;
+dont_know:
+ if (t)
+ *t = s->idle_hint_timestamp;
- u = timespec_load(&st.st_atim);
- n = now(CLOCK_REALTIME);
- b = u + IDLE_THRESHOLD_USEC < n;
+ return 0;
+found_atime:
if (t)
- dual_timestamp_from_realtime(t, u + b*IDLE_THRESHOLD_USEC);
+ dual_timestamp_from_realtime(t, atime);
- return b;
+ n = now(CLOCK_REALTIME);
-dont_know:
- if (t)
- *t = s->idle_hint_timestamp;
+ if (s->manager->idle_action_usec <= 0)
+ return 0;
- return 0;
+ return atime + s->manager->idle_action_usec <= n;
}
void session_set_idle_hint(Session *s, bool b) {
/* Open reading side */
if (s->fifo_fd < 0) {
- struct epoll_event ev;
+ struct epoll_event ev = {};
s->fifo_fd = open(s->fifo_path, O_RDONLY|O_CLOEXEC|O_NDELAY);
if (s->fifo_fd < 0)
if (r < 0)
return r;
- zero(ev);
ev.events = 0;
ev.data.u32 = FD_OTHER_BASE + s->fifo_fd;
assert_se(epoll_ctl(s->manager->epoll_fd, EPOLL_CTL_DEL, s->fifo_fd, NULL) == 0);
close_nointr_nofail(s->fifo_fd);
s->fifo_fd = -1;
+
+ session_save(s);
+ user_save(s->user);
}
if (s->fifo_path) {
if (drop_not_started && !s->started)
return 0;
+ if (!s->user)
+ return 0;
+
if (s->fifo_fd >= 0) {
r = pipe_eof(s->fifo_fd);
return 1;
}
- if (s->cgroup_path) {
-
- r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, false);
- if (r < 0)
- return r;
+ if (s->scope_job)
+ return 1;
- if (r <= 0)
- return 1;
- }
+ if (s->scope)
+ return manager_unit_is_active(s->manager, s->scope) != 0;
return 0;
}
SessionState session_get_state(Session *s) {
assert(s);
+ if (s->scope_job)
+ return s->started ? SESSION_OPENING : SESSION_CLOSING;
+
if (s->fifo_fd < 0)
return SESSION_CLOSING;
}
int session_kill(Session *s, KillWho who, int signo) {
- int r = 0;
- Set *pid_set = NULL;
-
assert(s);
- if (!s->cgroup_path)
- return -ESRCH;
-
- if (s->leader <= 0 && who == KILL_LEADER)
+ if (!s->scope)
return -ESRCH;
- if (s->leader > 0)
- if (kill(s->leader, signo) < 0)
- r = -errno;
-
- if (who == KILL_ALL) {
- int q;
-
- pid_set = set_new(trivial_hash_func, trivial_compare_func);
- if (!pid_set)
- return -ENOMEM;
-
- if (s->leader > 0) {
- q = set_put(pid_set, LONG_TO_PTR(s->leader));
- if (q < 0)
- r = q;
- }
-
- q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, signo, false, true, false, pid_set);
- if (q < 0)
- if (q != -EAGAIN && q != -ESRCH && q != -ENOENT)
- r = q;
- }
-
- if (pid_set)
- set_free(pid_set);
-
- return r;
+ return manager_kill_unit(s->manager, s->scope, who, signo, NULL);
}
-static const char* const session_state_table[_SESSION_TYPE_MAX] = {
+static const char* const session_state_table[_SESSION_STATE_MAX] = {
+ [SESSION_OPENING] = "opening",
[SESSION_ONLINE] = "online",
[SESSION_ACTIVE] = "active",
[SESSION_CLOSING] = "closing"
static const char* const session_class_table[_SESSION_CLASS_MAX] = {
[SESSION_USER] = "user",
[SESSION_GREETER] = "greeter",
- [SESSION_LOCK_SCREEN] = "lock-screen"
+ [SESSION_LOCK_SCREEN] = "lock-screen",
+ [SESSION_BACKGROUND] = "background"
};
DEFINE_STRING_TABLE_LOOKUP(session_class, SessionClass);