X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Flogin%2Flogind-session.c;h=641678210fecb6c6578c0f25f04a74c7f92155c5;hb=49e942b2bc9fdedba79cd266a076ce9c9d91fc13;hp=c0d95329685d768498ea99a322ed99006d3889a0;hpb=9b221b63e5cc62439b32bb487775856a78c6015a;p=elogind.git

diff --git a/src/login/logind-session.c b/src/login/logind-session.c
index c0d953296..641678210 100644
--- a/src/login/logind-session.c
+++ b/src/login/logind-session.c
@@ -28,6 +28,7 @@
 #include "logind-session.h"
 #include "strv.h"
 #include "util.h"
+#include "mkdir.h"
 #include "cgroup-util.h"
 
 #define IDLE_THRESHOLD_USEC (5*USEC_PER_MINUTE)
@@ -145,6 +146,11 @@ int session_save(Session *s) {
                         "TYPE=%s\n",
                         session_type_to_string(s->type));
 
+        if (s->class >= 0)
+                fprintf(f,
+                        "CLASS=%s\n",
+                        session_class_to_string(s->class));
+
         if (s->cgroup_path)
                 fprintf(f,
                         "CGROUP=%s\n",
@@ -225,7 +231,8 @@ int session_load(Session *s) {
                 *vtnr = NULL,
                 *leader = NULL,
                 *audit_id = NULL,
-                *type = NULL;
+                *type = NULL,
+                *class = NULL;
 
         int k, r;
 
@@ -245,6 +252,7 @@ int session_load(Session *s) {
                            "VTNR",           &vtnr,
                            "LEADER",         &leader,
                            "TYPE",           &type,
+                           "CLASS",          &class,
                            NULL);
 
         if (r < 0)
@@ -297,6 +305,14 @@ int session_load(Session *s) {
                         s->type = t;
         }
 
+        if (class) {
+                SessionClass c;
+
+                c = session_class_from_string(class);
+                if (c >= 0)
+                        s->class = c;
+        }
+
         if (s->fifo_path) {
                 int fd;
 
@@ -376,6 +392,10 @@ static int session_link_x11_socket(Session *s) {
                 return -ENOENT;
         }
 
+        /* Note that this cannot be in a subdir to avoid
+         * vulnerabilities since we are privileged but the runtime
+         * path is owned by the user */
+
         t = strappend(s->user->runtime_path, "/X11-display");
         if (!t) {
                 log_error("Out of memory");
@@ -947,6 +967,14 @@ static const char* const session_type_table[_SESSION_TYPE_MAX] = {
 
 DEFINE_STRING_TABLE_LOOKUP(session_type, SessionType);
 
+static const char* const session_class_table[_SESSION_CLASS_MAX] = {
+        [SESSION_USER] = "user",
+        [SESSION_GREETER] = "greeter",
+        [SESSION_LOCK_SCREEN] = "lock-screen"
+};
+
+DEFINE_STRING_TABLE_LOOKUP(session_class, SessionClass);
+
 static const char* const kill_who_table[_KILL_WHO_MAX] = {
         [KILL_LEADER] = "leader",
         [KILL_ALL] = "all"