#include "util.h"
#include "mkdir.h"
#include "hashmap.h"
-#include "strv.h"
#include "fileio.h"
#include "path-util.h"
#include "special.h"
#include "conf-parser.h"
#include "clean-ipc.h"
#include "logind-user.h"
+#include "smack-util.h"
User* user_new(Manager *m, uid_t uid, gid_t gid, const char *name) {
User *u;
if (asprintf(&u->state_file, "/run/systemd/users/"UID_FMT, uid) < 0)
goto fail;
- if (hashmap_put(m->users, ULONG_TO_PTR((unsigned long) uid), u) < 0)
+ if (hashmap_put(m->users, UID_TO_PTR(uid), u) < 0)
goto fail;
u->manager = m;
free(u->runtime_path);
- hashmap_remove(u->manager->users, ULONG_TO_PTR((unsigned long) u->uid));
+ hashmap_remove(u->manager->users, UID_TO_PTR(u->uid));
free(u->name);
free(u->state_file);
finish:
if (r < 0)
- log_error("Failed to save user data %s: %s", u->state_file, strerror(-r));
+ log_error_errno(r, "Failed to save user data %s: %m", u->state_file);
return r;
}
if (r == -ENOENT)
return 0;
- log_error("Failed to read %s: %s", u->state_file, strerror(-r));
+ log_error_errno(r, "Failed to read %s: %m", u->state_file);
return r;
}
assert(u);
r = mkdir_safe_label("/run/user", 0755, 0, 0);
- if (r < 0) {
- log_error("Failed to create /run/user: %s", strerror(-r));
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "Failed to create /run/user: %m");
if (!u->runtime_path) {
if (asprintf(&p, "/run/user/" UID_FMT, u->uid) < 0)
if (path_is_mount_point(p, false) <= 0) {
_cleanup_free_ char *t = NULL;
- mkdir(p, 0700);
+ (void) mkdir(p, 0700);
- if (asprintf(&t, "mode=0700,uid=" UID_FMT ",gid=" GID_FMT ",size=%zu", u->uid, u->gid, u->manager->runtime_dir_size) < 0) {
+ if (mac_smack_use())
+ r = asprintf(&t, "mode=0700,smackfsroot=*,uid=" UID_FMT ",gid=" GID_FMT ",size=%zu", u->uid, u->gid, u->manager->runtime_dir_size);
+ else
+ r = asprintf(&t, "mode=0700,uid=" UID_FMT ",gid=" GID_FMT ",size=%zu", u->uid, u->gid, u->manager->runtime_dir_size);
+ if (r < 0) {
r = log_oom();
goto fail;
}
r = mount("tmpfs", p, "tmpfs", MS_NODEV|MS_NOSUID, t);
if (r < 0) {
- log_error("Failed to mount per-user tmpfs directory %s: %s", p, strerror(-r));
- goto fail;
+ if (errno != EPERM) {
+ r = log_error_errno(errno, "Failed to mount per-user tmpfs directory %s: %m", p);
+ goto fail;
+ }
+
+ /* Lacking permissions, maybe
+ * CAP_SYS_ADMIN-less container? In this case,
+ * just use a normal directory. */
+
+ r = chmod_and_chown(p, 0700, u->uid, u->gid);
+ if (r < 0) {
+ log_error_errno(r, "Failed to change runtime directory ownership and mode: %m");
+ goto fail;
+ }
}
}
return 0;
fail:
- free(p);
+ if (p) {
+ /* Try to clean up, but ignore errors */
+ (void) rmdir(p);
+ free(p);
+ }
+
u->runtime_path = NULL;
return r;
}
r = rm_rf(u->runtime_path, false, false, false);
if (r < 0)
- log_error("Failed to remove runtime directory %s: %s", u->runtime_path, strerror(-r));
+ log_error_errno(r, "Failed to remove runtime directory %s: %m", u->runtime_path);
- if (umount2(u->runtime_path, MNT_DETACH) < 0)
- log_error("Failed to unmount user runtime directory %s: %m", u->runtime_path);
+ /* Ignore cases where the directory isn't mounted, as that's
+ * quite possible, if we lacked the permissions to mount
+ * something */
+ r = umount2(u->runtime_path, MNT_DETACH);
+ if (r < 0 && errno != EINVAL && errno != ENOENT)
+ log_error_errno(errno, "Failed to unmount user runtime directory %s: %m", u->runtime_path);
r = rm_rf(u->runtime_path, false, true, false);
if (r < 0)
- log_error("Failed to remove runtime directory %s: %s", u->runtime_path, strerror(-r));
+ log_error_errno(r, "Failed to remove runtime directory %s: %m", u->runtime_path);
free(u->runtime_path);
u->runtime_path = NULL;
if (!cc)
return -ENOMEM;
- p = strappenda("/var/lib/systemd/linger/", cc);
+ p = strjoina("/var/lib/systemd/linger/", cc);
return access(p, F_OK) >= 0;
}
return manager_kill_unit(u->manager, u->slice, KILL_ALL, signo, NULL);
}
+void user_elect_display(User *u) {
+ Session *graphical = NULL, *text = NULL, *other = NULL, *s;
+
+ assert(u);
+
+ /* This elects a primary session for each user, which we call
+ * the "display". We try to keep the assignment stable, but we
+ * "upgrade" to better choices. */
+
+ LIST_FOREACH(sessions_by_user, s, u->sessions) {
+
+ if (s->class != SESSION_USER)
+ continue;
+
+ if (s->stopping)
+ continue;
+
+ if (SESSION_TYPE_IS_GRAPHICAL(s->type))
+ graphical = s;
+ else if (s->type == SESSION_TTY)
+ text = s;
+ else
+ other = s;
+ }
+
+ if (graphical &&
+ (!u->display ||
+ u->display->class != SESSION_USER ||
+ u->display->stopping ||
+ !SESSION_TYPE_IS_GRAPHICAL(u->display->type))) {
+ u->display = graphical;
+ return;
+ }
+
+ if (text &&
+ (!u->display ||
+ u->display->class != SESSION_USER ||
+ u->display->stopping ||
+ u->display->type != SESSION_TTY)) {
+ u->display = text;
+ return;
+ }
+
+ if (other &&
+ (!u->display ||
+ u->display->class != SESSION_USER ||
+ u->display->stopping))
+ u->display = other;
+}
+
static const char* const user_state_table[_USER_STATE_MAX] = {
[USER_OFFLINE] = "offline",
[USER_OPENING] = "opening",
~ianmdlvl / elogind.git / blobdiff