logind-session.c revision 8c8c43515cee56dfc2298998a9e5958308c46f99
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering This file is part of systemd.
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering Copyright 2011 Lennart Poettering
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering systemd is free software; you can redistribute it and/or modify it
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering under the terms of the GNU Lesser General Public License as published by
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering the Free Software Foundation; either version 2.1 of the License, or
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering (at your option) any later version.
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering systemd is distributed in the hope that it will be useful, but
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering WITHOUT ANY WARRANTY; without even the implied warranty of
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering Lesser General Public License for more details.
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering You should have received a copy of the GNU Lesser General Public License
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering along with systemd; If not, see <http://www.gnu.org/licenses/>.
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering#define IDLE_THRESHOLD_USEC (5*USEC_PER_MINUTE)
5892a914d173e4b968d2a14fbf717373dee3999aDaniel MackSession* session_new(Manager *m, User *u, const char *id) {
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering s->state_file = strappend("/run/systemd/sessions/", id);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering s->id = path_get_file_name(s->state_file);
3f9da416457c4265b8f1179516a32ad1a987ff7dLennart Poettering if (hashmap_put(m->sessions, s->id, s) < 0) {
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering LIST_PREPEND(Session, sessions_by_user, u->sessions, s);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering LIST_REMOVE(Session, gc_queue, s->manager->session_gc_queue, s);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering LIST_REMOVE(Session, sessions_by_user, s->user->sessions, s);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering LIST_REMOVE(Session, sessions_by_seat, s->seat->sessions, s);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering hashmap_remove(s->manager->session_cgroups, s->cgroup_path);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering hashmap_remove(s->manager->sessions, s->id);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering r = fopen_temporary(s->state_file, &f, &temp_path);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering "# This is private data. Do not parse.\n"
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering "KILL_PROCESSES=%i\n",
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering "CGROUP=%s\n",
5892a914d173e4b968d2a14fbf717373dee3999aDaniel Mack "DISPLAY=%s\n",
5892a914d173e4b968d2a14fbf717373dee3999aDaniel Mack "REMOTE_HOST=%s\n",
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering "REMOTE_USER=%s\n",
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering "SERVICE=%s\n",
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering if (s->seat && seat_can_multi_session(s->seat))
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering "LEADER=%lu\n",
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering (unsigned long) s->leader);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering "AUDIT=%llu\n",
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering (unsigned long long) s->audit_id);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering if (ferror(f) || rename(temp_path, s->state_file) < 0) {
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering log_error("Failed to save session data for %s: %s", s->id, strerror(-r));
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering r = parse_env_file(s->state_file, NEWLINE,
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering o = hashmap_get(s->manager->seats, seat);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering if (vtnr && s->seat && seat_can_multi_session(s->seat)) {
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering if (k >= 0 && v >= 1)
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering audit_session_from_pid(s->leader, &s->audit_id);
8f077bf94e129fa1b6f0159e3140c4326f1066cfZbigniew Jędrzejewski-Szmek t = session_type_from_string(type);
8f077bf94e129fa1b6f0159e3140c4326f1066cfZbigniew Jędrzejewski-Szmek c = session_class_from_string(class);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering /* If we open an unopened pipe for reading we will not
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering get an EOF. to trigger an EOF we hence open it for
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering reading, but close it right-away which then will
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering trigger the EOF. */
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poetteringstatic int session_link_x11_socket(Session *s) {
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering char *t, *f, *c;
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering if (!s->display || !display_is_local(s->display))
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering f = new(char, sizeof("/tmp/.X11-unix/X") + k);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering log_warning("Session %s has display %s with non-existing socket %s.", s->id, s->display, f);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering /* Note that this cannot be in a subdir to avoid
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering * vulnerabilities since we are privileged but the runtime
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering * path is owned by the user */
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering t = strappend(s->user->runtime_path, "/X11-display");
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering if (link(f, t) < 0) {
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering if (link(f, t) >= 0)
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering if (symlink(f, t) < 0) {
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering if (symlink(f, t) >= 0)
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering log_error("Failed to link %s to %s: %m", f, t);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poetteringstatic int session_create_one_group(Session *s, const char *controller, const char *path) {
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering r = cg_create_and_attach(controller, path, s->leader);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering r = cg_set_task_access(controller, path, 0644, s->user->uid, s->user->gid, -1);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering r = cg_set_group_access(controller, path, 0755, s->user->uid, s->user->gid);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poetteringstatic int session_create_cgroup(Session *s) {
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering if (asprintf(&p, "%s/%s", s->user->cgroup_path, s->id) < 0) {
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering r = session_create_one_group(s, SYSTEMD_CGROUP_CONTROLLER, p);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering log_error("Failed to create "SYSTEMD_CGROUP_CONTROLLER":%s: %s", p, strerror(-r));
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering log_warning("Failed to create %s:%s: %s", *k, p, strerror(-r));
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering STRV_FOREACH(k, s->manager->controllers) {
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering if (strv_contains(s->reset_controllers, *k) ||
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering strv_contains(s->manager->reset_controllers, *k) ||
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering log_warning("Failed to create %s:%s: %s", *k, p, strerror(-r));
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering log_warning("Failed to reset controller %s: %s", *k, strerror(-r));
31938a8560a664c32a9d72f1fc2d4347b232e6e9Michal Schmidt STRV_FOREACH(k, s->manager->reset_controllers) {
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering if (strv_contains(s->reset_controllers, *k) ||
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering log_warning("Failed to reset controller %s: %s", *k, strerror(-r));
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering hashmap_put(s->manager->session_cgroups, s->cgroup_path, s);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering log_full(s->type == SESSION_TTY || s->type == SESSION_X11 ? LOG_INFO : LOG_DEBUG,
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering "New session %s of user %s.", s->id, s->user->name);
5892a914d173e4b968d2a14fbf717373dee3999aDaniel Mack /* Create cgroup */
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering /* Create X11 symlink */
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering /* Save session data */
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering seat_send_changed(s->seat, "Sessions\0ActiveSession\0");
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering seat_send_changed(s->seat, "Sessions\0");
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering user_send_changed(s->user, "Sessions\0");
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poetteringstatic bool session_shall_kill(Session *s) {
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering if (strv_contains(s->manager->kill_exclude_users, s->user->name))
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering if (strv_isempty(s->manager->kill_only_users))
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering return strv_contains(s->manager->kill_only_users, s->user->name);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poetteringstatic int session_terminate_cgroup(Session *s) {
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering cg_trim(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, false);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering r = cg_kill_recursive_and_wait(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, true);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering log_error("Failed to kill session cgroup: %s", strerror(-r));
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering /* We still send a HUP to the leader process,
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering * even if we are not supposed to kill the
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering * whole cgroup. But let's first check the
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering * leader still exists and belongs to our
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering * session... */
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering r = manager_get_session_by_pid(s->manager, s->leader, &t);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering if (r > 0 && t == s) {
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering kill(s->leader, SIGTERM); /* for normal processes */
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering kill(s->leader, SIGHUP); /* for shells */
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering kill(s->leader, SIGCONT); /* in case they are stopped */
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, true);
5892a914d173e4b968d2a14fbf717373dee3999aDaniel Mack log_error("Failed to check session cgroup: %s", strerror(-r));
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering else if (r > 0) {
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering r = cg_delete(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering log_error("Failed to delete session cgroup: %s", strerror(-r));
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering STRV_FOREACH(k, s->user->manager->controllers)
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering hashmap_remove(s->manager->session_cgroups, s->cgroup_path);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poetteringstatic int session_unlink_x11_socket(Session *s) {
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering t = strappend(s->user->runtime_path, "/X11-display");
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering return r < 0 ? -errno : 0;
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering log_full(s->type == SESSION_TTY || s->type == SESSION_X11 ? LOG_INFO : LOG_DEBUG,
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering /* Kill cgroup */
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering /* Remove X11 symlink */
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering seat_send_changed(s->seat, "Sessions\0");
79008bddf679a5e0900369950eb346c9fa687107Lennart Poettering user_send_changed(s->user, "Sessions\0");
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poetteringint session_get_idle_hint(Session *s, dual_timestamp *t) {
dcc2fc01fa850e9ee36c549dc2691e7e5c71bebfLennart Poettering if (!startswith(p ? p : s->tty, "/dev/")) {
bd5f920f1288c0d4d488629fadf067f709227030Lennart Poettering dual_timestamp_from_realtime(t, u + b ? IDLE_THRESHOLD_USEC : 0);
bd5f920f1288c0d4d488629fadf067f709227030Lennart Poetteringvoid session_set_idle_hint(Session *s, bool b) {
bd5f920f1288c0d4d488629fadf067f709227030Lennart Poettering dual_timestamp_get(&s->idle_hint_timestamp);
bd5f920f1288c0d4d488629fadf067f709227030Lennart Poettering "IdleSinceHint\0"
bd5f920f1288c0d4d488629fadf067f709227030Lennart Poettering "IdleSinceHintMonotonic\0");
bd5f920f1288c0d4d488629fadf067f709227030Lennart Poettering "IdleSinceHint\0"
79008bddf679a5e0900369950eb346c9fa687107Lennart Poettering "IdleSinceHintMonotonic\0");
bd5f920f1288c0d4d488629fadf067f709227030Lennart Poettering "IdleSinceHint\0"
bd5f920f1288c0d4d488629fadf067f709227030Lennart Poettering "IdleSinceHintMonotonic\0");
a9c8343e83ec09f80a76930573b2592f97ae4283Daniel Mack "IdleHint\0"
dcc2fc01fa850e9ee36c549dc2691e7e5c71bebfLennart Poettering "IdleSinceHint\0"
79008bddf679a5e0900369950eb346c9fa687107Lennart Poettering "IdleSinceHintMonotonic\0");
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering /* Create FIFO */
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering r = mkdir_safe_label("/run/systemd/sessions", 0755, 0, 0);
79008bddf679a5e0900369950eb346c9fa687107Lennart Poettering if (asprintf(&s->fifo_path, "/run/systemd/sessions/%s.ref", s->id) < 0)
79008bddf679a5e0900369950eb346c9fa687107Lennart Poettering if (mkfifo(s->fifo_path, 0600) < 0 && errno != EEXIST)
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering /* Open reading side */
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering s->fifo_fd = open(s->fifo_path, O_RDONLY|O_CLOEXEC|O_NDELAY);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering r = hashmap_put(s->manager->session_fds, INT_TO_PTR(s->fifo_fd + 1), s);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering ev.data.u32 = FD_OTHER_BASE + s->fifo_fd;
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering if (epoll_ctl(s->manager->epoll_fd, EPOLL_CTL_ADD, s->fifo_fd, &ev) < 0)
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering /* Open writing side */
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering r = open(s->fifo_path, O_WRONLY|O_CLOEXEC|O_NDELAY);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering assert_se(hashmap_remove(s->manager->session_fds, INT_TO_PTR(s->fifo_fd + 1)) == s);
79008bddf679a5e0900369950eb346c9fa687107Lennart Poettering assert_se(epoll_ctl(s->manager->epoll_fd, EPOLL_CTL_DEL, s->fifo_fd, NULL) == 0);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poetteringint session_check_gc(Session *s, bool drop_not_started) {
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poettering r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, false);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poetteringvoid session_add_to_gc_queue(Session *s) {
79008bddf679a5e0900369950eb346c9fa687107Lennart Poettering LIST_PREPEND(Session, gc_queue, s->manager->session_gc_queue, s);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poetteringint session_kill(Session *s, KillWho who, int signo) {
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering if (s->leader <= 0 && who == KILL_LEADER)
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering pid_set = set_new(trivial_hash_func, trivial_compare_func);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering q = set_put(pid_set, LONG_TO_PTR(s->leader));
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, s->cgroup_path, signo, false, true, false, pid_set);
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poettering if (q != -EAGAIN && q != -ESRCH && q != -ENOENT)
e821075a23fdfa3ca7738fc30bb2d4c430fe10c0Lennart Poetteringstatic const char* const session_type_table[_SESSION_TYPE_MAX] = {
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart PoetteringDEFINE_STRING_TABLE_LOOKUP(session_type, SessionType);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poetteringstatic const char* const session_class_table[_SESSION_CLASS_MAX] = {
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart PoetteringDEFINE_STRING_TABLE_LOOKUP(session_class, SessionClass);
a4152e3fe28b53b8919cc404dd7eca7ead1bf9bdLennart Poetteringstatic const char* const kill_who_table[_KILL_WHO_MAX] = {