| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
callout invocation
This adds a callout directory called seat.d/ that follows the basic
session.d/ semantics but works on seats instead of sessions.
As replacement for the old session.d/ 'session_active_changed'
semantics seat.d/ knows 'seat_active_session_changed'. Which combines
the two callouts necessary for session_active_changed into one. This has
various advantages: it's not as racy, allows the suppressing of ACL
permission changes when switching between sessions of the same user,
reduces the amount of disk IO and finally is less ugly.
This patch also moves all callout invocations into the CkManager. This
has the advantage that we can guarantee to have fully dumped the CK
database before the callout.
In summary, the session.d/ directory will now get two types of callout
invocations:
session_added
session_removed
In contrast, seat.d/ gets three types:
seat_added
seat_removed
seat_active_session_changed
The 'seat_active_session_changed' callout type gets two sets of
environment variables describing the old resp. the new session that is
active. Either set can be left out if no session was active before, or
no session will be active after the switch. This is similar to the logic
behind D-Bus' NameOwnerChanged.
This patch duplicates CkSeat's 'session-removed' signal into
'session-removed-full' (and friends). Reason for that is that the signal
forwarded via D-Bus needs the session id as string while the callout
code needs the session itself as object. Since at the time of invocation
the CkSeat is no longer in the seats hashtable it is hence necessary to
pass the object in as argument to the signal handlers, which makes this
duplification necessary to not confuse dbus-glib. For a similar reason
'active-session-changed' is duplicated as well.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The 'session_active_changed' callout is an invitaton to racy misuses
since it splits up the session switches into two events. This patch gets
rid of it.
At this point there are two known users of the session.d/ callouts:
- Suse/Ubuntu ship a script for emulating pam_atconsole style
/var/run/console management for supporting D-Bus' at_console feature
properly. Both Martin Pitt and Kay Sievers however are happy with
having this feature go away. In addition I prepared a patch for
D-Bus which makes the need for these scripts go away entirely. That
patch is currently awaiting review.
- udev's udev-acl tool currently uses this. However this doesn't work
correctly anyway since it relies on that the CK database is correctly
dumped before the tool is invoked, which CK does not handle properly
at this time. In fact fixing this problem is the main reason why I
came up with this patch series. Kay is also very interested in
seeing the 'session_active_changed' logic go away.
A later commit introduces a replacement functionality that is less racy.
Please note that this patch does not drop session.d/ in its entirety.
Only the 'session_active_changed' type callout is removed. Scripts that
only rely on 'session_added'/'session_removed' will continue to work
fine, and will continue to be supported.
|
|
|
|
|
|
|
| |
We simply change the order how the signal handlers for D-Bus and the
database dumping are registered. According to the gobject docs it is
guaranteed that the signal handlers are run in the same order as they
are registered, so this should be safe and have the desired effect.
|
|
|
|
|
| |
Hit an assert if folks add env vars but don't increase the env var array
size.
|
| |
|
|
|
|
|
|
|
|
| |
The CK database shall be readable by the D-Bus daemon which runs under
its own user id hence make sure it is readable for non-root processes.
To make sure this leaks no information this drops the session cookie
from the database.
|
| |
|
|
|
|
| |
It's a method of CkSession hence it belongs in ck-session.h
|
| |
|
|
|
|
|
| |
It was trying to write the log message way too early,
before the root filesystem was mounted.
|
| |
|
|
|
|
|
|
|
|
|
| |
The docs were failing to build when srcdir != builddir
because ConsoleKit.xml was ending up in builddir and
all its entities are in srcdir.
This commit makes ConsoleKit.xml load the entities from
srcdir, which fixes make distcheck.
|
|
|
|
|
| |
git-log (with a hyphen) is an obsolete way to call
git log.
|
|
|
|
|
|
| |
This change is necessarily following commit:
e0d9cc359b3099307067107b59ec691418e280b8
|
| |
|
|
|
|
|
|
|
|
|
| |
In some cases a controlling tty won't be able available to
peek at to find the VT of the X display. In those cases,
we fall back to looking at the XFree86_VT property.
We can do this because we know the display is a local display
since we've already gotten peer credentials from its socket.
|
|
|
|
|
|
|
| |
Solaris now builds with flags to give getpwnam_r
more standard semantics.
bug 22361
|
|
|
|
|
|
|
|
|
|
| |
The manager interface GetSessions function was
disallowed by the dbus security policy, despite only
exporting information that's available in other ways.
This commit opens it up.
See http://bugs.freedesktop.org/show_bug.cgi?id=20471
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=21310
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=20232
|
| |
|
|
|
|
| |
Error if no backend for target host
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch is a little different with Brian's. Let's me explain the whole patch
one by one.
1. pam-ck-connector/Makefile.am (same with Brian's)
Solaris does not have libpam_misc, so only build test_pam under linux
2. +#include <limits.h>
This is to get macro PATH_MAX from system. I think it is better than
+#ifndef PATH_MAX
+#define PATH_MAX 4096
+#endif
On ubuntu, PATH_MAX=4096, on Solaris, PATH_MAX=1024
3. +#include <security/pam_appl.h>
This is to include declaration of pam_handle_t, to resolve error like:
"/usr/include/security/pam_modules.h", line 38: syntax error before or at: *
"/usr/include/security/pam_modules.h", line 45: syntax error before or at: *
4.-#include <security/_pam_macros.h>
Solaris does not have this file, I remove it, no more error, seems no use
here.
5. +#ifndef PAM_EXTERN ... part
Solaris PAM_EXTERN marco in pam_modules.h, while Ubuntu has, I just copy the
logic from Ubuntu.
6. getpwnam_r part (same with Brian's)
getpwnam_r() have difference behavior between Solaris and Ubuntu.
https://bugs.freedesktop.org/show_bug.cgi?id=18173
|
|
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=18149
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I changed the code to also loop through watch->notifies when
removing the watch due to inotify, and NULL each notify->watch
reference, the code then checks this before trying to delete
the watch itself if asked to remove the notify.
In order to prevent other race conditions in this area I also
made the inotify code not pass a watch to emit_events_in_idle,
as the watch may get freed in the meantime. It instead passes
the wd and the emit loop looks up the watch, discarding the
event if the watch has been removed.
I did however leave in the code that checks for a removed watch
before doing anything with inotify, as I hoped that this would
just optimise this case.
|
|
|
|
|
|
|
|
|
|
| |
Chris Jones observed that console-kit-daemon had open a large number of
redundant file descriptors, pointing to /etc/ConsoleKit/run-session.d and
/usr/lib/ConsoleKit/run-session.d. It turns out that ck_run_programs() doesn't
close the directory handles after iterating, resulting in a fd leak and a small
memory leak.
The attached patch corrects this.
|
|
|
|
|
|
|
|
|
| |
Ignores PAM sessions where PAM_TTY is an X11 display. This allows adding
pam_ck_connector to PAM's "common-session" without interfering
with the already existing ConsoleKit operations in gdm, the
Xsession script, etc.
https://bugs.freedesktop.org/show_bug.cgi?id=16746
|
|
|
|
|
| |
These can be used to add system start/stop/restart logging
but hooking into Upstart event mechanism.
|
| |
|
| |
|
|
|
|
| |
Fixes #17866
|
|
|
|
| |
Fixes #17741
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
At one point we had to strip out the docs because dbus-glib didn't support
unknown tags. Apparently this is now fixed. Also install the xml to
/usr/share/dbus-1/interfaces.
|
| |
|
| |
|