solaris /dev/console patch

[Robert McQueen]

bJohn (J5) Palmieri wrote:
> Actually I wouldn't mind moving to the active TTY semantics.  

I'm CCing Matthew Garrett on this thread, he wrote the patch and the
pam_foreground stuff for Ubuntu, so can hopefully comment better about
how we can get this stuff unified, and obviously the Ubuntu D-Bus
maintainer is keen to reduce their delta from upstream. The patch adds a
SUID helper program which is used to make the ioctl to find the current
foreround console, and then checks for the existence of per-user
per-console lockfiles created by their PAM module.

Similar to Havoc's suggestions for implementing system-specific policies
for looking up the location of existing buses, a simple idea could be
just to say that the at console policy is always implemented by a helper
program. Then we could avoid too many conditional compilations within
the code itself, and just have our configure script choose which one to
compile and install based on which system we're on. How does this sound?

As a side point, Matthew mentioned that the active TTY semantic is
slightly broken because the bus daemon only makes the check once per
connection, so the semantics it provides now are pretty much the same as
"logged in locally", because you're usually the foreground user when one
of your processes (eg gnome-power-manager) connects to the system bus.
To make active TTY semantics work properly, we'd need to change the
enforcement of this policy to make a check every message.

Artem, how does this stuff work on Solaris - does the ownership of
/dev/console get changed when you switch terminals, so it's always owned
by the currently active VT?

> The biggest problem with the XML parser is the validation which is one
> big fragile logic statement.  Every time an option is added one must go
> into that statement and figure out where to add the || FOO_OPTION's or
> && FOO_OPTION's and where one must completely restructure the logic.  At
> least that is what I remember when writing the at_console patch.  Using
> a DTD and validating parser would have been better but I don't even
> think we actually work with libxml anymore and on Red Hat/Fedora at we
> have move moved d-bus into /bin and /lib which would mean libxml would
> have to be moved to /lib (expat is right now) in order to switch.

Hm, I think that's what Matthew found and hence why he decided not to
add yet another option to the combinatorial explosion. I don't think
it's a real problem if at_console is stricter (current VT versus any
locally logged in user) on some systems than others - it doesn't seem to
have caused problems for Ubuntu who use it for controlling who can send
power management events.

Regards,
Rob