[systemd-commits] 4 commits - src/login units/systemd-logind.service.in
David Herrmann
dvdhrm at kemper.freedesktop.org
Tue Oct 1 09:06:21 PDT 2013
src/login/logind-seat.c | 4 ++-
src/login/logind-session-device.c | 42 ++++++++++++++++++++++++++++----------
units/systemd-logind.service.in | 2 -
3 files changed, 35 insertions(+), 13 deletions(-)
New commits:
commit 11c2f7a81381127c253cc6fd05da6dad0d842336
Author: David Herrmann <dh.herrmann at gmail.com>
Date: Tue Oct 1 17:59:44 2013 +0200
logind: run with CAP_SYS_ADMIN
DRM Master access requires CAP_SYS_ADMIN, yay! Add it to the capability
bounding set for systemd-logind. As CAP_SYS_ADMIN actually allows a huge
set of actions, this mostly renders the restriction-set useless. Anyway,
patches are already pending to reduce the restriction on the kernel side.
But these won't really make it into any stable-release so for now we're
stuck with CAP_SYS_ADMIN.
diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in
index 6b68717..31b5cd0 100644
--- a/units/systemd-logind.service.in
+++ b/units/systemd-logind.service.in
@@ -18,7 +18,7 @@ ExecStart=@rootlibexecdir@/systemd-logind
Restart=always
RestartSec=0
BusName=org.freedesktop.login1
-CapabilityBoundingSet=CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG
+CapabilityBoundingSet=CAP_SYS_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG
# Increase the default a bit in order to allow many simultaneous
# logins since we keep one fd open per session.
commit dfd552707d43087a1e0079cdae9f5290e14b78e9
Author: David Herrmann <dh.herrmann at gmail.com>
Date: Tue Oct 1 17:58:58 2013 +0200
logind: send PropertyChanged during deactivation
We only send the PropertyChanged signal for the to-be-activated session
but not for the to-be-deactivated one. Fix that so both listeners get
notified about the new state.
diff --git a/src/login/logind-seat.c b/src/login/logind-seat.c
index 4a4d40a..feebcf4 100644
--- a/src/login/logind-seat.c
+++ b/src/login/logind-seat.c
@@ -246,8 +246,10 @@ int seat_set_active(Seat *s, Session *session) {
old_active = s->active;
s->active = session;
- if (old_active)
+ if (old_active) {
session_device_pause_all(old_active);
+ session_send_changed(old_active, "Active\0");
+ }
seat_apply_acls(s, old_active);
commit c2e5d024a380bae6ead301fb4f40787b372ec3e0
Author: David Herrmann <dh.herrmann at gmail.com>
Date: Tue Oct 1 17:53:43 2013 +0200
logind: check whether first drmSetMaster succeeded
The initial drmSetMaster may fail if there is an active master already. We
must not assume that all existing clients comply to logind rules. We check
for this during session-activation already but didn't during device setup.
Fix this by checking the return code.
As drmSetMaster has had horrible return codes in the past (0 for failure?
EINVAL for denied access, ..) we need to be quite pedantic. To guarantee
an open file-descriptor we need to close the device and reopen it without
master if setting master failed first.
diff --git a/src/login/logind-session-device.c b/src/login/logind-session-device.c
index 27afafa..546c537 100644
--- a/src/login/logind-session-device.c
+++ b/src/login/logind-session-device.c
@@ -144,7 +144,7 @@ static int sd_drmdropmaster(int fd) {
}
static int session_device_open(SessionDevice *sd, bool active) {
- int fd;
+ int fd, r;
assert(sd->type != DEVICE_TYPE_UNKNOWN);
@@ -155,9 +155,17 @@ static int session_device_open(SessionDevice *sd, bool active) {
switch (sd->type) {
case DEVICE_TYPE_DRM:
- if (active)
- sd_drmsetmaster(fd);
- else {
+ if (active) {
+ /* Weird legacy DRM semantics might return an error
+ * even though we're master. No way to detect that so
+ * fail at all times and let caller retry in inactive
+ * state. */
+ r = sd_drmsetmaster(fd);
+ if (r < 0) {
+ close(fd);
+ return r;
+ }
+ } else {
/* DRM-Master is granted to the first user who opens a
* device automatically (ughh, racy!). Hence, we just
* drop DRM-Master in case we were the first. */
@@ -384,9 +392,17 @@ int session_device_new(Session *s, dev_t dev, SessionDevice **out) {
* revoke access and thus invalidate the fd. But this is still needed
* to pass a valid fd back. */
sd->active = session_is_active(s);
- sd->fd = session_device_open(sd, sd->active);
- if (sd->fd < 0)
- goto error;
+ r = session_device_open(sd, sd->active);
+ if (r < 0) {
+ /* EINVAL _may_ mean a master is active; retry inactive */
+ if (sd->active && r == -EINVAL) {
+ sd->active = false;
+ r = session_device_open(sd, false);
+ }
+ if (r < 0)
+ goto error;
+ }
+ sd->fd = r;
LIST_PREPEND(SessionDevice, sd_by_device, sd->device->session_devices, sd);
commit 081dfa852fc5cd183a20747f2d8e4ef62d29d181
Author: David Herrmann <dh.herrmann at gmail.com>
Date: Tue Oct 1 17:48:15 2013 +0200
logind: fix session-device dbus notify
Had this fix lying around here for some time. Thanks to missing
type-checking for va-args we passed in the actual major/minor values
instead of pointers to it. Fix it by saving the values on the stack first
and passing in the pointers.
diff --git a/src/login/logind-session-device.c b/src/login/logind-session-device.c
index b45f9eb..27afafa 100644
--- a/src/login/logind-session-device.c
+++ b/src/login/logind-session-device.c
@@ -46,9 +46,13 @@ static void session_device_notify(SessionDevice *sd, enum SessionDeviceNotificat
_cleanup_dbus_message_unref_ DBusMessage *m = NULL;
_cleanup_free_ char *path = NULL;
const char *t = NULL;
+ uint32_t major, minor;
assert(sd);
+ major = major(sd->dev);
+ minor = minor(sd->dev);
+
if (!sd->session->controller)
return;
@@ -68,8 +72,8 @@ static void session_device_notify(SessionDevice *sd, enum SessionDeviceNotificat
switch (type) {
case SESSION_DEVICE_RESUME:
if (!dbus_message_append_args(m,
- DBUS_TYPE_UINT32, major(sd->dev),
- DBUS_TYPE_UINT32, minor(sd->dev),
+ DBUS_TYPE_UINT32, &major,
+ DBUS_TYPE_UINT32, &minor,
DBUS_TYPE_UNIX_FD, &sd->fd,
DBUS_TYPE_INVALID))
return;
@@ -88,8 +92,8 @@ static void session_device_notify(SessionDevice *sd, enum SessionDeviceNotificat
}
if (t && !dbus_message_append_args(m,
- DBUS_TYPE_UINT32, major(sd->dev),
- DBUS_TYPE_UINT32, minor(sd->dev),
+ DBUS_TYPE_UINT32, &major,
+ DBUS_TYPE_UINT32, &minor,
DBUS_TYPE_STRING, &t,
DBUS_TYPE_INVALID))
return;
More information about the systemd-commits
mailing list