[systemd-devel] [Patch 0/2] logind: make sure that closed sessions will be cleaned

Djalal Harouni tixxdz at opendz.org
Sat Jan 11 17:07:32 PST 2014 

On Sat, Jan 11, 2014 at 10:26:13PM +0100, Zbigniew Jędrzejewski-Szmek wrote:
> On Fri, Jan 03, 2014 at 02:19:19PM +0100, Djalal Harouni wrote:
> > On logout pam_systemd should ensures the following:
> > "If the last concurrent session of a user ends, the $XDG_RUNTIME_DIR
> > directory and all its contents are removed, too." from manpage.
> > 
> > Using git HEAD, and a simple systemd-nspawn test will show that the
> > above is not ensured and the sessions will stay!
> I can't reproduce this (with todays git). In the examples below, I
> understand that you're logging in through getty. Can you test with
> current git and/or provide a complete recipe to reproduce this?
Yes through getty, and I guess this issue will also be visible for
ssh/remote sessions, or sessions where TerminateSession() is not called.


Ok, testing both a fedora 20 systemd and git!

Using the "Testing in a Container" from:
www.freedesktop.org/wiki/Software/systemd/VirtualizedTesting/

On a fedora 19 system, I installed a Fedora 20:
"yum --releasever=20 --installroot=$HOME/fedora-tree-20 ..."

$ cat /home/tixxdz/fedora-tree-20/etc/redhat-release 
Fedora release 20 (Heisenbug)

I set the root password, disable pam_loginuid.so and boot as shown in
the "Testing in a Container" doc

1) login as root
2) logout
3) login as root (again)
-bash-4.2# loginctl 
   SESSION        UID USER             SEAT            
         1          0 root             seat0           
        c1          0 root             seat0           

2 sessions listed.

As you can see the closed sessions are not cleaned. So I confirm the
bug from testing a Fedora 20 container.



Now from git 8042e377b8bb8f:!

I just do:
$ ./autogen.sh && ./configure --disable-kdbus --libdir=/usr/lib64
$ make -j8
# DESTDIR=/home/tixxdz/fedora-tree make install
# systemd-nspawn -bD /home/tixxdz/fedora-tree/ 3

Please note that: /usr/lib64 is needed since it will not be set
automatically. It will be set by distributions and packagers of systemd

So I make sure that pam_systemd modules are in /usr/lib64/security
instead of /usr/lib/security, since only the ones that are in
/usr/lib64/security are loaded.

Hmm a guess, perhaps the old pam_systemd that got installed by the
systemd rpm package is being loaded instead of the new compiled one!

*Coupled* with graphical display managers who perhaps kill this bug by
forcing a TerminateSession() vs getty logins!

So using today git 8042e377b8 I also confirm the same bug.


Please Zbyszek let me know if the pervious "Testing in a Container"
using a Fedora 20 (a new systemd version), shows something for you?

or perhaps check the timestamp of your *assumed right*
/usr/lib64/security/pam_systemd.so after "make install" ?


Thanks Zbyszek!

-- 
Djalal Harouni
http://opendz.org

More information about the systemd-devel mailing list