[systemd-devel] SystemD, Gnome permission problems

[Zbigniew Jędrzejewski-Szmek]

On Sun, Apr 12, 2015 at 03:41:31PM +0200, Lennart Poettering wrote:
> On Sat, 11.04.15 16:21, Zbigniew Jędrzejewski-Szmek (zbyszek at in.waw.pl) wrote:
> 
> > On Sat, Apr 11, 2015 at 02:26:57PM +0200, Kai Krakow wrote:
> > > dean <deanshannon3 at gmail.com> schrieb:
> > > 
> > > > Ok thanks for your prompt reply. It is my understanding the the
> > > > house-keeping-plugin "cleans" /tmp so does it need access?
> > That sounds wrong. First, systemd is already cleaning /tmp, so nothing
> > good is going to come out of cleaning it twice. Second, doing cleanup
> > as unprivileged user does not really work. If the user is not running,
> > the cleanup is not going to happen, so on a multi-user system, when the
> > user logs out, files would stay around infinetely. So cleanup from
> > the graphical session is ineffective. More importantly, an unprivileged
> > user cannot access files without bumping their access time stamp. So
> > trying to do the cleanup as an unprivileged user actually interferes
> > with systemd-tmpfiles (see df99a9ef5bb7a89b92 and 
> > https://bugzilla.redhat.com/show_bug.cgi?id=1183684).
> 
> Yes, I figully agree... GNOME shouldn't bother with this, it's
> actively harmful to do this.
> 
> I file a bug now:
> 
> https://bugzilla.gnome.org/show_bug.cgi?id=747737
Thanks.

I'm wondering if we should provide better per-user tmpfiles support.
For example, if we allowed a set of "user" tmpfiles, which would
be executed by the system instance, but would be considered relative to
the home directory and XDG_RUNTIME_DIR (~ or %h to refer to the home directory,
%t to XDG_RUNTIME_DIR, ...). We would execute that for every user.

gnome could possibly replace its custom thumbnails cleaner with a few
lines of tmpfiles config. There would be two advantages: creation time
cleanup could be replaced with access time cleanup, cleanup wouldn't
be dependent on the session running.

Zbyszek