[systemd-devel] keyrings and dbus

Andrei Borzenkov arvidjaar at gmail.com
Wed Jun 12 16:57:39 UTC 2019


12.06.2019 19:18, Simon McVittie пишет:
> On Wed, 12 Jun 2019 at 18:34:30 +0300, Andrei Borzenkov wrote:
>> Technically this is probably correct - session keyring lifetime is
>> exactly that - session, and systemd-user lifetime is independent of
>> individual (GUI) login session lifetime. But then D-Bus should not be
>> started inside systemd-user "session", because lifetime of D-Bus user
>> instance is supposed to be the same as user login session.
> 
> If you want the lifetime of the D-Bus session bus `dbus-daemon --session`
> to be the same as a single graphical login session, either don't configure
> it with --enable-user-session, or don't install its systemd user units
> (packaged separately as dbus-user-session in Debian and its derivatives).
> 
> The scope of the D-Bus session bus is an OS integrator choice. It can
> either be the same as a single login session, or the same as `systemd
> --user`, but it cannot be both.
> 
> Of course, if its scope is the same as a single login session, then you
> can't use it to communicate with `systemd --user` or use it from user
> services, because they would be outside its scope.
> 
>> Or D-Bus
>> needs explicit support for passing session keyring information when
>> invoking user service that is part of user login session.
> 
> systemd user services are not part of a particular login session. They
> exist outside all login sessions (look at systemd-cgls).
> 
gnome-terminal surely *is* part of particular login session.
Unfortunately it is spawned by gnome-terminal-server which itself is
started as systemd user session inside sytsemd-user ... session?

> If you configure dbus with --enable-user-session, then D-Bus session
> services are not part of a particular login session either.
> 
> It's your choice - but you can't have it both ways. The dbus-daemon
> can't be both inside a login session, and shared between login sessions.
> 

But that means that as long as there are applications that are part of
user session and started by dbus-daemon, dbus-daemon simply cannot be
part of systemd-user, correct?


More information about the systemd-devel mailing list