system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-10-07 00:30:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #30610 from YHNdnzj/logind-serialize-pidref

Browse source 
logind: serialize session leader pidfd to fdstore
This commit is contained in:
Yu Watanabe 2024-01-04 23:25:18 +09:00 committed by GitHub
parent 18c4c5d84f 5446a52b39
commit 7903567cb7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 292 additions and 194 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/basic/process-util.c
View file

@ -1188,8 +1188,10 @@ int pidref_is_alive(const PidRef *pidref) {
return -ESRCH;
result = pid_is_alive(pidref->pid);
if (result < 0)
if (result < 0) {
assert(result != -ESRCH);
return result;
}
r = pidref_verify(pidref);
if (r == -ESRCH)

5
src/login/logind-session-dbus.c
View file

@ -807,7 +807,6 @@ int session_send_create_reply(Session *s, sd_bus_error *error) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *c = NULL;
_cleanup_close_ int fifo_fd = -EBADF;
_cleanup_free_ char *p = NULL;
int r;
assert(s);
@ -828,10 +827,6 @@ int session_send_create_reply(Session *s, sd_bus_error *error) {
if (fifo_fd < 0)
return fifo_fd;
r = session_watch_pidfd(s);
if (r < 0)
return r;
/* Update the session state file before we notify the client about the result. */
session_save(s);

217
src/login/logind-session.c
View file

@ -15,6 +15,7 @@
#include "audit-util.h"
#include "bus-error.h"
#include "bus-util.h"
#include "daemon-util.h"
#include "devnum-util.h"
#include "env-file.h"
#include "escape.h"
@ -87,13 +88,54 @@ int session_new(Session **ret, Manager *m, const char *id) {
return 0;
}
static void session_reset_leader(Session *s) {
static int session_dispatch_leader_pidfd(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
Session *s = ASSERT_PTR(userdata);
assert(s->leader.fd == fd);
session_stop(s, /* force= */ false);
return 1;
}
static int session_watch_pidfd(Session *s) {
int r;
assert(s);
assert(s->manager);
assert(pidref_is_set(&s->leader));
if (s->leader.fd < 0)
return 0;
r = sd_event_add_io(s->manager->event, &s->leader_pidfd_event_source, s->leader.fd, EPOLLIN, session_dispatch_leader_pidfd, s);
if (r < 0)
return r;
r = sd_event_source_set_priority(s->leader_pidfd_event_source, SD_EVENT_PRIORITY_IMPORTANT);
if (r < 0)
return r;
(void) sd_event_source_set_description(s->leader_pidfd_event_source, "session-pidfd");
return 0;
}
static void session_reset_leader(Session *s, bool keep_fdstore) {
assert(s);
if (!keep_fdstore) {
/* Clear fdstore if we're asked to, no matter if s->leader is set or not, so that when
* initially deserializing leader fd we clear the old fd too. */
(void) notify_remove_fd_warnf("session-%s-leader-fd", s->id);
s->leader_fd_saved = false;
}
if (!pidref_is_set(&s->leader))
return;
assert_se(hashmap_remove_value(s->manager->sessions_by_leader, &s->leader, s));
s->leader_pidfd_event_source = sd_event_source_disable_unref(s->leader_pidfd_event_source);
(void) hashmap_remove_value(s->manager->sessions_by_leader, &s->leader, s);
return pidref_done(&s->leader);
}
@ -142,7 +184,7 @@ Session* session_free(Session *s) {
free(s->scope_job);
session_reset_leader(s);
session_reset_leader(s, /* keep_fdstore = */ true);
sd_bus_message_unref(s->create_message);
@ -188,15 +230,27 @@ int session_set_leader_consume(Session *s, PidRef _leader) {
if (pidref_equal(&s->leader, &pidref))
return 0;
session_reset_leader(s);
session_reset_leader(s, /* keep_fdstore = */ false);
s->leader = TAKE_PIDREF(pidref);
r = session_watch_pidfd(s);
if (r < 0)
return log_error_errno(r, "Failed to watch leader pidfd for session '%s': %m", s->id);
r = hashmap_ensure_put(&s->manager->sessions_by_leader, &pidref_hash_ops, &s->leader, s);
if (r < 0)
return r;
assert(r > 0);
if (s->leader.fd >= 0) {
r = notify_push_fdf(s->leader.fd, "session-%s-leader-fd", s->id);
if (r < 0)
log_warning_errno(r, "Failed to push leader pidfd for session '%s', ignoring: %m", s->id);
else
s->leader_fd_saved = true;
}
(void) audit_session_from_pid(s->leader.pid, &s->audit_id);
return 1;
@ -240,16 +294,18 @@ int session_save(Session *s) {
"# This is private data. Do not parse.\n"
"UID="UID_FMT"\n"
"USER=%s\n"
"ACTIVE=%i\n"
"IS_DISPLAY=%i\n"
"ACTIVE=%s\n"
"IS_DISPLAY=%s\n"
"STATE=%s\n"
"REMOTE=%i\n",
"REMOTE=%s\n"
"LEADER_FD_SAVED=%s\n",
s->user->user_record->uid,
s->user->user_record->user_name,
session_is_active(s),
s->user->display == s,
one_zero(session_is_active(s)),
one_zero(s->user->display == s),
session_state_to_string(session_get_state(s)),
s->remote);
one_zero(s->remote),
one_zero(s->leader_fd_saved));
if (s->type >= 0)
fprintf(f, "TYPE=%s\n", session_type_to_string(s->type));
@ -408,7 +464,8 @@ int session_load(Session *s) {
*vtnr = NULL,
*state = NULL,
*position = NULL,
*leader = NULL,
*leader_pid = NULL,
*leader_fd_saved = NULL,
*type = NULL,
*original_type = NULL,
*class = NULL,
@ -425,32 +482,33 @@ int session_load(Session *s) {
assert(s);
r = parse_env_file(NULL, s->state_file,
"REMOTE", &remote,
"SCOPE", &s->scope,
"SCOPE_JOB", &s->scope_job,
"FIFO", &s->fifo_path,
"SEAT", &seat,
"TTY", &s->tty,
"TTY_VALIDITY", &tty_validity,
"DISPLAY", &s->display,
"REMOTE_HOST", &s->remote_host,
"REMOTE_USER", &s->remote_user,
"SERVICE", &s->service,
"DESKTOP", &s->desktop,
"VTNR", &vtnr,
"STATE", &state,
"POSITION", &position,
"LEADER", &leader,
"TYPE", &type,
"ORIGINAL_TYPE", &original_type,
"CLASS", &class,
"UID", &uid,
"REALTIME", &realtime,
"MONOTONIC", &monotonic,
"CONTROLLER", &controller,
"ACTIVE", &active,
"DEVICES", &devices,
"IS_DISPLAY", &is_display);
"REMOTE", &remote,
"SCOPE", &s->scope,
"SCOPE_JOB", &s->scope_job,
"FIFO", &s->fifo_path,
"SEAT", &seat,
"TTY", &s->tty,
"TTY_VALIDITY", &tty_validity,
"DISPLAY", &s->display,
"REMOTE_HOST", &s->remote_host,
"REMOTE_USER", &s->remote_user,
"SERVICE", &s->service,
"DESKTOP", &s->desktop,
"VTNR", &vtnr,
"STATE", &state,
"POSITION", &position,
"LEADER", &leader_pid,
"LEADER_FD_SAVED", &leader_fd_saved,
"TYPE", &type,
"ORIGINAL_TYPE", &original_type,
"CLASS", &class,
"UID", &uid,
"REALTIME", &realtime,
"MONOTONIC", &monotonic,
"CONTROLLER", &controller,
"ACTIVE", &active,
"DEVICES", &devices,
"IS_DISPLAY", &is_display);
if (r < 0)
return log_error_errno(r, "Failed to read %s: %m", s->state_file);
@ -517,19 +575,6 @@ int session_load(Session *s) {
s->tty_validity = v;
}
if (leader) {
_cleanup_(pidref_done) PidRef p = PIDREF_NULL;
r = pidref_set_pidstr(&p, leader);
if (r < 0)
log_debug_errno(r, "Failed to parse leader PID of session: %s", leader);
else {
r = session_set_leader_consume(s, TAKE_PIDREF(p));
if (r < 0)
log_warning_errno(r, "Failed to set session leader PID, ignoring: %m");
}
}
if (type) {
SessionType t;
@ -604,6 +649,33 @@ int session_load(Session *s) {
session_restore_vt(s);
}
if (leader_pid) {
assert(!pidref_is_set(&s->leader));
r = parse_pid(leader_pid, &s->deserialized_pid);
if (r < 0)
return log_error_errno(r, "Failed to parse LEADER=%s: %m", leader_pid);
if (leader_fd_saved) {
r = parse_boolean(leader_fd_saved);
if (r < 0)
return log_error_errno(r, "Failed to parse LEADER_FD_SAVED=%s: %m", leader_fd_saved);
s->leader_fd_saved = r > 0;
if (s->leader_fd_saved)
/* The leader fd will be acquired from fdstore later */
return 0;
}
_cleanup_(pidref_done) PidRef p = PIDREF_NULL;
r = pidref_set_pid(&p, s->deserialized_pid);
if (r >= 0)
r = session_set_leader_consume(s, TAKE_PIDREF(p));
if (r < 0)
log_warning_errno(r, "Failed to set leader PID for session '%s': %m", s->id);
}
return r;
}
@ -917,7 +989,6 @@ int session_finalize(Session *s) {
LOG_MESSAGE("Removed session %s.", s->id));
s->timer_event_source = sd_event_source_unref(s->timer_event_source);
s->leader_pidfd_event_source = sd_event_source_unref(s->leader_pidfd_event_source);
if (s->seat)
seat_evict_position(s->seat, s);
@ -942,7 +1013,7 @@ int session_finalize(Session *s) {
seat_save(s->seat);
}
session_reset_leader(s);
session_reset_leader(s, /* keep_fdstore = */ false);
user_save(s->user);
user_send_changed(s->user, "Display", NULL);
@ -1225,36 +1296,6 @@ static void session_remove_fifo(Session *s) {
}
}
static int session_dispatch_leader_pidfd(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
Session *s = ASSERT_PTR(userdata);
assert(s->leader.fd == fd);
session_stop(s, /* force= */ false);
return 1;
}
int session_watch_pidfd(Session *s) {
int r;
assert(s);
if (s->leader.fd < 0)
return 0;
r = sd_event_add_io(s->manager->event, &s->leader_pidfd_event_source, s->leader.fd, EPOLLIN, session_dispatch_leader_pidfd, s);
if (r < 0)
return r;
r = sd_event_source_set_priority(s->leader_pidfd_event_source, SD_EVENT_PRIORITY_IMPORTANT);
if (r < 0)
return r;
(void) sd_event_source_set_description(s->leader_pidfd_event_source, "session-pidfd");
return 0;
}
bool session_may_gc(Session *s, bool drop_not_started) {
int r;
@ -1267,15 +1308,17 @@ bool session_may_gc(Session *s, bool drop_not_started) {
return true;
r = pidref_is_alive(&s->leader);
if (r == -ESRCH)
/* Session has no leader. This is probably because the leader vanished before deserializing
* pidfd from FD store. */
return true;
if (r < 0)
log_debug_errno(r, "Unable to determine if leader PID " PID_FMT " is still alive, assuming not.", s->leader.pid);
log_debug_errno(r, "Unable to determine if leader PID " PID_FMT " is still alive, assuming not: %m", s->leader.pid);
if (r > 0)
return false;
if (s->fifo_fd >= 0) {
if (pipe_eof(s->fifo_fd) <= 0)
return false;
}
if (s->fifo_fd >= 0 && pipe_eof(s->fifo_fd) <= 0)
return false;
if (s->scope_job) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;

3
src/login/logind-session.h
View file

@ -89,6 +89,8 @@ struct Session {
int vtfd;
PidRef leader;
bool leader_fd_saved; /* pidfd of leader uploaded to fdstore */
pid_t deserialized_pid; /* PID deserialized from state file (for verification when pidfd is used) */
uint32_t audit_id;
int fifo_fd;
@ -144,7 +146,6 @@ void session_set_type(Session *s, SessionType t);
int session_set_display(Session *s, const char *display);
int session_set_tty(Session *s, const char *tty);
int session_create_fifo(Session *s);
int session_watch_pidfd(Session *s);
int session_start(Session *s, sd_bus_message *properties, sd_bus_error *error);
int session_stop(Session *s, bool force);
int session_finalize(Session *s);

235
src/login/logind.c
View file

@ -18,6 +18,7 @@
#include "constants.h"
#include "daemon-util.h"
#include "device-util.h"
#include "devnum-util.h"
#include "dirent-util.h"
#include "escape.h"
#include "fd-util.h"
@ -191,13 +192,10 @@ static int manager_enumerate_devices(Manager *m) {
if (r < 0)
return r;
FOREACH_DEVICE(e, d) {
int k;
r = 0;
k = manager_process_seat_device(m, d);
if (k < 0)
r = k;
}
FOREACH_DEVICE(e, d)
RET_GATHER(r, manager_process_seat_device(m, d));
return r;
}
@ -225,13 +223,10 @@ static int manager_enumerate_buttons(Manager *m) {
if (r < 0)
return r;
FOREACH_DEVICE(e, d) {
int k;
r = 0;
k = manager_process_button_device(m, d);
if (k < 0)
r = k;
}
FOREACH_DEVICE(e, d)
RET_GATHER(r, manager_process_button_device(m, d));
return r;
}
@ -251,12 +246,11 @@ static int manager_enumerate_seats(Manager *m) {
if (errno == ENOENT)
return 0;
return log_error_errno(errno, "Failed to open /run/systemd/seats: %m");
return log_error_errno(errno, "Failed to open /run/systemd/seats/: %m");
}
FOREACH_DIRENT(de, d, return -errno) {
Seat *s;
int k;
if (!dirent_is_file(de))
continue;
@ -269,9 +263,7 @@ static int manager_enumerate_seats(Manager *m) {
continue;
}
k = seat_load(s);
if (k < 0)
r = k;
RET_GATHER(r, seat_load(s));
}
return r;
@ -292,19 +284,21 @@ static int manager_enumerate_linger_users(Manager *m) {
}
FOREACH_DIRENT(de, d, return -errno) {
int k;
_cleanup_free_ char *n = NULL;
int k;
if (!dirent_is_file(de))
continue;
k = cunescape(de->d_name, 0, &n);
if (k < 0) {
r = log_warning_errno(k, "Failed to unescape username '%s', ignoring: %m", de->d_name);
RET_GATHER(r, log_warning_errno(k, "Failed to unescape username '%s', ignoring: %m", de->d_name));
continue;
}
k = manager_add_user_by_name(m, n, NULL);
if (k < 0)
r = log_warning_errno(k, "Couldn't add lingering user %s, ignoring: %m", de->d_name);
RET_GATHER(r, log_warning_errno(k, "Couldn't add lingering user %s, ignoring: %m", de->d_name));
}
return r;
@ -312,7 +306,7 @@ static int manager_enumerate_linger_users(Manager *m) {
static int manager_enumerate_users(Manager *m) {
_cleanup_closedir_ DIR *d = NULL;
int r, k;
int r;
assert(m);
@ -325,148 +319,198 @@ static int manager_enumerate_users(Manager *m) {
if (errno == ENOENT)
return 0;
return log_error_errno(errno, "Failed to open /run/systemd/users: %m");
return log_error_errno(errno, "Failed to open /run/systemd/users/: %m");
}
FOREACH_DIRENT(de, d, return -errno) {
User *u;
uid_t uid;
int k;
if (!dirent_is_file(de))
continue;
k = parse_uid(de->d_name, &uid);
if (k < 0) {
r = log_warning_errno(k, "Failed to parse filename /run/systemd/users/%s as UID.", de->d_name);
RET_GATHER(r, log_warning_errno(k, "Failed to parse filename /run/systemd/users/%s as UID, ignoring: %m", de->d_name));
continue;
}
k = manager_add_user_by_uid(m, uid, &u);
if (k < 0) {
r = log_warning_errno(k, "Failed to add user by file name %s, ignoring: %m", de->d_name);
RET_GATHER(r, log_warning_errno(k, "Failed to add user by filename %s, ignoring: %m", de->d_name));
continue;
}
user_add_to_gc_queue(u);
k = user_load(u);
if (k < 0)
r = k;
RET_GATHER(r, user_load(u));
}
return r;
}
static int parse_fdname(const char *fdname, char **session_id, dev_t *dev) {
static int parse_fdname(const char *fdname, char **ret_session_id, dev_t *ret_devno) {
_cleanup_strv_free_ char **parts = NULL;
_cleanup_free_ char *id = NULL;
unsigned major, minor;
int r;
assert(ret_session_id);
assert(ret_devno);
parts = strv_split(fdname, "-");
if (!parts)
return -ENOMEM;
if (strv_length(parts) != 5)
return -EINVAL;
if (!streq(parts[0], "session"))
if (_unlikely_(!streq(parts[0], "session")))
return -EINVAL;
id = strdup(parts[1]);
if (!id)
return -ENOMEM;
if (!streq(parts[2], "device"))
if (streq(parts[2], "leader")) {
*ret_session_id = TAKE_PTR(id);
*ret_devno = 0;
return 0;
}
if (_unlikely_(!streq(parts[2], "device")))
return -EINVAL;
unsigned major, minor;
r = safe_atou(parts[3], &major);
if (r < 0)
return r;
r = safe_atou(parts[4], &minor);
if (r < 0)
return r;
*dev = makedev(major, minor);
*session_id = TAKE_PTR(id);
*ret_session_id = TAKE_PTR(id);
*ret_devno = makedev(major, minor);
return 0;
}
static int deliver_fd(Manager *m, const char *fdname, int fd) {
_cleanup_free_ char *id = NULL;
static int deliver_session_device_fd(Session *s, const char *fdname, int fd, dev_t devno) {
SessionDevice *sd;
struct stat st;
Session *s;
dev_t dev;
int r;
assert(m);
assert(s);
assert(fdname);
assert(fd >= 0);
r = parse_fdname(fdname, &id, &dev);
if (r < 0)
return log_debug_errno(r, "Failed to parse fd name %s: %m", fdname);
s = hashmap_get(m->sessions, id);
if (!s)
/* If the session doesn't exist anymore, the associated session device attached to this fd
* doesn't either. Let's simply close this fd. */
return log_debug_errno(SYNTHETIC_ERRNO(ENXIO), "Failed to attach fd for unknown session: %s", id);
assert(devno > 0);
if (fstat(fd, &st) < 0)
/* The device is allowed to go away at a random point, in which case fstat() failing is
* expected. */
return log_debug_errno(errno, "Failed to stat device fd for session %s: %m", id);
return log_debug_errno(errno, "Failed to stat device fd '%s' for session '%s': %m",
fdname, s->id);
if (!S_ISCHR(st.st_mode) || st.st_rdev != dev)
return log_debug_errno(SYNTHETIC_ERRNO(ENODEV), "Device fd doesn't point to the expected character device node");
if (!S_ISCHR(st.st_mode) || st.st_rdev != devno)
return log_debug_errno(SYNTHETIC_ERRNO(ENODEV),
"Device fd '%s' doesn't point to the expected character device node.",
fdname);
sd = hashmap_get(s->devices, &dev);
sd = hashmap_get(s->devices, &devno);
if (!sd)
/* Weird, we got an fd for a session device which wasn't recorded in the session state
* file... */
return log_warning_errno(SYNTHETIC_ERRNO(ENODEV), "Got fd for missing session device [%u:%u] in session %s",
major(dev), minor(dev), s->id);
return log_warning_errno(SYNTHETIC_ERRNO(ENODEV),
"Got session device fd '%s' [" DEVNUM_FORMAT_STR "], but not present in session state.",
fdname, DEVNUM_FORMAT_VAL(devno));
log_debug("Attaching fd to session device [%u:%u] for session %s",
major(dev), minor(dev), s->id);
log_debug("Attaching session device fd '%s' [" DEVNUM_FORMAT_STR "] to session '%s'.",
fdname, DEVNUM_FORMAT_VAL(devno), s->id);
session_device_attach_fd(sd, fd, s->was_active);
return 0;
}
static int manager_attach_fds(Manager *m) {
_cleanup_strv_free_ char **fdnames = NULL;
int n;
static int deliver_session_leader_fd_consume(Session *s, const char *fdname, int fd) {
_cleanup_(pidref_done) PidRef leader_fdstore = PIDREF_NULL;
int r;
/* Upon restart, PID1 will send us back all fds of session devices that we previously opened. Each
* file descriptor is associated with a given session. The session ids are passed through FDNAMES. */
assert(s);
assert(fdname);
assert(fd >= 0);
assert(m);
if (!s->leader_fd_saved)
log_warning("Got leader pidfd for session '%s', but not recorded in session state, proceeding anyway.",
s->id);
else
assert(!pidref_is_set(&s->leader));
n = sd_listen_fds_with_names(true, &fdnames);
if (n < 0)
return log_warning_errno(n, "Failed to acquire passed fd list: %m");
if (n == 0)
return 0;
r = pidref_set_pidfd_take(&leader_fdstore, fd);
if (r < 0) {
if (r == -ESRCH)
log_debug_errno(r, "Leader of session '%s' is gone while deserializing.", s->id);
else
log_warning_errno(r, "Failed to create reference to leader of session '%s': %m", s->id);
for (int i = 0; i < n; i++) {
int fd = SD_LISTEN_FDS_START + i;
if (deliver_fd(m, fdnames[i], fd) >= 0)
continue;
/* Hmm, we couldn't deliver the fd to any session device object? If so, let's close the fd
* and remove it from fdstore. */
close_and_notify_warn(fd, fdnames[i]);
close_and_notify_warn(fd, fdname);
return r;
}
assert(pid_is_valid(s->deserialized_pid));
if (leader_fdstore.pid != s->deserialized_pid)
log_warning("Leader from pidfd (" PID_FMT ") doesn't match with LEADER=" PID_FMT " for session '%s', proceeding anyway.",
leader_fdstore.pid, s->deserialized_pid, s->id);
r = session_set_leader_consume(s, TAKE_PIDREF(leader_fdstore));
if (r < 0)
return log_warning_errno(r, "Failed to attach leader pidfd for session '%s': %m", s->id);
return 0;
}
static int manager_attach_session_fd_one_consume(Manager *m, const char *fdname, int fd) {
_cleanup_free_ char *id = NULL;
dev_t devno;
Session *s;
int r;
assert(m);
assert(fdname);
assert(fd >= 0);
r = parse_fdname(fdname, &id, &devno);
if (r < 0) {
log_warning_errno(r, "Failed to parse stored fd name '%s': %m", fdname);
goto fail_close;
}
s = hashmap_get(m->sessions, id);
if (!s) {
/* If the session doesn't exist anymore, let's simply close this fd. */
r = log_debug_errno(SYNTHETIC_ERRNO(ENXIO),
"Cannot attach fd '%s' to unknown session '%s', ignoring.", fdname, id);
goto fail_close;
}
if (devno > 0) {
r = deliver_session_device_fd(s, fdname, fd, devno);
if (r < 0)
goto fail_close;
return 0;
}
/* Takes ownership of fd on both success and failure */
return deliver_session_leader_fd_consume(s, fdname, fd);
fail_close:
close_and_notify_warn(fd, fdname);
return r;
}
static int manager_enumerate_sessions(Manager *m) {
_cleanup_strv_free_ char **fdnames = NULL;
_cleanup_closedir_ DIR *d = NULL;
int r = 0, k;
int r = 0, n;
assert(m);
@ -476,18 +520,19 @@ static int manager_enumerate_sessions(Manager *m) {
if (errno == ENOENT)
return 0;
return log_error_errno(errno, "Failed to open /run/systemd/sessions: %m");
return log_error_errno(errno, "Failed to open /run/systemd/sessions/: %m");
}
FOREACH_DIRENT(de, d, return -errno) {
struct Session *s;
Session *s;
int k;
if (!dirent_is_file(de))
continue;
k = manager_add_session(m, de->d_name, &s);
if (k < 0) {
r = log_warning_errno(k, "Failed to add session by file name %s, ignoring: %m", de->d_name);
RET_GATHER(r, log_warning_errno(k, "Failed to add session by filename %s, ignoring: %m", de->d_name));
continue;
}
@ -495,12 +540,18 @@ static int manager_enumerate_sessions(Manager *m) {
k = session_load(s);
if (k < 0)
r = k;
RET_GATHER(r, log_warning_errno(k, "Failed to deserialize session '%s', ignoring: %m", s->id));
}
/* We might be restarted and PID1 could have sent us back the session device fds we previously
* saved. */
(void) manager_attach_fds(m);
n = sd_listen_fds_with_names(/* unset_environment = */ true, &fdnames);
if (n < 0)
return log_error_errno(n, "Failed to acquire passed fd list: %m");
for (int i = 0; i < n; i++) {
int fd = SD_LISTEN_FDS_START + i;
RET_GATHER(r, manager_attach_session_fd_one_consume(m, fdnames[i], fd));
}
return r;
}
@ -516,25 +567,23 @@ static int manager_enumerate_inhibitors(Manager *m) {
if (errno == ENOENT)
return 0;
return log_error_errno(errno, "Failed to open /run/systemd/inhibit: %m");
return log_error_errno(errno, "Failed to open /run/systemd/inhibit/: %m");
}
FOREACH_DIRENT(de, d, return -errno) {
int k;
Inhibitor *i;
int k;
if (!dirent_is_file(de))
continue;
k = manager_add_inhibitor(m, de->d_name, &i);
if (k < 0) {
r = log_warning_errno(k, "Couldn't add inhibitor %s, ignoring: %m", de->d_name);
RET_GATHER(r, log_warning_errno(k, "Couldn't add inhibitor %s, ignoring: %m", de->d_name));
continue;
}
k = inhibitor_load(i);
if (k < 0)
r = k;
RET_GATHER(r, inhibitor_load(i));
}
return r;

20
test/units/testsuite-35.sh
View file

@ -25,14 +25,22 @@ setup_test_user() {
trap cleanup_test_user EXIT
}
test_enable_debug() {
mkdir -p /run/systemd/system/systemd-logind.service.d
cat >/run/systemd/system/systemd-logind.service.d/debug.conf <<EOF
test_write_dropin() {
systemctl edit --runtime --stdin systemd-logind.service --drop-in=debug.conf <<EOF
[Service]
Environment=SYSTEMD_LOG_LEVEL=debug
EOF
systemctl daemon-reload
systemctl stop systemd-logind.service
# We test "coldplug" (completely stop and start logind) here. So we need to preserve
# the fdstore, which might contain session leader pidfds. This is extremely rare use case
# and shall not be considered fully supported.
# See also: https://github.com/systemd/systemd/pull/30610#discussion_r1440507850
systemctl edit --runtime --stdin systemd-logind.service --drop-in=fdstore-preserve.conf <<EOF
[Service]
FileDescriptorStorePreserve=yes
EOF
systemctl restart systemd-logind.service
}
testcase_properties() {
@ -673,7 +681,7 @@ EOF
}
setup_test_user
test_enable_debug
test_write_dropin
run_testcases
touch /testok

2
units/systemd-logind.service.in
View file

@ -31,7 +31,7 @@ DeviceAllow=char-input rw
DeviceAllow=char-tty rw
DeviceAllow=char-vcs rw
ExecStart={{LIBEXECDIR}}/systemd-logind
FileDescriptorStoreMax=512
FileDescriptorStoreMax=768
IPAddressDeny=any
LockPersonality=yes
MemoryDenyWriteExecute=yes