picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

logind: optionally watch utmp for login data 

This allows us to determine the TTY an ssh session is for, which is
useful to to proper idle detection for ssh sessions.

Fixes: #9622
This commit is contained in:
Lennart Poettering 2018-08-07 13:49:34 +02:00
parent 238794b150
commit 3d0ef5c7e0
6 changed files with 203 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

143
src/login/logind-core.c
View File

@ -5,6 +5,9 @@
#include <sys/ioctl.h>
#include <sys/types.h>
#include <linux/vt.h>
#if ENABLE_UTMP
#include <utmpx.h>
#endif
#include "sd-device.h"
@ -17,6 +20,7 @@
#include "fd-util.h"
#include "logind.h"
#include "parse-util.h"
#include "path-util.h"
#include "process-util.h"
#include "strv.h"
#include "terminal-util.h"
@ -684,3 +688,142 @@ bool manager_all_buttons_ignored(Manager *m) {
return true;
}
int manager_read_utmp(Manager *m) {
#if ENABLE_UTMP
int r;
assert(m);
if (utmpxname(_PATH_UTMPX) < 0)
return log_error_errno(errno, "Failed to set utmp path to " _PATH_UTMPX ": %m");
setutxent();
for (;;) {
_cleanup_free_ char *t = NULL;
struct utmpx *u;
const char *c;
Session *s;
errno = 0;
u = getutxent();
if (!u) {
if (errno != 0)
log_warning_errno(errno, "Failed to read " _PATH_UTMPX ", ignoring: %m");
r = 0;
break;
}
if (u->ut_type != USER_PROCESS)
continue;
if (!pid_is_valid(u->ut_pid))
continue;
t = strndup(u->ut_line, sizeof(u->ut_line));
if (!t) {
r = log_oom();
break;
}
c = path_startswith(t, "/dev/");
if (c) {
r = free_and_strdup(&t, c);
if (r < 0) {
log_oom();
break;
}
}
if (isempty(t))
continue;
s = hashmap_get(m->sessions_by_leader, PID_TO_PTR(u->ut_pid));
if (!s)
continue;
if (s->tty_validity == TTY_FROM_UTMP && !streq_ptr(s->tty, t)) {
/* This may happen on multiplexed SSH connection (i.e. 'SSH connection sharing'). In
* this case PAM and utmp sessions don't match. In such a case let's invalidate the TTY
* information and never acquire it again. */
s->tty = mfree(s->tty);
s->tty_validity = TTY_UTMP_INCONSISTENT;
log_debug("Session '%s' has inconsistent TTY information, dropping TTY information.", s->id);
continue;
}
/* Never override what we figured out once */
if (s->tty || s->tty_validity >= 0)
continue;
s->tty = TAKE_PTR(t);
s->tty_validity = TTY_FROM_UTMP;
log_debug("Acquired TTY information '%s' from utmp for session '%s'.", s->tty, s->id);
}
endutxent();
return r;
#else
return 0
#endif
}
#if ENABLE_UTMP
static int manager_dispatch_utmp(sd_event_source *s, const struct inotify_event *event, void *userdata) {
Manager *m = userdata;
assert(m);
/* If there's indication the file itself might have been removed or became otherwise unavailable, then let's
* reestablish the watch on whatever there's now. */
if ((event->mask & (IN_ATTRIB|IN_DELETE_SELF|IN_MOVE_SELF|IN_Q_OVERFLOW|IN_UNMOUNT)) != 0)
manager_connect_utmp(m);
(void) manager_read_utmp(m);
return 0;
}
#endif
void manager_connect_utmp(Manager *m) {
#if ENABLE_UTMP
sd_event_source *s = NULL;
int r;
assert(m);
/* Watch utmp for changes via inotify. We do this to deal with tools such as ssh, which will register the PAM
* session early, and acquire a TTY only much later for the connection. Thus during PAM the TTY won't be known
* yet. ssh will register itself with utmp when it finally acquired the TTY. Hence, let's make use of this, and
* watch utmp for the TTY asynchronously. We use the PAM session's leader PID as key, to find the right entry.
*
* Yes, relying on utmp is pretty ugly, but it's good enough for informational purposes, as well as idle
* detection (which, for tty sessions, relies on the TTY used) */
r = sd_event_add_inotify(m->event, &s, _PATH_UTMPX, IN_MODIFY|IN_MOVE_SELF|IN_DELETE_SELF|IN_ATTRIB, manager_dispatch_utmp, m);
if (r < 0)
log_full_errno(r == -ENOENT ? LOG_DEBUG: LOG_WARNING, r, "Failed to create inotify watch on " _PATH_UTMPX ", ignoring: %m");
else {
r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
if (r < 0)
log_warning_errno(r, "Failed to adjust utmp event source priority, ignoring: %m");
(void) sd_event_source_set_description(s, "utmp");
}
sd_event_source_unref(m->utmp_event_source);
m->utmp_event_source = s;
#endif
}
void manager_reconnect_utmp(Manager *m) {
#if ENABLE_UTMP
assert(m);
if (m->utmp_event_source)
return;
manager_connect_utmp(m);
#endif
}

5
src/login/logind-dbus.c
View File

@ -773,6 +773,9 @@ static int method_create_session(sd_bus_message *message, void *userdata, sd_bus
} while (hashmap_get(m->sessions, id));
}
/* If we are not watching utmp aleady, try again */
manager_reconnect_utmp(m);
r = manager_add_user_by_uid(m, uid, &user);
if (r < 0)
goto fail;
@ -795,6 +798,8 @@ static int method_create_session(sd_bus_message *message, void *userdata, sd_bus
r = -ENOMEM;
goto fail;
}
session->tty_validity = TTY_FROM_PAM;
}
if (!isempty(display)) {

24
src/login/logind-session.c
View File

@ -56,6 +56,7 @@ int session_new(Session **ret, Manager *m, const char *id) {
.fifo_fd = -1,
.vtfd = -1,
.audit_id = AUDIT_SESSION_INVALID,
.tty_validity = _TTY_VALIDITY_INVALID,
};
s->state_file = strappend("/run/systemd/sessions/", id);
@ -246,6 +247,9 @@ int session_save(Session *s) {
if (s->tty)
fprintf(f, "TTY=%s\n", s->tty);
if (s->tty_validity >= 0)
fprintf(f, "TTY_VALIDITY=%s\n", tty_validity_to_string(s->tty_validity));
if (s->display)
fprintf(f, "DISPLAY=%s\n", s->display);
@ -382,6 +386,7 @@ static int session_load_devices(Session *s, const char *devices) {
int session_load(Session *s) {
_cleanup_free_ char *remote = NULL,
*seat = NULL,
*tty_validity = NULL,
*vtnr = NULL,
*state = NULL,
*position = NULL,
@ -407,6 +412,7 @@ int session_load(Session *s) {
"FIFO", &s->fifo_path,
"SEAT", &seat,
"TTY", &s->tty,
"TTY_VALIDITY", &tty_validity,
"DISPLAY", &s->display,
"REMOTE_HOST", &s->remote_host,
"REMOTE_USER", &s->remote_user,
@ -483,6 +489,16 @@ int session_load(Session *s) {
seat_claim_position(s->seat, s, npos);
}
if (tty_validity) {
TTYValidity v;
v = tty_validity_from_string(tty_validity);
if (v < 0)
log_debug("Failed to parse TTY validity: %s", tty_validity);
else
s->tty_validity = v;
}
if (leader) {
pid_t pid;
@ -1398,3 +1414,11 @@ static const char* const kill_who_table[_KILL_WHO_MAX] = {
};
DEFINE_STRING_TABLE_LOOKUP(kill_who, KillWho);
static const char* const tty_validity_table[_TTY_VALIDITY_MAX] = {
[TTY_FROM_PAM] = "from-pam",
[TTY_FROM_UTMP] = "from-utmp",
[TTY_UTMP_INCONSISTENT] = "utmp-inconsistent",
};
DEFINE_STRING_TABLE_LOOKUP(tty_validity, TTYValidity);

14
src/login/logind-session.h
View File

@ -46,6 +46,14 @@ enum KillWho {
_KILL_WHO_INVALID = -1
};
typedef enum TTYValidity {
TTY_FROM_PAM,
TTY_FROM_UTMP,
TTY_UTMP_INCONSISTENT, /* may happen on ssh sessions with multiplexed TTYs */
_TTY_VALIDITY_MAX,
_TTY_VALIDITY_INVALID = -1,
} TTYValidity;
struct Session {
Manager *manager;
@ -60,8 +68,9 @@ struct Session {
dual_timestamp timestamp;
char *tty;
char *display;
char *tty;
TTYValidity tty_validity;
bool remote;
char *remote_user;
@ -160,6 +169,9 @@ SessionClass session_class_from_string(const char *s) _pure_;
const char *kill_who_to_string(KillWho k) _const_;
KillWho kill_who_from_string(const char *s) _pure_;
const char* tty_validity_to_string(TTYValidity t) _const_;
TTYValidity tty_validity_from_string(const char *s) _pure_;
int session_prepare_vt(Session *s);
void session_restore_vt(Session *s);
void session_leave_vt(Session *s);

10
src/login/logind.c
View File

@ -133,6 +133,10 @@ static Manager* manager_unref(Manager *m) {
sd_event_source_unref(m->udev_button_event_source);
sd_event_source_unref(m->lid_switch_ignore_event_source);
#if ENABLE_UTMP
sd_event_source_unref(m->utmp_event_source);
#endif
safe_close(m->console_active_fd);
udev_monitor_unref(m->udev_seat_monitor);
@ -1071,6 +1075,9 @@ static int manager_startup(Manager *m) {
if (r < 0)
return log_error_errno(r, "Failed to register SIGHUP handler: %m");
/* Connect to utmp */
manager_connect_utmp(m);
/* Connect to console */
r = manager_connect_console(m);
if (r < 0)
@ -1126,6 +1133,9 @@ static int manager_startup(Manager *m) {
/* Reserve the special reserved VT */
manager_reserve_vt(m);
/* Read in utmp if it exists */
manager_read_utmp(m);
/* And start everything */
HASHMAP_FOREACH(seat, m->seats, i)
(void) seat_start(seat);

8
src/login/logind.h
View File

@ -44,6 +44,10 @@ struct Manager {
sd_event_source *udev_vcsa_event_source;
sd_event_source *udev_button_event_source;
#if ENABLE_UTMP
sd_event_source *utmp_event_source;
#endif
int console_active_fd;
unsigned n_autovts;
@ -151,6 +155,10 @@ bool manager_is_docked_or_external_displays(Manager *m);
bool manager_is_on_external_power(void);
bool manager_all_buttons_ignored(Manager *m);
int manager_read_utmp(Manager *m);
void manager_connect_utmp(Manager *m);
void manager_reconnect_utmp(Manager *m);
extern const sd_bus_vtable manager_vtable[];
int match_job_removed(sd_bus_message *message, void *userdata, sd_bus_error *error);