Containers will now carry a label (normally derived from the root
directory name, but configurable by the user), and the container's root
cgroup is /machine/<label>. This label is called "machine name", and can
cover both containers and VMs (as soon as libvirt also makes use of
/machine/).
libsystemd-login can be used to query the machine name from a process.
This patch also includes numerous clean-ups for the cgroup code.
Previously for cases like "su" or "sudo" where a session is attempted to
be created from within an existing one we used the audit session ID to
detect this and in such a case we simple returned the session data of
the original session a second time.
With this change we will now use the cgroup path of the calling path to
determine the old session, i.e. we only rely on our own session
identification scheme, instead of audits.
We will continue to keep the audit session ID and ours in sync however,
to avoid unnecessary confusion.
Occasionally people report problem with reboot/poweroff operations hanging in
the middle. One known cause is when a new transaction to start a unit is
enqueued while the shutdown is going on. The start of the unit conflicts with
the shutdown jobs, so they get cancelled. The failure case can be quite unpleasant,
becase getty and sshd may already be stopped.
Fix it by using irreversible jobs for shutdown (reboot/poweroff/...) actions.
This applies to commands like "reboot", "telinit 6", "systemctl reboot". Should
someone desire to use reversible jobs, they can say "systemctl start reboot.target".`
- Don't allow any locks to be taken while we are in the process of
executing the specific operation, so that apps are not surprised if a
suspend/shutdown happens while they rely on their inhibitor.
- Get rid of the Resumed signal, it was a bad idea, and redundant due to
PrepareForSleep(false), see below.
- Always send out PrepareFor{Shutdown,Sleep} signals, instead of only if
a delay lock is taken.
- Move PrepareForSleep(false) after we come back from the suspend, so
that apps can use this as "Resumed" notification. This also has the
benefit that apps know when to take a new lock.
This allows clients to get asynchronous notifications for user-requested
suspend/hibernate cycles. Kernel-triggered automatic suspending is not
covered.
[Tested in latest gnome-ostree; if accepted, I'll look at a followup
patch which fixes the other dbus_connection_send(reply, ...) calls
besides logind]
DBus messages can have a flag NO_REPLY associated that means "I don't
need a reply". This is for efficiency reasons - for one-off requests
that can't return an error, etc.
However, it's up to users to manually check
dbus_message_get_no_reply() from a message. libdbus will happily send
out a reply if you don't.
Unfortunately, doing so is not just less efficient - it also triggers
a security error, for complex reasons. This is something that will
eventually be fixed in dbus, but it's also correct to handle it in
client applications.
This new helper API is slightly nicer in that you don't have to pass
NULL to say you don't want a reply serial for your reply.
This patch also tweaks logind to use the API - there are more areas of
the code that need this treatment too.
The MESSAGE_ID=... stanza will appear in countless number of places.
It is just too long to write it out in full each time.
Incidentally, this also fixes a typo of MESSSAGE is three places.
The "$action-multiple-sessions" polkit actions are defined as
"$action while other users are logged in". To me this implies that the
following sessions should not count:
- greeter sessions
- user sessions belonging to the same user as the one who's asking
Not sure how to treat class SESSION_LOCK_SCREEN. I never have these.
I just ignore every class that's not SESSION_USER.
https://bugzilla.redhat.com/show_bug.cgi?id=814424
This takes handling of chassis power and sleep keys as well as the lid
switch over from acpid.
This logic is enabled by default for power and sleep keys, but not for
the lid switch.
If a graphical session is in the foreground no action is taken under the
assumption that the graphical session does this.
We finally got the OK from all contributors with non-trivial commits to
relicense systemd from GPL2+ to LGPL2.1+.
Some udev bits continue to be GPL2+ for now, but we are looking into
relicensing them too, to allow free copy/paste of all code within
systemd.
The bits that used to be MIT continue to be MIT.
The big benefit of the relicensing is that closed source code may now
link against libsystemd-login.so and friends.
For clean session endings ask logind explicitly to get rid of the FIFO
before closing it so that the FIFO logic doesn't result in su/sudo to be
terminated immediately.
This introduces the new PAM environment variable XDG_SESSION_CLASS. If
not set, defaults to "user".
This is useful for apps that want to distuingish real user logins from
"fake" ones which just exist to show a gdm login screen or a lock
screen.