i1. Capability of making seats without framebuffer devices logind.c: The seat is now activated by any device with udev tag "seat-master" 71-seat.rules.in: All framebuffer devices have this tag multi-seat-x.c: if the seat does not have a framebuffer device, runs X as a proxy, adding -sharevts only if the seat has a framebuffer device, makes a special config for X (like it did before)
i2. Supporting of acls on devices shared between all seats (like /dev/snd/seq) These devices have "shared" udev tag in addition to "uaccess" A user gets permitions on it when he activates a session on any seat. He/she losses the permitions when no his/her active sessions more exist 71-seat.rules.in: sets "ONE_SEAT" env var to "Y" for all devices with "seat" tag 73-seat-late.rules.in: inherits "ONE_SEAT" env from the parent device. sets "shared" tag to all devices with "uaccess" tag with neither "ONE_SEAT" nor "ID_SEAT" env logind-acl.c: changes acl on shared devices regardless to their seats logind-seat.c: when a user removes an active sessions, checks are other active sessions of this user (on other seats) exists -------------------------- src/login/71-seat.rules.in-------------------------- index f554d7f..b9921e5 100644 @@ -11,6 +11,7 @@ TAG=="uaccess", SUBSYSTEM!="sound", TAG+="seat" SUBSYSTEM=="sound", KERNEL=="card*", TAG+="seat" SUBSYSTEM=="input", KERNEL=="input*", TAG+="seat" SUBSYSTEM=="graphics", KERNEL=="fb[0-9]*", TAG+="seat" +SUBSYSTEM=="graphics", KERNEL=="fb[0-9]*", TAG+="seat-master" SUBSYSTEM=="usb", ATTR{bDeviceClass}=="09", TAG+="seat" # 'Plugable' USB hub, sound, network, graphics adapter @@ -43,6 +44,8 @@ SUBSYSTEM=="usb", ATTR{idVendor}=="17e9", ATTR{idProduct}=="401a", ATTR{product} TAG=="seat", ENV{ID_PATH}=="", IMPORT{builtin}="path_id" TAG=="seat", ENV{ID_FOR_SEAT}=="", ENV{ID_PATH_TAG}!="", ENV{ID_FOR_SEAT}="$env{SUBSYSTEM}-$env{ID_PATH_TAG}" +TAG=="seat", ENV{ONE_SEAT}="Y" + SUBSYSTEM=="input", ATTR{name}=="Wiebetech LLC Wiebetech", RUN+="@rootbindir@/loginctl lock-sessions" LABEL="seat_end" ----------------------- src/login/73-seat-late.rules.in----------------------- index 901df75..f043fca 100644 @@ -14,4 +14,7 @@ ENV{ID_SEAT}!="", TAG+="$env{ID_SEAT}" TAG=="uaccess", ENV{MAJOR}!="", RUN{builtin}+="uaccess" +ENV{ONE_SEAT}=="", IMPORT{parent}="ONE_SEAT" +TAG=="uaccess", ENV{ONE_SEAT}!="Y", ENV{ID_SEAT}=="", TAG+="shared" + LABEL="seat_late_end" ---------------------------- src/login/logind-acl.c ---------------------------- index cb045a9..fb4893a 100644 @@ -174,7 +174,7 @@ finish: int devnode_acl_all(struct udev *udev, const char *seat, bool flush, - bool del, uid_t old_uid, + bool del, bool del_shared, uid_t old_uid, bool add, uid_t new_uid) { struct udev_list_entry *item = NULL, *first = NULL; @@ -208,6 +208,7 @@ int devnode_acl_all(struct udev *udev, udev_list_entry_foreach(item, first) { struct udev_device *d; const char *node, *sn; + bool is_shared; d = udev_device_new_from_syspath(udev, udev_list_entry_get_name(item)); if (!d) { @@ -215,13 +216,20 @@ int devnode_acl_all(struct udev *udev, goto finish; } - sn = udev_device_get_property_value(d, "ID_SEAT"); - if (isempty(sn)) - sn = "seat0"; + // all devices with shared tag are accessible with all seats + is_shared = udev_device_has_tag(d, "shared"); - if (!streq(seat, sn)) { - udev_device_unref(d); - continue; + if (is_shared) { + sn = "shared"; + } else { + sn = udev_device_get_property_value(d, "ID_SEAT"); + if (isempty(sn)) + sn = "seat0"; + + if (!streq(seat, sn)) { + udev_device_unref(d); + continue; + } } node = udev_device_get_devnode(d); @@ -233,7 +241,7 @@ int devnode_acl_all(struct udev *udev, log_debug("Fixing up %s for seat %s...", node, sn); - r = devnode_acl(node, flush, del, old_uid, add, new_uid); + r = devnode_acl(node, flush, is_shared ? del_shared : del, old_uid, add, new_uid); udev_device_unref(d); if (r < 0) ---------------------------- src/login/logind-acl.h ---------------------------- index ec09843..fe1183c 100644 @@ -35,7 +35,7 @@ int devnode_acl(const char *path, int devnode_acl_all(struct udev *udev, const char *seat, bool flush, - bool del, uid_t old_uid, + bool del, bool del_shared, uid_t old_uid, bool add, uid_t new_uid); #else --------------------------- src/login/logind-seat.c --------------------------- index 470d08b..544b3b0 100644 @@ -225,7 +225,10 @@ int seat_apply_acls(Seat *s, Session *old_active) { r = devnode_acl_all(s->manager->udev, s->id, false, - !!old_active, old_active ? old_active->user->uid : 0, + !!old_active, + // delete acl on shared devices only if no other active sessions + old_active && user_get_state(old_active->user) != USER_ACTIVE, + old_active ? old_active->user->uid : 0, !!s->active, s->active ? s->active->user->uid : 0); if (r < 0) ------------------------------ src/login/logind.c ------------------------------ index 9cce481..16c504a 100644 @@ -450,11 +450,7 @@ int manager_enumerate_devices(Manager *m) { goto finish; } - r = udev_enumerate_add_match_subsystem(e, "graphics"); - if (r < 0) - goto finish; - - r = udev_enumerate_add_match_tag(e, "seat"); + r = udev_enumerate_add_match_tag(e, "seat-master"); if (r < 0) goto finish; @@ -1286,11 +1282,7 @@ static int manager_connect_udev(Manager *m) { if (!m->udev_seat_monitor) return -ENOMEM; - r = udev_monitor_filter_add_match_tag(m->udev_seat_monitor, "seat"); - if (r < 0) - return r; - - r = udev_monitor_filter_add_match_subsystem_devtype(m->udev_seat_monitor, "graphics", NULL); + r = udev_monitor_filter_add_match_tag(m->udev_seat_monitor, "seat-master"); if (r < 0) return r;
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel