Re: [systemd-devel] Create a new logind session from a systemd --user unit
[ I'm going to trim the CC, I'm pretty sure everyone who has commented so far is on systemd-devel ] On Wed, 2014-01-08 at 13:55 +0100, David Herrmann wrote: > This basically defeats the whole purpose of a session. A lot of it, yes. The session becomes: * A refcount on the user@.service * A claim of particular devices (tty, X server) > If you now do > session.kill(), you kill both logins. That's not intentional, I guess. No. The only process actually in the session cgroup would be a stub. Asking logind to kill it would cause it to release the fd and hence drop a ref on the user@.service. Only once all sessions are closed would the user@.service terminate. > > * If two logins (of the same user) are associated with different > > seats, this is not really supported at the moment, so we could ban it, > > or we could simply allow it and temporarily merge the two seats and > > let the session controller (window manager) deal with how that should > > be presented to the user. This would probably mean that we want > > logind's interfaces for getting hardware devices should be per-user, > > and not per-session. Yeah...this bit is tricky. For the case of GNOME where it's simply not supported to log in multiple times, all we need is a mechanism to discover the X server that gdm spawned (not as part of the session or user@.service). The way that works in my prototype patches is that GDM sets the x11-display property via PAM, and then systemd writes that to $XDG_RUNTIME_DIR. From there, libX11 can pick it up automatically. Now, for "session controllers" that want to support multiple logins, it gets far more complex. I think they'd have to do something like what you were saying with double templating (somecontroller@.service). Or as I say below, these controllers just stay as they are today. > I talked to Jasper about this shortly. I really think we need to > discuss this at FOSDEM. What he said is that they try to ditch > sessions entirely and move to "user-based sessions" instead. So if you > login multiple times as the same user, you always join the same > session (or are rejected, whatever your policy is). A lot hinges on the precise meaning of "join" here. Presently, gdm will just VT-switch you to your original X server if you try to log in again. > * Multi-seat: You cannot login as the same user on two seats > simultaneously. This would require running "systemd --user" twice for > the same user. I'm not sure whether that is possible? Same requirement > would be given for the user-bus, etc.. We could use unit-templates, > something like systemd-consoled@..service. However, > multi-layer templates seem cumbersome. Or "session controllers" that want to do this simply don't run per user; they just continue to have all of their processes in the session cgroup and work just as they do today. I can't think of a problem with that. > * Session-assignment: This is the bigger problem, imho. If we run > processes as systemd --user units, these services are childs of > systemd, not of gnome-session or else. As systemd does not run in a > session, the units itself cannot inherit a session. So we really > destroy the session concept then for anything that runs for the whole > user. Yes, as I said; I think we'll all have to come to grips with the idea that a session is just a refcount on user@.service with some metadata; it no longer holds the process tree. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Create a new logind session from a systemd --user unit
Hi Colin, I realise this thread may be out-of-date by now, so please excuse me if I'm commenting on something which has later changed. On Sun, Aug 4, 2013 at 4:46 PM, Colin Walters wrote: > On Tue, 2013-07-30 at 01:02 +0200, Lennart Poettering wrote: > >> We are working on this bit by bit. If you want this to go faster, then >> please work with us, and write patches for libX11 and D-Bus. > > Ok, some hacking on the plane on the way to GUADEC got me really far on > this; then we had a quick face to face to work through some conceptual > issues. > > In the new user@ model, it's very important to note there is only one > "stub" process per session (at least graphical ones - whether we change > getty is a whole other topic). So for graphical, everything is launched > from user@.service. The side effect of this is twofold: > > 1) Pretty much all the user processes are no longer inside a session >at all. > 2) It is now much harder to log in multiple times graphically; this >is kind of a crazy thing to do, but it's still *possible*. To do >so, you wire up your userspace code to set >the pile of usual environment variables to override (DISPLAY, >DBUS_SESSION_BUS_ADDRESS, etc.) I can say though at least for >GNOME we haven't supported this for years, so it's really not >a change. > > For for adapting to 1), we agreed on adding the concept of a "primary" > session, which is basically the first non-tty login. I've added a small > API to systemd to look this up, and the patched GNOME to use it > (although we partially still respect XDG_SESSION_ID). Hm, I'm not really happy with the notion of a "primary" session, particularly as it relies on distinguishing between graphical and non-graphical sessions (where does the line go between a traditional VT, systemd-consoled, kmscon, wayland, X,...). And also relying on something being the "first" sounds like it may become confusing for the user. Have you considered taking things one step further, and simply force at most one logind session per user? This would mean that logging in as the same user the second time means the new login will join the already existing session. We then get: * If at most one of the logins is associated with a seat (and the rest are remote), things will work just as now. * If two logins (of the same user) are associated with different seats, this is not really supported at the moment, so we could ban it, or we could simply allow it and temporarily merge the two seats and let the session controller (window manager) deal with how that should be presented to the user. This would probably mean that we want logind's interfaces for getting hardware devices should be per-user, and not per-session. * If two logins (of the same user) are both associated with the same seat, we'll have to allow switching between the two apps being the session controller within the same session (this is a common use-case for when you login once with consoled and once with mutter, or something like that). Cheers, Tom ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Create a new logind session from a systemd --user unit
On Mon, Aug 5, 2013 at 12:55 PM, Colin Walters wrote: > On Sun, 2013-08-04 at 10:46 -0400, Colin Walters wrote: > >> https://people.gnome.org/~walters/user-session-patches > > Now updated with various bugfixes. PolicyKit works, the lock screen > works, etc. just chiming in here... it's like you knew it was my birthday this week! :^) > Or maybe we should spawn user@.service from inside the first session, > and treat that as primary; add a new state like "user-linger" that > occurs if the user logs in twice, then closes the first one. > > It would feel a lot less architecturally weird too if we changed getty > and ssh logins to behave the same way as gdm - i.e. we have > loginshell@.service, and keep around a dummy process. > > So...dunno, it does feel hacky in some ways. > > On the other hand, I'm *really* looking forward to being able to just > ssh/VT login into a machine and be able to run e.g. "gdbus monitor" and > "gsettings". so, most of the patches look very reasonable to me, and I don't see anything wrong. I wondered, just like Simon, if multi-user is still working as well Other than that, please keep up the good work, this is something I've been looking forward to seeing for over a year now. Auke ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Create a new logind session from a systemd --user unit
On Sun, 2013-08-04 at 10:46 -0400, Colin Walters wrote:
> https://people.gnome.org/~walters/user-session-patches
Now updated with various bugfixes. PolicyKit works, the lock screen
works, etc.
However...let me call out one particular change:
diff --git a/src/login/logind-dbus.c b/src/login/logind-dbus.c
index 7b9bd20..2fab003 100644
--- a/src/login/logind-dbus.c
+++ b/src/login/logind-dbus.c
@@ -485,6 +485,10 @@ static int bus_manager_create_session(Manager *m,
DBusMessage *message) {
}
r = manager_get_session_by_pid(m, leader, &session);
+if (!session) {
+/* Fall back to the primary session */
+r = manager_get_primary_session_by_pid(m, leader, &session);
+}
if (session) {
_cleanup_dbus_message_unref_ DBusMessage *reply = NULL;
_cleanup_free_ char *path = NULL;
I had to patch logind itself to have pkexec work (and similar would
apply to su/sudo). At this point I think I've patched pretty much all
the interesting session lookup calls to fall back to primary. Perhaps
that's not wrong, but it does give one pause. I could just change
sd_pid_get_session() to do that by default...
Or maybe we should spawn user@.service from inside the first session,
and treat that as primary; add a new state like "user-linger" that
occurs if the user logs in twice, then closes the first one.
It would feel a lot less architecturally weird too if we changed getty
and ssh logins to behave the same way as gdm - i.e. we have
loginshell@.service, and keep around a dummy process.
So...dunno, it does feel hacky in some ways.
On the other hand, I'm *really* looking forward to being able to just
ssh/VT login into a machine and be able to run e.g. "gdbus monitor" and
"gsettings".
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Create a new logind session from a systemd --user unit
On Sun, 2013-08-04 at 21:02 +0300, Oleksii Shevchuk wrote: > What about logind/polkit? I.e. if i start nm-applet from systemd@user, > than polkit doesn't authenticate it, as it not belong to active session Ok, I tossed up: https://people.gnome.org/~walters/user-session-patches/polkit/ With this and another systemd change, I can now "pkexec bash" as I usually do. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Create a new logind session from a systemd --user unit
On Mon, 2013-08-05 at 12:24 +0100, Simon McVittie wrote: > On 04/08/13 15:46, Colin Walters wrote: > > 1) Pretty much all the user processes are no longer inside a session > >at all. > > 2) It is now much harder to log in multiple times graphically; this > >is kind of a crazy thing to do, but it's still *possible*. > > How (if at all) does this cope with gdm multi-seat? Even if it isn't > possible for the same "real user" to be on more than one seat > simultaneously, if I understand it correctly, I think a multi-seat gdm > setup still wants to be running the greeter (as a system user, e.g. > Debian-gdm on Debian) on each seat. With my current patches, GDM still launches the greeter itself in the same way it was before - I believe multi-seat will still work, becuase gdm sets the environment variables for each greeter session. Doing the greeter session multiseat would probably be something like gnome-session@seat0.service, which in turn would really require breaking up gnome-session into component parts and having org.gnome.SessionManager.seat0 because with the user bus because there's only one org.gnome.SessionManager bus name...but then...ugh. Ok, maybe you're right that dynamically generating uids would be easier. But honestly, rearchitecting the greeter session is really low on my priority list - the most important thing is to get applications in cgroups. So we can just leave it as is for the near future. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Create a new logind session from a systemd --user unit
On 04/08/13 15:46, Colin Walters wrote: > 1) Pretty much all the user processes are no longer inside a session >at all. > 2) It is now much harder to log in multiple times graphically; this >is kind of a crazy thing to do, but it's still *possible*. How (if at all) does this cope with gdm multi-seat? Even if it isn't possible for the same "real user" to be on more than one seat simultaneously, if I understand it correctly, I think a multi-seat gdm setup still wants to be running the greeter (as a system user, e.g. Debian-gdm on Debian) on each seat. (One possibility is to have some way for gdm to synthesize new uids, but that needs OS-integrator-level support, e.g. a reserved uid range; another is for each seat's greeter to set the necessary pile of extra environment variables to avoid using the XDG_RUNTIME_DIR much, or at all.) S ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Create a new logind session from a systemd --user unit
On Sun, 2013-08-04 at 21:02 +0300, Oleksii Shevchuk wrote: > What about logind/polkit? I.e. if i start nm-applet from systemd@user, > than polkit doesn't authenticate it, as it not belong to active session https://bugs.freedesktop.org/show_bug.cgi?id=67728 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Create a new logind session from a systemd --user unit
What about logind/polkit? I.e. if i start nm-applet from systemd@user, than polkit doesn't authenticate it, as it not belong to active session ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Create a new logind session from a systemd --user unit
On Tue, 2013-07-30 at 01:02 +0200, Lennart Poettering wrote: > We are working on this bit by bit. If you want this to go faster, then > please work with us, and write patches for libX11 and D-Bus. Ok, some hacking on the plane on the way to GUADEC got me really far on this; then we had a quick face to face to work through some conceptual issues. In the new user@ model, it's very important to note there is only one "stub" process per session (at least graphical ones - whether we change getty is a whole other topic). So for graphical, everything is launched from user@.service. The side effect of this is twofold: 1) Pretty much all the user processes are no longer inside a session at all. 2) It is now much harder to log in multiple times graphically; this is kind of a crazy thing to do, but it's still *possible*. To do so, you wire up your userspace code to set the pile of usual environment variables to override (DISPLAY, DBUS_SESSION_BUS_ADDRESS, etc.) I can say though at least for GNOME we haven't supported this for years, so it's really not a change. For for adapting to 1), we agreed on adding the concept of a "primary" session, which is basically the first non-tty login. I've added a small API to systemd to look this up, and the patched GNOME to use it (although we partially still respect XDG_SESSION_ID). My current patches are here: https://people.gnome.org/~walters/user-session-patches I've been hacking on it using gnome-ostree; if there's interest I can toss up a VM. Before I spend too much time polishing the patches, I'd like to be sure the high level architecture makes sense. So please take a look at the patches at that level; I'll split them up cleanly with better commit messages after. Obligatory screenshot: https://people.gnome.org/~walters/Screenshot-gnome-ostree-systemd-user.png ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Create a new logind session from a systemd --user unit
On 30/07/13 00:02, Lennart Poettering wrote:
> Also, D-Bus needs to look for the bus socket in $XDG_RUNTIME_DIR too.
If you want this to happen ("you" in general, but especially Lennart who
is a D-Bus reviewer), please review, test and/or "adopt"
. I am unlikely to
have time to write further code for that bug any time soon, but if you
suggested additional patches I'd review them.
S
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Create a new logind session from a systemd --user unit
On Tue, 30.07.13 01:02, Lennart Poettering (lenn...@poettering.net) wrote: > Either use a display manager or simply "update" your existing session's > tty to graphical temporarily, rather then placing things on a new > tty. (Note that the Fedora startx script does this implicitly this way) To elaborate a bit on this: this is also necessary since sessions can only be assigned to a single TTY. However, you need the proper tty-to-session assignment since otherwise logind+udev's device ACL management won't work and your X session will then lack access to audio devices, drm, or video4linux and similar... Lennart -- Lennart Poettering - Red Hat, Inc. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Create a new logind session from a systemd --user unit
On Sat, 27.07.13 21:47, Abdó Roig-Maranges (abdo.r...@gmail.com) wrote: > > Hello, > > I'm happily using systemd 204 user instance to handle my desktop (xorg, > awesome > wm, mpd, etc.) in Arch. I started experimenting with systemd 206 trying to > adapt > my setup to the changes in cgroups, slices, and all that. > > In 206, systemd user session is started automatically by pam_systemd when I > login to a tty. Then, I want to manually launch my window manager, in a new > logind session for my user, on a different tty. This is not supported by logind. You cannot allocate sessions from other sessions, only from the system daemon. This is because we try to keep the various session definitions in sync, for example the audit session which is nowadays "sealed" off by the kernel. Either use a display manager or simply "update" your existing session's tty to graphical temporarily, rather then placing things on a new tty. (Note that the Fedora startx script does this implicitly this way) Note that "systemd --user" is WIP (which is why you find very little documentation about it from us, except the most basic reference in the man pages). It was never supposed to be run from login sessions (it's not called "systemd --session" but "systemd --user" for a reason) except for debugging purposes. Recent systemd versions make this a bit harder than before since for security reasons normal user sessions do not get write access to their cgroup tree anymore, only user@.service gets. Now, user@.service is not complete yet. To be fully useful we need some support from X11, so that it can connect to the X11 display via $XDG_RUNTIME_DIR/display, rather than relying on $DISPLAY. Also, D-Bus needs to look for the bus socket in $XDG_RUNTIME_DIR too. We are working on this bit by bit. If you want this to go faster, then please work with us, and write patches for libX11 and D-Bus. If you need an quick solution immediately I suggest you simply chown the sessions cgroup tree to your own user. That's a hack, and requires privileges, but is what I do for testing purposes. Lennart -- Lennart Poettering - Red Hat, Inc. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
