[thirdparty/systemd.git] / src / home / homed-home.h

/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once

#include "forward.h"
#include "homed-forward.h"
#include "pidref.h"
#include "stat-util.h"

typedef enum HomeState {
        HOME_UNFIXATED,               /* home exists, but local record does not */
        HOME_ABSENT,                  /* local record exists, but home does not */
        HOME_INACTIVE,                /* record and home exist, but is not logged in */
        HOME_DIRTY,                   /* like HOME_INACTIVE, but the home directory wasn't cleanly deactivated */
        HOME_FIXATING,                /* generating local record from home */
        HOME_FIXATING_FOR_ACTIVATION, /* fixating in order to activate soon */
        HOME_FIXATING_FOR_ACQUIRE,    /* fixating because Acquire() was called */
        HOME_ACTIVATING,
        HOME_ACTIVATING_FOR_ACQUIRE,  /* activating because Acquire() was called */
        HOME_DEACTIVATING,
        HOME_ACTIVE,                  /* logged in right now */
        HOME_LINGERING,               /* not logged in anymore, but we didn't manage to deactivate (because some process keeps it busy?) but we'll keep trying */
        HOME_LOCKING,
        HOME_LOCKED,
        HOME_UNLOCKING,
        HOME_UNLOCKING_FOR_ACQUIRE,   /* unlocking because Acquire() was called */
        HOME_CREATING,
        HOME_REMOVING,
        HOME_UPDATING,
        HOME_UPDATING_WHILE_ACTIVE,
        HOME_RESIZING,
        HOME_RESIZING_WHILE_ACTIVE,
        HOME_PASSWD,
        HOME_PASSWD_WHILE_ACTIVE,
        HOME_AUTHENTICATING,
        HOME_AUTHENTICATING_WHILE_ACTIVE,
        HOME_AUTHENTICATING_FOR_ACQUIRE,  /* authenticating because Acquire() was called */
        _HOME_STATE_MAX,
        _HOME_STATE_INVALID = -EINVAL,
} HomeState;

static inline bool HOME_STATE_IS_ACTIVE(HomeState state) {
        return IN_SET(state,
                      HOME_ACTIVE,
                      HOME_LINGERING,
                      HOME_UPDATING_WHILE_ACTIVE,
                      HOME_RESIZING_WHILE_ACTIVE,
                      HOME_PASSWD_WHILE_ACTIVE,
                      HOME_AUTHENTICATING_WHILE_ACTIVE,
                      HOME_AUTHENTICATING_FOR_ACQUIRE);
}

static inline bool HOME_STATE_IS_EXECUTING_OPERATION(HomeState state) {
        return IN_SET(state,
                      HOME_FIXATING,
                      HOME_FIXATING_FOR_ACTIVATION,
                      HOME_FIXATING_FOR_ACQUIRE,
                      HOME_ACTIVATING,
                      HOME_ACTIVATING_FOR_ACQUIRE,
                      HOME_DEACTIVATING,
                      HOME_LOCKING,
                      HOME_UNLOCKING,
                      HOME_UNLOCKING_FOR_ACQUIRE,
                      HOME_CREATING,
                      HOME_REMOVING,
                      HOME_UPDATING,
                      HOME_UPDATING_WHILE_ACTIVE,
                      HOME_RESIZING,
                      HOME_RESIZING_WHILE_ACTIVE,
                      HOME_PASSWD,
                      HOME_PASSWD_WHILE_ACTIVE,
                      HOME_AUTHENTICATING,
                      HOME_AUTHENTICATING_WHILE_ACTIVE,
                      HOME_AUTHENTICATING_FOR_ACQUIRE);
}

static inline bool HOME_STATE_SHALL_PIN(HomeState state) {
        /* Like HOME_STATE_IS_ACTIVE() – but HOME_LINGERING is missing! */
        return IN_SET(state,
                      HOME_ACTIVE,
                      HOME_UPDATING_WHILE_ACTIVE,
                      HOME_RESIZING_WHILE_ACTIVE,
                      HOME_PASSWD_WHILE_ACTIVE,
                      HOME_AUTHENTICATING_WHILE_ACTIVE,
                      HOME_AUTHENTICATING_FOR_ACQUIRE);
}

#define HOME_STATE_SHALL_REBALANCE(state) HOME_STATE_SHALL_PIN(state)

static inline bool HOME_STATE_MAY_RETRY_DEACTIVATE(HomeState state) {
        /* Indicates when to leave the deactivate retry timer active */
        return IN_SET(state,
                      HOME_ACTIVE,
                      HOME_LINGERING,
                      HOME_DEACTIVATING,
                      HOME_LOCKING,
                      HOME_UNLOCKING,
                      HOME_UNLOCKING_FOR_ACQUIRE,
                      HOME_UPDATING_WHILE_ACTIVE,
                      HOME_RESIZING_WHILE_ACTIVE,
                      HOME_PASSWD_WHILE_ACTIVE,
                      HOME_AUTHENTICATING_WHILE_ACTIVE,
                      HOME_AUTHENTICATING_FOR_ACQUIRE);
}

typedef struct Home {
        Manager *manager;

        /* The fields this record can be looked up by. This is kinda redundant, as the same information is
         * available in the .record field, but we keep separate copies of these keys to make memory
         * management for the hashmaps easier. */
        char *user_name;
        char **aliases;
        uid_t uid;

        char *sysfs; /* When found via plugged in device, the sysfs path to it */

        /* Note that the 'state' field is only set to a state while we are doing something (i.e. activating,
         * deactivating, creating, removing, and such), or when the home is an "unfixated" one. When we are
         * done with an operation we invalidate the state. This is hint for home_get_state() to check the
         * state on request as needed from the mount table and similar. */
        HomeState state;
        int signed_locally; /* signed only by us */

        UserRecord *record;

        PidRef worker_pid;
        int worker_stdout_fd;
        sd_event_source *worker_event_source;
        int worker_error_code;

        /* The message we are currently processing, and thus need to reply to on completion */
        Operation *current_operation;

        /* Stores the raw, plaintext passwords, but only for short periods of time */
        UserRecord *secret;

        /* When we create a home area and that fails, we should possibly unregister the record altogether
         * again, which is remembered in this boolean. */
        bool unregister_on_failure;

        /* The reading side of a FIFO stored in /run/systemd/home/, the writing side being used for reference
         * counting. The references dropped to zero as soon as we see EOF. This concept exists twice: once
         * for clients that are fine if we suspend the home directory on system suspend, and once for clients
         * that are not ok with that. This allows us to determine for each home whether there are any clients
         * that support unsuspend. */
        sd_event_source *ref_event_source_please_suspend;
        sd_event_source *ref_event_source_dont_suspend;

        /* Any pending operations we still need to execute. These are for operations we want to queue if we
         * can't execute them right-away. */
        OrderedSet *pending_operations;

        /* A defer event source that processes pending acquire/release/eof events. We have a common
         * dispatcher that processes all three kinds of events. */
        sd_event_source *pending_event_source;

        /* Did we send out a D-Bus notification about this entry? */
        bool announced;

        /* Used to coalesce bus PropertiesChanged events */
        sd_event_source *deferred_change_event_source;

        /* An fd to the top-level home directory we keep while logged in, to keep the dir busy */
        int pin_fd;

        /* A time event used to repeatedly try to unmount home dir after use if it didn't work on first try */
        sd_event_source *retry_deactivate_event_source;

        /* An fd that locks the backing file of LUKS home dirs with a BSD lock. */
        int luks_lock_fd;

        /* Space metrics during rebalancing */
        uint64_t rebalance_size, rebalance_usage, rebalance_free, rebalance_min, rebalance_weight, rebalance_goal;

        /* Whether a rebalance operation is pending */
        bool rebalance_pending;
} Home;

int home_new(Manager *m, UserRecord *hr, const char *sysfs, Home **ret);
Home *home_free(Home *h);

DEFINE_TRIVIAL_CLEANUP_FUNC(Home*, home_free);

int home_set_record(Home *h, UserRecord *hr);
int home_save_record(Home *h);
int home_unlink_record(Home *h);

int home_fixate(Home *h, UserRecord *secret, sd_bus_error *error);
int home_activate(Home *h, bool if_referenced, UserRecord *secret, sd_bus_error *error);
int home_authenticate(Home *h, UserRecord *secret, sd_bus_error *error);
int home_deactivate(Home *h, bool force, sd_bus_error *error);
int home_create(Home *h, UserRecord *secret, Hashmap *blobs, uint64_t flags, sd_bus_error *error);
int home_remove(Home *h, sd_bus_error *error);
int home_update(Home *h, UserRecord *new_record, Hashmap *blobs, uint64_t flags, sd_bus_error *error);
int home_resize(Home *h, uint64_t disk_size, UserRecord *secret, sd_bus_error *error);
int home_passwd(Home *h, UserRecord *new_secret, UserRecord *old_secret, sd_bus_error *error);
int home_unregister(Home *h, sd_bus_error *error);
int home_lock(Home *h, sd_bus_error *error);
int home_unlock(Home *h, UserRecord *secret, sd_bus_error *error);

bool home_is_referenced(Home *h);
bool home_shall_suspend(Home *h);
HomeState home_get_state(Home *h);

int home_get_disk_status(
                Home *h,
                uint64_t *ret_disk_size,
                uint64_t *ret_disk_usage,
                uint64_t *ret_disk_free,
                uint64_t *ret_disk_ceiling,
                uint64_t *ret_disk_floor,
                statfs_f_type_t *ret_fstype,
                mode_t *ret_access_mode);

void home_process_notify(Home *h, char **l, int fd);

int home_killall(Home *h);

int home_augment_status(Home *h, UserRecordLoadFlags flags, UserRecord **ret);

int home_create_fifo(Home *h, bool please_suspend);
int home_schedule_operation(Home *h, Operation *o, sd_bus_error *error);

int home_auto_login(Home *h, char ***ret_seats);

int home_set_current_message(Home *h, sd_bus_message *m);

int home_wait_for_worker(Home *h);

bool home_shall_rebalance(Home *h);

bool home_is_busy(Home *h);

const char* home_state_to_string(HomeState state);
HomeState home_state_from_string(const char *s);
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
70a5db58 LP	2	#pragma once
70a5db58 LP	3
572c1fe6 DDM	4	#include "forward.h"
572c1fe6 DDM	5	#include "homed-forward.h"
3b0103aa	6	#include "pidref.h"
b0a7fb15	7	#include "stat-util.h"
52ee9ba1	8
70a5db58 LP	9	typedef enum HomeState {
	10	HOME_UNFIXATED, /* home exists, but local record does not */
	11	HOME_ABSENT, /* local record exists, but home does not */
	12	HOME_INACTIVE, /* record and home exist, but is not logged in */
9be99f81	13	HOME_DIRTY, /* like HOME_INACTIVE, but the home directory wasn't cleanly deactivated */
70a5db58 LP	14	HOME_FIXATING, /* generating local record from home */
	15	HOME_FIXATING_FOR_ACTIVATION, /* fixating in order to activate soon */
	16	HOME_FIXATING_FOR_ACQUIRE, /* fixating because Acquire() was called */
	17	HOME_ACTIVATING,
	18	HOME_ACTIVATING_FOR_ACQUIRE, /* activating because Acquire() was called */
	19	HOME_DEACTIVATING,
	20	HOME_ACTIVE, /* logged in right now */
23cff6d4	21	HOME_LINGERING, /* not logged in anymore, but we didn't manage to deactivate (because some process keeps it busy?) but we'll keep trying */
70a5db58 LP	22	HOME_LOCKING,
	23	HOME_LOCKED,
	24	HOME_UNLOCKING,
	25	HOME_UNLOCKING_FOR_ACQUIRE, /* unlocking because Acquire() was called */
	26	HOME_CREATING,
	27	HOME_REMOVING,
	28	HOME_UPDATING,
	29	HOME_UPDATING_WHILE_ACTIVE,
	30	HOME_RESIZING,
	31	HOME_RESIZING_WHILE_ACTIVE,
	32	HOME_PASSWD,
	33	HOME_PASSWD_WHILE_ACTIVE,
	34	HOME_AUTHENTICATING,
	35	HOME_AUTHENTICATING_WHILE_ACTIVE,
	36	HOME_AUTHENTICATING_FOR_ACQUIRE, /* authenticating because Acquire() was called */
	37	_HOME_STATE_MAX,
2d93c20e	38	_HOME_STATE_INVALID = -EINVAL,
70a5db58 LP	39	} HomeState;
	40
	41	static inline bool HOME_STATE_IS_ACTIVE(HomeState state) {
	42	return IN_SET(state,
	43	HOME_ACTIVE,
23cff6d4	44	HOME_LINGERING,
70a5db58 LP	45	HOME_UPDATING_WHILE_ACTIVE,
	46	HOME_RESIZING_WHILE_ACTIVE,
	47	HOME_PASSWD_WHILE_ACTIVE,
	48	HOME_AUTHENTICATING_WHILE_ACTIVE,
	49	HOME_AUTHENTICATING_FOR_ACQUIRE);
	50	}
	51
	52	static inline bool HOME_STATE_IS_EXECUTING_OPERATION(HomeState state) {
	53	return IN_SET(state,
	54	HOME_FIXATING,
	55	HOME_FIXATING_FOR_ACTIVATION,
	56	HOME_FIXATING_FOR_ACQUIRE,
	57	HOME_ACTIVATING,
	58	HOME_ACTIVATING_FOR_ACQUIRE,
	59	HOME_DEACTIVATING,
	60	HOME_LOCKING,
	61	HOME_UNLOCKING,
	62	HOME_UNLOCKING_FOR_ACQUIRE,
	63	HOME_CREATING,
	64	HOME_REMOVING,
	65	HOME_UPDATING,
	66	HOME_UPDATING_WHILE_ACTIVE,
	67	HOME_RESIZING,
	68	HOME_RESIZING_WHILE_ACTIVE,
	69	HOME_PASSWD,
	70	HOME_PASSWD_WHILE_ACTIVE,
	71	HOME_AUTHENTICATING,
	72	HOME_AUTHENTICATING_WHILE_ACTIVE,
	73	HOME_AUTHENTICATING_FOR_ACQUIRE);
	74	}
	75
23cff6d4 LP	76	static inline bool HOME_STATE_SHALL_PIN(HomeState state) {
	77	/* Like HOME_STATE_IS_ACTIVE() – but HOME_LINGERING is missing! */
	78	return IN_SET(state,
	79	HOME_ACTIVE,
	80	HOME_UPDATING_WHILE_ACTIVE,
	81	HOME_RESIZING_WHILE_ACTIVE,
	82	HOME_PASSWD_WHILE_ACTIVE,
	83	HOME_AUTHENTICATING_WHILE_ACTIVE,
	84	HOME_AUTHENTICATING_FOR_ACQUIRE);
	85	}
	86
d357b80d LP	87	#define HOME_STATE_SHALL_REBALANCE(state) HOME_STATE_SHALL_PIN(state)
d357b80d LP	88
23cff6d4 LP	89	static inline bool HOME_STATE_MAY_RETRY_DEACTIVATE(HomeState state) {
	90	/* Indicates when to leave the deactivate retry timer active */
	91	return IN_SET(state,
	92	HOME_ACTIVE,
	93	HOME_LINGERING,
	94	HOME_DEACTIVATING,
	95	HOME_LOCKING,
	96	HOME_UNLOCKING,
	97	HOME_UNLOCKING_FOR_ACQUIRE,
	98	HOME_UPDATING_WHILE_ACTIVE,
	99	HOME_RESIZING_WHILE_ACTIVE,
	100	HOME_PASSWD_WHILE_ACTIVE,
	101	HOME_AUTHENTICATING_WHILE_ACTIVE,
	102	HOME_AUTHENTICATING_FOR_ACQUIRE);
	103	}
	104
52ee9ba1	105	typedef struct Home {
70a5db58	106	Manager *manager;
40fd0e04 LP	107
	108	/* The fields this record can be looked up by. This is kinda redundant, as the same information is
	109	* available in the .record field, but we keep separate copies of these keys to make memory
	110	* management for the hashmaps easier. */
70a5db58	111	char *user_name;
40fd0e04	112	char **aliases;
70a5db58 LP	113	uid_t uid;
	114
	115	char sysfs; / When found via plugged in device, the sysfs path to it */
	116
	117	/* Note that the 'state' field is only set to a state while we are doing something (i.e. activating,
	118	* deactivating, creating, removing, and such), or when the home is an "unfixated" one. When we are
	119	* done with an operation we invalidate the state. This is hint for home_get_state() to check the
7802194a	120	* state on request as needed from the mount table and similar. */
70a5db58 LP	121	HomeState state;
	122	int signed_locally; /* signed only by us */
	123
	124	UserRecord *record;
	125
3b0103aa	126	PidRef worker_pid;
70a5db58 LP	127	int worker_stdout_fd;
	128	sd_event_source *worker_event_source;
	129	int worker_error_code;
	130
	131	/* The message we are currently processing, and thus need to reply to on completion */
	132	Operation *current_operation;
	133
	134	/* Stores the raw, plaintext passwords, but only for short periods of time */
	135	UserRecord *secret;
	136
18143cd7	137	/* When we create a home area and that fails, we should possibly unregister the record altogether
70a5db58 LP	138	* again, which is remembered in this boolean. */
	139	bool unregister_on_failure;
	140
	141	/* The reading side of a FIFO stored in /run/systemd/home/, the writing side being used for reference
5d490208 AV	142	* counting. The references dropped to zero as soon as we see EOF. This concept exists twice: once
	143	* for clients that are fine if we suspend the home directory on system suspend, and once for clients
	144	* that are not ok with that. This allows us to determine for each home whether there are any clients
	145	* that support unsuspend. */
70a5db58 LP	146	sd_event_source *ref_event_source_please_suspend;
	147	sd_event_source *ref_event_source_dont_suspend;
	148
	149	/* Any pending operations we still need to execute. These are for operations we want to queue if we
	150	* can't execute them right-away. */
	151	OrderedSet *pending_operations;
	152
	153	/* A defer event source that processes pending acquire/release/eof events. We have a common
	154	* dispatcher that processes all three kinds of events. */
	155	sd_event_source *pending_event_source;
	156
	157	/* Did we send out a D-Bus notification about this entry? */
	158	bool announced;
	159
	160	/* Used to coalesce bus PropertiesChanged events */
	161	sd_event_source *deferred_change_event_source;
0c71e3ef LP	162
	163	/* An fd to the top-level home directory we keep while logged in, to keep the dir busy */
	164	int pin_fd;
23cff6d4 LP	165
	166	/* A time event used to repeatedly try to unmount home dir after use if it didn't work on first try */
	167	sd_event_source *retry_deactivate_event_source;
2aaf565a LP	168
	169	/* An fd that locks the backing file of LUKS home dirs with a BSD lock. */
	170	int luks_lock_fd;
d357b80d LP	171
	172	/* Space metrics during rebalancing */
	173	uint64_t rebalance_size, rebalance_usage, rebalance_free, rebalance_min, rebalance_weight, rebalance_goal;
	174
	175	/* Whether a rebalance operation is pending */
	176	bool rebalance_pending;
52ee9ba1	177	} Home;
70a5db58 LP	178
	179	int home_new(Manager m, UserRecord hr, const char sysfs, Home *ret);
	180	Home home_free(Home h);
	181
	182	DEFINE_TRIVIAL_CLEANUP_FUNC(Home*, home_free);
	183
	184	int home_set_record(Home h, UserRecord hr);
	185	int home_save_record(Home *h);
	186	int home_unlink_record(Home *h);
	187
	188	int home_fixate(Home h, UserRecord secret, sd_bus_error *error);
336b1f19	189	int home_activate(Home h, bool if_referenced, UserRecord secret, sd_bus_error *error);
70a5db58 LP	190	int home_authenticate(Home h, UserRecord secret, sd_bus_error *error);
70a5db58 LP	191	int home_deactivate(Home h, bool force, sd_bus_error error);
a4d72746	192	int home_create(Home h, UserRecord secret, Hashmap blobs, uint64_t flags, sd_bus_error error);
70a5db58	193	int home_remove(Home h, sd_bus_error error);
a4d72746	194	int home_update(Home h, UserRecord new_record, Hashmap blobs, uint64_t flags, sd_bus_error error);
5ec87d57	195	int home_resize(Home h, uint64_t disk_size, UserRecord secret, sd_bus_error *error);
70a5db58 LP	196	int home_passwd(Home h, UserRecord new_secret, UserRecord old_secret, sd_bus_error error);
	197	int home_unregister(Home h, sd_bus_error error);
	198	int home_lock(Home h, sd_bus_error error);
	199	int home_unlock(Home h, UserRecord secret, sd_bus_error *error);
	200
64b74c86 LP	201	bool home_is_referenced(Home *h);
64b74c86 LP	202	bool home_shall_suspend(Home *h);
70a5db58 LP	203	HomeState home_get_state(Home *h);
70a5db58 LP	204
6d302436 YW	205	int home_get_disk_status(
	206	Home *h,
	207	uint64_t *ret_disk_size,
	208	uint64_t *ret_disk_usage,
	209	uint64_t *ret_disk_free,
	210	uint64_t *ret_disk_ceiling,
	211	uint64_t *ret_disk_floor,
	212	statfs_f_type_t *ret_fstype,
	213	mode_t *ret_access_mode);
f639f60e	214
2aaf565a	215	void home_process_notify(Home h, char *l, int fd);
70a5db58 LP	216
	217	int home_killall(Home *h);
	218
	219	int home_augment_status(Home h, UserRecordLoadFlags flags, UserRecord *ret);
	220
5d490208	221	int home_create_fifo(Home *h, bool please_suspend);
70a5db58 LP	222	int home_schedule_operation(Home h, Operation o, sd_bus_error *error);
	223
	224	int home_auto_login(Home h, char **ret_seats);
	225
	226	int home_set_current_message(Home h, sd_bus_message m);
	227
9796a9fb LP	228	int home_wait_for_worker(Home *h);
9796a9fb LP	229
d357b80d LP	230	bool home_shall_rebalance(Home *h);
	231
	232	bool home_is_busy(Home *h);
	233
bfd5a068	234	const char* home_state_to_string(HomeState state);
70a5db58	235	HomeState home_state_from_string(const char *s);