]>
Commit | Line | Data |
---|---|---|
53e1b683 | 1 | /* SPDX-License-Identifier: LGPL-2.1+ */ |
20263082 | 2 | |
4f5dd394 | 3 | #include <errno.h> |
20263082 LP |
4 | #include <string.h> |
5 | #include <unistd.h> | |
0d536673 | 6 | #include <stdio_ext.h> |
20263082 | 7 | |
b5efdb8a | 8 | #include "alloc-util.h" |
90558f31 | 9 | #include "bus-common-errors.h" |
cc377381 | 10 | #include "bus-error.h" |
4f5dd394 | 11 | #include "bus-util.h" |
f5058264 | 12 | #include "cgroup-util.h" |
66cdd0f2 | 13 | #include "clean-ipc.h" |
4f5dd394 | 14 | #include "escape.h" |
3ffd4af2 | 15 | #include "fd-util.h" |
4f5dd394 | 16 | #include "fileio.h" |
f97b34a6 | 17 | #include "format-util.h" |
f4f15635 | 18 | #include "fs-util.h" |
4f5dd394 | 19 | #include "hashmap.h" |
9e281beb | 20 | #include "label.h" |
3ffd4af2 | 21 | #include "logind-user.h" |
4f5dd394 | 22 | #include "mkdir.h" |
6bedfcbb | 23 | #include "parse-util.h" |
4f5dd394 LP |
24 | #include "path-util.h" |
25 | #include "rm-rf.h" | |
d68c645b | 26 | #include "serialize.h" |
4f5dd394 | 27 | #include "special.h" |
90558f31 | 28 | #include "stdio-util.h" |
8b43440b | 29 | #include "string-table.h" |
4e5b605a | 30 | #include "strv.h" |
4f5dd394 | 31 | #include "unit-name.h" |
ee104e11 | 32 | #include "user-util.h" |
4f5dd394 | 33 | #include "util.h" |
20263082 | 34 | |
d5ac9d06 LP |
35 | int user_new(User **ret, |
36 | Manager *m, | |
37 | uid_t uid, | |
38 | gid_t gid, | |
39 | const char *name, | |
40 | const char *home) { | |
41 | ||
157f5057 | 42 | _cleanup_(user_freep) User *u = NULL; |
6230bf75 | 43 | char lu[DECIMAL_STR_MAX(uid_t) + 1]; |
6230bf75 | 44 | int r; |
20263082 | 45 | |
8c29a457 | 46 | assert(ret); |
20263082 LP |
47 | assert(m); |
48 | assert(name); | |
49 | ||
8c29a457 | 50 | u = new(User, 1); |
20263082 | 51 | if (!u) |
157f5057 DH |
52 | return -ENOMEM; |
53 | ||
8c29a457 LP |
54 | *u = (User) { |
55 | .manager = m, | |
56 | .uid = uid, | |
57 | .gid = gid, | |
9afe9efb | 58 | .last_session_timestamp = USEC_INFINITY, |
8c29a457 | 59 | }; |
20263082 LP |
60 | |
61 | u->name = strdup(name); | |
9444b1f2 | 62 | if (!u->name) |
157f5057 | 63 | return -ENOMEM; |
20263082 | 64 | |
d5ac9d06 LP |
65 | u->home = strdup(home); |
66 | if (!u->home) | |
67 | return -ENOMEM; | |
68 | ||
de0671ee | 69 | if (asprintf(&u->state_file, "/run/systemd/users/"UID_FMT, uid) < 0) |
157f5057 | 70 | return -ENOMEM; |
20263082 | 71 | |
f9e4283d | 72 | if (asprintf(&u->runtime_path, "/run/user/"UID_FMT, uid) < 0) |
157f5057 | 73 | return -ENOMEM; |
f9e4283d | 74 | |
8c29a457 | 75 | xsprintf(lu, UID_FMT, uid); |
6230bf75 DH |
76 | r = slice_build_subslice(SPECIAL_USER_SLICE, lu, &u->slice); |
77 | if (r < 0) | |
157f5057 | 78 | return r; |
6230bf75 | 79 | |
b690ef12 DH |
80 | r = unit_name_build("user", lu, ".service", &u->service); |
81 | if (r < 0) | |
82 | return r; | |
83 | ||
25a1ab4e LP |
84 | r = unit_name_build("user-runtime-dir", lu, ".service", &u->runtime_dir_service); |
85 | if (r < 0) | |
86 | return r; | |
87 | ||
157f5057 DH |
88 | r = hashmap_put(m->users, UID_TO_PTR(uid), u); |
89 | if (r < 0) | |
90 | return r; | |
20263082 | 91 | |
157f5057 DH |
92 | r = hashmap_put(m->user_units, u->slice, u); |
93 | if (r < 0) | |
94 | return r; | |
9444b1f2 | 95 | |
b690ef12 DH |
96 | r = hashmap_put(m->user_units, u->service, u); |
97 | if (r < 0) | |
98 | return r; | |
99 | ||
25a1ab4e LP |
100 | r = hashmap_put(m->user_units, u->runtime_dir_service, u); |
101 | if (r < 0) | |
102 | return r; | |
103 | ||
8c29a457 | 104 | *ret = TAKE_PTR(u); |
157f5057 | 105 | return 0; |
20263082 LP |
106 | } |
107 | ||
157f5057 DH |
108 | User *user_free(User *u) { |
109 | if (!u) | |
110 | return NULL; | |
20263082 | 111 | |
14c3baca | 112 | if (u->in_gc_queue) |
71fda00f | 113 | LIST_REMOVE(gc_queue, u->manager->user_gc_queue, u); |
14c3baca | 114 | |
20263082 LP |
115 | while (u->sessions) |
116 | session_free(u->sessions); | |
117 | ||
157f5057 DH |
118 | if (u->service) |
119 | hashmap_remove_value(u->manager->user_units, u->service, u); | |
120 | ||
25a1ab4e LP |
121 | if (u->runtime_dir_service) |
122 | hashmap_remove_value(u->manager->user_units, u->runtime_dir_service, u); | |
123 | ||
157f5057 DH |
124 | if (u->slice) |
125 | hashmap_remove_value(u->manager->user_units, u->slice, u); | |
fb6becb4 | 126 | |
157f5057 | 127 | hashmap_remove_value(u->manager->users, UID_TO_PTR(u->uid), u); |
6230bf75 | 128 | |
9afe9efb LP |
129 | (void) sd_event_source_unref(u->timer_event_source); |
130 | ||
157f5057 | 131 | u->service_job = mfree(u->service_job); |
fb6becb4 | 132 | |
157f5057 | 133 | u->service = mfree(u->service); |
25a1ab4e | 134 | u->runtime_dir_service = mfree(u->runtime_dir_service); |
157f5057 DH |
135 | u->slice = mfree(u->slice); |
136 | u->runtime_path = mfree(u->runtime_path); | |
137 | u->state_file = mfree(u->state_file); | |
138 | u->name = mfree(u->name); | |
d5ac9d06 | 139 | u->home = mfree(u->home); |
20263082 | 140 | |
157f5057 | 141 | return mfree(u); |
20263082 LP |
142 | } |
143 | ||
71161305 | 144 | static int user_save_internal(User *u) { |
9444b1f2 LP |
145 | _cleanup_free_ char *temp_path = NULL; |
146 | _cleanup_fclose_ FILE *f = NULL; | |
20263082 LP |
147 | int r; |
148 | ||
149 | assert(u); | |
150 | assert(u->state_file); | |
151 | ||
37c1d5e9 | 152 | r = mkdir_safe_label("/run/systemd/users", 0755, 0, 0, MKDIR_WARN_MODE); |
20263082 | 153 | if (r < 0) |
dacd6cee | 154 | goto fail; |
20263082 | 155 | |
14c3baca LP |
156 | r = fopen_temporary(u->state_file, &f, &temp_path); |
157 | if (r < 0) | |
dacd6cee | 158 | goto fail; |
14c3baca | 159 | |
0d536673 LP |
160 | (void) __fsetlocking(f, FSETLOCKING_BYCALLER); |
161 | (void) fchmod(fileno(f), 0644); | |
20263082 LP |
162 | |
163 | fprintf(f, | |
14c3baca | 164 | "# This is private data. Do not parse.\n" |
20263082 | 165 | "NAME=%s\n" |
d865bc02 LP |
166 | "STATE=%s\n" /* friendly user-facing state */ |
167 | "STOPPING=%s\n", /* low-level state */ | |
20263082 | 168 | u->name, |
d865bc02 LP |
169 | user_state_to_string(user_get_state(u)), |
170 | yes_no(u->stopping)); | |
20263082 | 171 | |
f9e4283d | 172 | /* LEGACY: no-one reads RUNTIME= anymore, drop it at some point */ |
20263082 | 173 | if (u->runtime_path) |
9444b1f2 | 174 | fprintf(f, "RUNTIME=%s\n", u->runtime_path); |
20263082 | 175 | |
fb6becb4 LP |
176 | if (u->service_job) |
177 | fprintf(f, "SERVICE_JOB=%s\n", u->service_job); | |
9444b1f2 | 178 | |
20263082 | 179 | if (u->display) |
9444b1f2 LP |
180 | fprintf(f, "DISPLAY=%s\n", u->display->id); |
181 | ||
182 | if (dual_timestamp_is_set(&u->timestamp)) | |
20263082 | 183 | fprintf(f, |
90b2de37 ZJS |
184 | "REALTIME="USEC_FMT"\n" |
185 | "MONOTONIC="USEC_FMT"\n", | |
186 | u->timestamp.realtime, | |
187 | u->timestamp.monotonic); | |
20263082 | 188 | |
9afe9efb LP |
189 | if (u->last_session_timestamp != USEC_INFINITY) |
190 | fprintf(f, "LAST_SESSION_TIMESTAMP=" USEC_FMT "\n", | |
191 | u->last_session_timestamp); | |
192 | ||
034a2a52 LP |
193 | if (u->sessions) { |
194 | Session *i; | |
9b958eff | 195 | bool first; |
034a2a52 | 196 | |
0d536673 | 197 | fputs("SESSIONS=", f); |
9b958eff | 198 | first = true; |
034a2a52 | 199 | LIST_FOREACH(sessions_by_user, i, u->sessions) { |
9b958eff LP |
200 | if (first) |
201 | first = false; | |
202 | else | |
0d536673 | 203 | fputc(' ', f); |
9b958eff | 204 | |
0d536673 | 205 | fputs(i->id, f); |
034a2a52 LP |
206 | } |
207 | ||
0d536673 | 208 | fputs("\nSEATS=", f); |
9b958eff | 209 | first = true; |
034a2a52 | 210 | LIST_FOREACH(sessions_by_user, i, u->sessions) { |
9b958eff LP |
211 | if (!i->seat) |
212 | continue; | |
213 | ||
214 | if (first) | |
215 | first = false; | |
216 | else | |
0d536673 | 217 | fputc(' ', f); |
9b958eff | 218 | |
0d536673 | 219 | fputs(i->seat->id, f); |
034a2a52 LP |
220 | } |
221 | ||
0d536673 | 222 | fputs("\nACTIVE_SESSIONS=", f); |
9b958eff LP |
223 | first = true; |
224 | LIST_FOREACH(sessions_by_user, i, u->sessions) { | |
225 | if (!session_is_active(i)) | |
226 | continue; | |
227 | ||
228 | if (first) | |
229 | first = false; | |
230 | else | |
0d536673 | 231 | fputc(' ', f); |
9b958eff | 232 | |
0d536673 | 233 | fputs(i->id, f); |
9b958eff | 234 | } |
034a2a52 | 235 | |
0d536673 | 236 | fputs("\nONLINE_SESSIONS=", f); |
2dc8f41a CG |
237 | first = true; |
238 | LIST_FOREACH(sessions_by_user, i, u->sessions) { | |
239 | if (session_get_state(i) == SESSION_CLOSING) | |
240 | continue; | |
241 | ||
242 | if (first) | |
243 | first = false; | |
244 | else | |
0d536673 | 245 | fputc(' ', f); |
2dc8f41a | 246 | |
0d536673 | 247 | fputs(i->id, f); |
2dc8f41a CG |
248 | } |
249 | ||
0d536673 | 250 | fputs("\nACTIVE_SEATS=", f); |
9b958eff | 251 | first = true; |
034a2a52 | 252 | LIST_FOREACH(sessions_by_user, i, u->sessions) { |
9b958eff LP |
253 | if (!session_is_active(i) || !i->seat) |
254 | continue; | |
255 | ||
256 | if (first) | |
257 | first = false; | |
258 | else | |
0d536673 | 259 | fputc(' ', f); |
47acb2f1 | 260 | |
0d536673 | 261 | fputs(i->seat->id, f); |
034a2a52 | 262 | } |
2dc8f41a | 263 | |
0d536673 | 264 | fputs("\nONLINE_SEATS=", f); |
2dc8f41a CG |
265 | first = true; |
266 | LIST_FOREACH(sessions_by_user, i, u->sessions) { | |
267 | if (session_get_state(i) == SESSION_CLOSING || !i->seat) | |
268 | continue; | |
269 | ||
270 | if (first) | |
271 | first = false; | |
272 | else | |
0d536673 | 273 | fputc(' ', f); |
2dc8f41a | 274 | |
0d536673 | 275 | fputs(i->seat->id, f); |
2dc8f41a | 276 | } |
0d536673 | 277 | fputc('\n', f); |
034a2a52 LP |
278 | } |
279 | ||
dacd6cee LP |
280 | r = fflush_and_check(f); |
281 | if (r < 0) | |
282 | goto fail; | |
14c3baca | 283 | |
dacd6cee | 284 | if (rename(temp_path, u->state_file) < 0) { |
20263082 | 285 | r = -errno; |
dacd6cee | 286 | goto fail; |
20263082 LP |
287 | } |
288 | ||
dacd6cee LP |
289 | return 0; |
290 | ||
291 | fail: | |
292 | (void) unlink(u->state_file); | |
293 | ||
294 | if (temp_path) | |
295 | (void) unlink(temp_path); | |
14c3baca | 296 | |
dacd6cee | 297 | return log_error_errno(r, "Failed to save user data %s: %m", u->state_file); |
20263082 LP |
298 | } |
299 | ||
71161305 SM |
300 | int user_save(User *u) { |
301 | assert(u); | |
302 | ||
303 | if (!u->started) | |
304 | return 0; | |
305 | ||
8c29a457 | 306 | return user_save_internal(u); |
71161305 SM |
307 | } |
308 | ||
20263082 | 309 | int user_load(User *u) { |
9afe9efb | 310 | _cleanup_free_ char *realtime = NULL, *monotonic = NULL, *stopping = NULL, *last_session_timestamp = NULL; |
9444b1f2 | 311 | int r; |
20263082 LP |
312 | |
313 | assert(u); | |
314 | ||
aa8fbc74 | 315 | r = parse_env_file(NULL, u->state_file, |
9afe9efb LP |
316 | "SERVICE_JOB", &u->service_job, |
317 | "STOPPING", &stopping, | |
318 | "REALTIME", &realtime, | |
319 | "MONOTONIC", &monotonic, | |
13df9c39 | 320 | "LAST_SESSION_TIMESTAMP", &last_session_timestamp); |
1c8280fd LP |
321 | if (r == -ENOENT) |
322 | return 0; | |
323 | if (r < 0) | |
d710aaf7 | 324 | return log_error_errno(r, "Failed to read %s: %m", u->state_file); |
20263082 | 325 | |
d865bc02 LP |
326 | if (stopping) { |
327 | r = parse_boolean(stopping); | |
328 | if (r < 0) | |
329 | log_debug_errno(r, "Failed to parse 'STOPPING' boolean: %s", stopping); | |
330 | else | |
331 | u->stopping = r; | |
332 | } | |
333 | ||
b895a735 | 334 | if (realtime) |
d68c645b | 335 | (void) deserialize_usec(realtime, &u->timestamp.realtime); |
b895a735 | 336 | if (monotonic) |
d68c645b | 337 | (void) deserialize_usec(monotonic, &u->timestamp.monotonic); |
9afe9efb | 338 | if (last_session_timestamp) |
d68c645b | 339 | (void) deserialize_usec(last_session_timestamp, &u->last_session_timestamp); |
9444b1f2 | 340 | |
d865bc02 | 341 | return 0; |
20263082 LP |
342 | } |
343 | ||
25a1ab4e | 344 | static void user_start_service(User *u) { |
4afd3348 | 345 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; |
fb6becb4 LP |
346 | int r; |
347 | ||
20263082 LP |
348 | assert(u); |
349 | ||
25a1ab4e LP |
350 | /* Start the service containing the "systemd --user" instance (user@.service). Note that we don't explicitly |
351 | * start the per-user slice or the systemd-runtime-dir@.service instance, as those are pulled in both by | |
352 | * user@.service and the session scopes as dependencies. */ | |
353 | ||
b690ef12 | 354 | u->service_job = mfree(u->service_job); |
fb6becb4 | 355 | |
25a1ab4e | 356 | r = manager_start_unit(u->manager, u->service, &error, &u->service_job); |
545a30a9 | 357 | if (r < 0) |
25a1ab4e | 358 | log_warning_errno(r, "Failed to start user service '%s', ignoring: %s", u->service, bus_error_message(&error, r)); |
20263082 LP |
359 | } |
360 | ||
361 | int user_start(User *u) { | |
20263082 LP |
362 | assert(u); |
363 | ||
a832ab6f | 364 | if (u->started && !u->stopping) |
9418f147 LP |
365 | return 0; |
366 | ||
25a1ab4e LP |
367 | /* If u->stopping is set, the user is marked for removal and service stop-jobs are queued. We have to clear |
368 | * that flag before queing the start-jobs again. If they succeed, the user object can be re-used just fine | |
369 | * (pid1 takes care of job-ordering and proper restart), but if they fail, we want to force another user_stop() | |
370 | * so possibly pending units are stopped. */ | |
a832ab6f DH |
371 | u->stopping = false; |
372 | ||
a9f0f5e5 | 373 | if (!u->started) |
8b5c4d16 | 374 | log_debug("Starting services for new user %s.", u->name); |
a832ab6f | 375 | |
25a1ab4e LP |
376 | /* Save the user data so far, because pam_systemd will read the XDG_RUNTIME_DIR out of it while starting up |
377 | * systemd --user. We need to do user_save_internal() because we have not "officially" started yet. */ | |
71161305 SM |
378 | user_save_internal(u); |
379 | ||
25a1ab4e LP |
380 | /* Start user@UID.service */ |
381 | user_start_service(u); | |
20263082 | 382 | |
a832ab6f DH |
383 | if (!u->started) { |
384 | if (!dual_timestamp_is_set(&u->timestamp)) | |
385 | dual_timestamp_get(&u->timestamp); | |
386 | user_send_signal(u, true); | |
387 | u->started = true; | |
388 | } | |
9418f147 | 389 | |
7f7bb946 LP |
390 | /* Save new user data */ |
391 | user_save(u); | |
392 | ||
20263082 LP |
393 | return 0; |
394 | } | |
395 | ||
25a1ab4e | 396 | static void user_stop_service(User *u) { |
4afd3348 | 397 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; |
fb6becb4 | 398 | int r; |
20263082 | 399 | |
20263082 | 400 | assert(u); |
25a1ab4e | 401 | assert(u->service); |
20263082 | 402 | |
25a1ab4e LP |
403 | /* The reverse of user_start_service(). Note that we only stop user@UID.service here, and let StopWhenUnneeded= |
404 | * deal with the slice and the user-runtime-dir@.service instance. */ | |
20263082 | 405 | |
25a1ab4e | 406 | u->service_job = mfree(u->service_job); |
20263082 | 407 | |
25a1ab4e | 408 | r = manager_stop_unit(u->manager, u->service, &error, &u->service_job); |
fb2367ed | 409 | if (r < 0) |
25a1ab4e | 410 | log_warning_errno(r, "Failed to stop user service '%s', ignoring: %s", u->service, bus_error_message(&error, r)); |
fb6becb4 | 411 | } |
20263082 | 412 | |
9bb69af4 | 413 | int user_stop(User *u, bool force) { |
20263082 | 414 | Session *s; |
25a1ab4e | 415 | int r = 0; |
20263082 LP |
416 | assert(u); |
417 | ||
25a1ab4e LP |
418 | /* This is called whenever we begin with tearing down a user record. It's called in two cases: explicit API |
419 | * request to do so via the bus (in which case 'force' is true) and automatically due to GC, if there's no | |
420 | * session left pinning it (in which case 'force' is false). Note that this just initiates tearing down of the | |
421 | * user, the User object will remain in memory until user_finalize() is called, see below. */ | |
422 | ||
423 | if (!u->started) | |
424 | return 0; | |
425 | ||
426 | if (u->stopping) { /* Stop jobs have already been queued */ | |
b58b227a | 427 | user_save(u); |
25a1ab4e | 428 | return 0; |
b58b227a DH |
429 | } |
430 | ||
20263082 | 431 | LIST_FOREACH(sessions_by_user, s, u->sessions) { |
25a1ab4e LP |
432 | int k; |
433 | ||
9bb69af4 | 434 | k = session_stop(s, force); |
20263082 LP |
435 | if (k < 0) |
436 | r = k; | |
437 | } | |
438 | ||
25a1ab4e | 439 | user_stop_service(u); |
20263082 | 440 | |
5f41d1f1 LP |
441 | u->stopping = true; |
442 | ||
405e0255 LP |
443 | user_save(u); |
444 | ||
445 | return r; | |
446 | } | |
447 | ||
448 | int user_finalize(User *u) { | |
449 | Session *s; | |
450 | int r = 0, k; | |
451 | ||
452 | assert(u); | |
453 | ||
25a1ab4e LP |
454 | /* Called when the user is really ready to be freed, i.e. when all unit stop jobs and suchlike for it are |
455 | * done. This is called as a result of an earlier user_done() when all jobs are completed. */ | |
456 | ||
405e0255 LP |
457 | if (u->started) |
458 | log_debug("User %s logged out.", u->name); | |
459 | ||
460 | LIST_FOREACH(sessions_by_user, s, u->sessions) { | |
461 | k = session_finalize(s); | |
462 | if (k < 0) | |
463 | r = k; | |
464 | } | |
465 | ||
00d9ef85 LP |
466 | /* Clean SysV + POSIX IPC objects, but only if this is not a system user. Background: in many setups cronjobs |
467 | * are run in full PAM and thus logind sessions, even if the code run doesn't belong to actual users but to | |
468 | * system components. Since enable RemoveIPC= globally for all users, we need to be a bit careful with such | |
469 | * cases, as we shouldn't accidentally remove a system service's IPC objects while it is running, just because | |
470 | * a cronjob running as the same user just finished. Hence: exclude system users generally from IPC clean-up, | |
471 | * and do it only for normal users. */ | |
ece877d4 | 472 | if (u->manager->remove_ipc && !uid_is_system(u->uid)) { |
00d9ef85 | 473 | k = clean_ipc_by_uid(u->uid); |
66cdd0f2 LP |
474 | if (k < 0) |
475 | r = k; | |
476 | } | |
477 | ||
75bbdf47 | 478 | (void) unlink(u->state_file); |
d2f92cdf LP |
479 | user_add_to_gc_queue(u); |
480 | ||
405e0255 | 481 | if (u->started) { |
ed18b08b | 482 | user_send_signal(u, false); |
405e0255 LP |
483 | u->started = false; |
484 | } | |
9418f147 | 485 | |
20263082 LP |
486 | return r; |
487 | } | |
488 | ||
a185c5aa LP |
489 | int user_get_idle_hint(User *u, dual_timestamp *t) { |
490 | Session *s; | |
491 | bool idle_hint = true; | |
5cb14b37 | 492 | dual_timestamp ts = DUAL_TIMESTAMP_NULL; |
a185c5aa LP |
493 | |
494 | assert(u); | |
495 | ||
496 | LIST_FOREACH(sessions_by_user, s, u->sessions) { | |
497 | dual_timestamp k; | |
498 | int ih; | |
499 | ||
500 | ih = session_get_idle_hint(s, &k); | |
501 | if (ih < 0) | |
502 | return ih; | |
503 | ||
504 | if (!ih) { | |
505 | if (!idle_hint) { | |
506 | if (k.monotonic < ts.monotonic) | |
507 | ts = k; | |
508 | } else { | |
509 | idle_hint = false; | |
510 | ts = k; | |
511 | } | |
512 | } else if (idle_hint) { | |
513 | ||
514 | if (k.monotonic > ts.monotonic) | |
515 | ts = k; | |
516 | } | |
517 | } | |
518 | ||
519 | if (t) | |
520 | *t = ts; | |
521 | ||
522 | return idle_hint; | |
523 | } | |
524 | ||
3a9f7a30 | 525 | int user_check_linger_file(User *u) { |
cc377381 LP |
526 | _cleanup_free_ char *cc = NULL; |
527 | char *p = NULL; | |
e96cd586 | 528 | |
cc377381 LP |
529 | cc = cescape(u->name); |
530 | if (!cc) | |
e96cd586 LP |
531 | return -ENOMEM; |
532 | ||
63c372cb | 533 | p = strjoina("/var/lib/systemd/linger/", cc); |
6996df9b LP |
534 | if (access(p, F_OK) < 0) { |
535 | if (errno != ENOENT) | |
536 | return -errno; | |
e96cd586 | 537 | |
6996df9b LP |
538 | return false; |
539 | } | |
540 | ||
541 | return true; | |
e96cd586 LP |
542 | } |
543 | ||
4e5b605a LP |
544 | static bool user_unit_active(User *u) { |
545 | const char *i; | |
546 | int r; | |
547 | ||
548 | assert(u->service); | |
549 | assert(u->runtime_dir_service); | |
550 | assert(u->slice); | |
551 | ||
552 | FOREACH_STRING(i, u->service, u->runtime_dir_service, u->slice) { | |
553 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; | |
554 | ||
555 | r = manager_unit_is_active(u->manager, i, &error); | |
556 | if (r < 0) | |
557 | log_debug_errno(r, "Failed to determine whether unit '%s' is active, ignoring: %s", u->service, bus_error_message(&error, r)); | |
558 | if (r != 0) | |
559 | return true; | |
560 | } | |
561 | ||
562 | return false; | |
563 | } | |
564 | ||
5c093a23 | 565 | bool user_may_gc(User *u, bool drop_not_started) { |
bd26aee1 LP |
566 | int r; |
567 | ||
20263082 LP |
568 | assert(u); |
569 | ||
4a4b033f | 570 | if (drop_not_started && !u->started) |
5c093a23 | 571 | return true; |
932e3ee7 | 572 | |
20263082 | 573 | if (u->sessions) |
5c093a23 | 574 | return false; |
20263082 | 575 | |
9afe9efb LP |
576 | if (u->last_session_timestamp != USEC_INFINITY) { |
577 | /* All sessions have been closed. Let's see if we shall leave the user record around for a bit */ | |
578 | ||
579 | if (u->manager->user_stop_delay == USEC_INFINITY) | |
580 | return false; /* Leave it around forever! */ | |
581 | if (u->manager->user_stop_delay > 0 && | |
582 | now(CLOCK_MONOTONIC) < usec_add(u->last_session_timestamp, u->manager->user_stop_delay)) | |
583 | return false; /* Leave it around for a bit longer. */ | |
584 | } | |
585 | ||
4e5b605a LP |
586 | /* Is this a user that shall stay around forever ("linger")? Before we say "no" to GC'ing for lingering users, let's check |
587 | * if any of the three units that we maintain for this user is still around. If none of them is, | |
588 | * there's no need to keep this user around even if lingering is enabled. */ | |
589 | if (user_check_linger_file(u) > 0 && user_unit_active(u)) | |
5c093a23 | 590 | return false; |
20263082 | 591 | |
bd26aee1 LP |
592 | /* Check if our job is still pending */ |
593 | if (u->service_job) { | |
594 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; | |
cc377381 | 595 | |
bd26aee1 LP |
596 | r = manager_job_is_active(u->manager, u->service_job, &error); |
597 | if (r < 0) | |
598 | log_debug_errno(r, "Failed to determine whether job '%s' is pending, ignoring: %s", u->service_job, bus_error_message(&error, r)); | |
599 | if (r != 0) | |
600 | return false; | |
601 | } | |
602 | ||
603 | /* Note that we don't care if the three units we manage for each user object are up or not, as we are managing | |
604 | * their state rather than tracking it. */ | |
405e0255 | 605 | |
5c093a23 | 606 | return true; |
20263082 LP |
607 | } |
608 | ||
14c3baca LP |
609 | void user_add_to_gc_queue(User *u) { |
610 | assert(u); | |
611 | ||
612 | if (u->in_gc_queue) | |
613 | return; | |
614 | ||
71fda00f | 615 | LIST_PREPEND(gc_queue, u->manager->user_gc_queue, u); |
14c3baca LP |
616 | u->in_gc_queue = true; |
617 | } | |
618 | ||
20263082 LP |
619 | UserState user_get_state(User *u) { |
620 | Session *i; | |
621 | ||
622 | assert(u); | |
623 | ||
5f41d1f1 LP |
624 | if (u->stopping) |
625 | return USER_CLOSING; | |
626 | ||
25a1ab4e | 627 | if (!u->started || u->service_job) |
405e0255 | 628 | return USER_OPENING; |
c9caad80 | 629 | |
5f41d1f1 LP |
630 | if (u->sessions) { |
631 | bool all_closing = true; | |
632 | ||
633 | LIST_FOREACH(sessions_by_user, i, u->sessions) { | |
00555a2e DH |
634 | SessionState state; |
635 | ||
636 | state = session_get_state(i); | |
637 | if (state == SESSION_ACTIVE) | |
5f41d1f1 | 638 | return USER_ACTIVE; |
00555a2e | 639 | if (state != SESSION_CLOSING) |
5f41d1f1 LP |
640 | all_closing = false; |
641 | } | |
20263082 | 642 | |
c9caad80 | 643 | return all_closing ? USER_CLOSING : USER_ONLINE; |
5f41d1f1 | 644 | } |
e96cd586 | 645 | |
4e5b605a | 646 | if (user_check_linger_file(u) > 0 && user_unit_active(u)) |
e96cd586 LP |
647 | return USER_LINGERING; |
648 | ||
649 | return USER_CLOSING; | |
20263082 LP |
650 | } |
651 | ||
de07ab16 | 652 | int user_kill(User *u, int signo) { |
de07ab16 LP |
653 | assert(u); |
654 | ||
fb6becb4 | 655 | return manager_kill_unit(u->manager, u->slice, KILL_ALL, signo, NULL); |
de07ab16 LP |
656 | } |
657 | ||
cde40acc | 658 | static bool elect_display_filter(Session *s) { |
04857cd8 | 659 | /* Return true if the session is a candidate for the user’s ‘primary session’ or ‘display’. */ |
7ffeb45c PW |
660 | assert(s); |
661 | ||
04857cd8 | 662 | return s->class == SESSION_USER && s->started && !s->stopping; |
7ffeb45c PW |
663 | } |
664 | ||
cde40acc | 665 | static int elect_display_compare(Session *s1, Session *s2) { |
7ffeb45c PW |
666 | /* Indexed by SessionType. Lower numbers mean more preferred. */ |
667 | const int type_ranks[_SESSION_TYPE_MAX] = { | |
668 | [SESSION_UNSPECIFIED] = 0, | |
669 | [SESSION_TTY] = -2, | |
670 | [SESSION_X11] = -3, | |
671 | [SESSION_WAYLAND] = -3, | |
672 | [SESSION_MIR] = -3, | |
673 | [SESSION_WEB] = -1, | |
674 | }; | |
675 | ||
676 | /* Calculate the partial order relationship between s1 and s2, | |
677 | * returning < 0 if s1 is preferred as the user’s ‘primary session’, | |
678 | * 0 if s1 and s2 are equally preferred or incomparable, or > 0 if s2 | |
679 | * is preferred. | |
680 | * | |
681 | * s1 or s2 may be NULL. */ | |
b9460fdc RC |
682 | if (!s1 && !s2) |
683 | return 0; | |
684 | ||
7ffeb45c PW |
685 | if ((s1 == NULL) != (s2 == NULL)) |
686 | return (s1 == NULL) - (s2 == NULL); | |
687 | ||
688 | if (s1->stopping != s2->stopping) | |
689 | return s1->stopping - s2->stopping; | |
690 | ||
691 | if ((s1->class != SESSION_USER) != (s2->class != SESSION_USER)) | |
692 | return (s1->class != SESSION_USER) - (s2->class != SESSION_USER); | |
693 | ||
694 | if ((s1->type == _SESSION_TYPE_INVALID) != (s2->type == _SESSION_TYPE_INVALID)) | |
695 | return (s1->type == _SESSION_TYPE_INVALID) - (s2->type == _SESSION_TYPE_INVALID); | |
696 | ||
697 | if (s1->type != s2->type) | |
698 | return type_ranks[s1->type] - type_ranks[s2->type]; | |
699 | ||
700 | return 0; | |
701 | } | |
702 | ||
952d3260 | 703 | void user_elect_display(User *u) { |
7ffeb45c | 704 | Session *s; |
952d3260 LP |
705 | |
706 | assert(u); | |
707 | ||
04857cd8 LP |
708 | /* This elects a primary session for each user, which we call the "display". We try to keep the assignment |
709 | * stable, but we "upgrade" to better choices. */ | |
7ffeb45c | 710 | log_debug("Electing new display for user %s", u->name); |
952d3260 LP |
711 | |
712 | LIST_FOREACH(sessions_by_user, s, u->sessions) { | |
7ffeb45c PW |
713 | if (!elect_display_filter(s)) { |
714 | log_debug("Ignoring session %s", s->id); | |
952d3260 | 715 | continue; |
7ffeb45c | 716 | } |
952d3260 | 717 | |
7ffeb45c PW |
718 | if (elect_display_compare(s, u->display) < 0) { |
719 | log_debug("Choosing session %s in preference to %s", s->id, u->display ? u->display->id : "-"); | |
720 | u->display = s; | |
721 | } | |
e9e74f28 | 722 | } |
952d3260 LP |
723 | } |
724 | ||
9afe9efb LP |
725 | static int user_stop_timeout_callback(sd_event_source *es, uint64_t usec, void *userdata) { |
726 | User *u = userdata; | |
727 | ||
728 | assert(u); | |
729 | user_add_to_gc_queue(u); | |
730 | ||
731 | return 0; | |
732 | } | |
733 | ||
734 | void user_update_last_session_timer(User *u) { | |
735 | int r; | |
736 | ||
737 | assert(u); | |
738 | ||
739 | if (u->sessions) { | |
740 | /* There are sessions, turn off the timer */ | |
741 | u->last_session_timestamp = USEC_INFINITY; | |
742 | u->timer_event_source = sd_event_source_unref(u->timer_event_source); | |
743 | return; | |
744 | } | |
745 | ||
746 | if (u->last_session_timestamp != USEC_INFINITY) | |
747 | return; /* Timer already started */ | |
748 | ||
749 | u->last_session_timestamp = now(CLOCK_MONOTONIC); | |
750 | ||
751 | assert(!u->timer_event_source); | |
752 | ||
753 | if (u->manager->user_stop_delay == 0 || u->manager->user_stop_delay == USEC_INFINITY) | |
754 | return; | |
755 | ||
756 | if (sd_event_get_state(u->manager->event) == SD_EVENT_FINISHED) { | |
757 | log_debug("Not allocating user stop timeout, since we are already exiting."); | |
758 | return; | |
759 | } | |
760 | ||
761 | r = sd_event_add_time(u->manager->event, | |
762 | &u->timer_event_source, | |
763 | CLOCK_MONOTONIC, | |
764 | usec_add(u->last_session_timestamp, u->manager->user_stop_delay), 0, | |
765 | user_stop_timeout_callback, u); | |
766 | if (r < 0) | |
767 | log_warning_errno(r, "Failed to enqueue user stop event source, ignoring: %m"); | |
768 | ||
769 | if (DEBUG_LOGGING) { | |
770 | char s[FORMAT_TIMESPAN_MAX]; | |
771 | ||
772 | log_debug("Last session of user '%s' logged out, terminating user context in %s.", | |
773 | u->name, | |
774 | format_timespan(s, sizeof(s), u->manager->user_stop_delay, USEC_PER_MSEC)); | |
775 | } | |
776 | } | |
777 | ||
20263082 LP |
778 | static const char* const user_state_table[_USER_STATE_MAX] = { |
779 | [USER_OFFLINE] = "offline", | |
fb6becb4 | 780 | [USER_OPENING] = "opening", |
20263082 LP |
781 | [USER_LINGERING] = "lingering", |
782 | [USER_ONLINE] = "online", | |
e96cd586 LP |
783 | [USER_ACTIVE] = "active", |
784 | [USER_CLOSING] = "closing" | |
20263082 LP |
785 | }; |
786 | ||
787 | DEFINE_STRING_TABLE_LOOKUP(user_state, UserState); | |
1c231f56 LP |
788 | |
789 | int config_parse_tmpfs_size( | |
790 | const char* unit, | |
791 | const char *filename, | |
792 | unsigned line, | |
793 | const char *section, | |
794 | unsigned section_line, | |
795 | const char *lvalue, | |
796 | int ltype, | |
797 | const char *rvalue, | |
798 | void *data, | |
799 | void *userdata) { | |
800 | ||
a7b46b7d | 801 | uint64_t *sz = data; |
1c231f56 LP |
802 | int r; |
803 | ||
804 | assert(filename); | |
805 | assert(lvalue); | |
806 | assert(rvalue); | |
807 | assert(data); | |
808 | ||
9184ca48 | 809 | /* First, try to parse as percentage */ |
f806dfd3 LP |
810 | r = parse_permille(rvalue); |
811 | if (r > 0 && r < 1000) | |
812 | *sz = physical_memory_scale(r, 1000U); | |
9184ca48 | 813 | else { |
59f448cf | 814 | uint64_t k; |
1c231f56 | 815 | |
9184ca48 LP |
816 | /* If the passed argument was not a percentage, or out of range, parse as byte size */ |
817 | ||
59f448cf | 818 | r = parse_size(rvalue, 1024, &k); |
1e5f4e8b YW |
819 | if (r >= 0 && (k <= 0 || (uint64_t) (size_t) k != k)) |
820 | r = -ERANGE; | |
821 | if (r < 0) { | |
822 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse size value '%s', ignoring: %m", rvalue); | |
1c231f56 LP |
823 | return 0; |
824 | } | |
825 | ||
59f448cf | 826 | *sz = PAGE_ALIGN((size_t) k); |
1c231f56 LP |
827 | } |
828 | ||
829 | return 0; | |
830 | } | |
c06eec15 | 831 | |
28414939 ZJS |
832 | int config_parse_compat_user_tasks_max( |
833 | const char *unit, | |
c06eec15 LP |
834 | const char *filename, |
835 | unsigned line, | |
836 | const char *section, | |
837 | unsigned section_line, | |
838 | const char *lvalue, | |
839 | int ltype, | |
840 | const char *rvalue, | |
841 | void *data, | |
842 | void *userdata) { | |
843 | ||
c06eec15 LP |
844 | assert(filename); |
845 | assert(lvalue); | |
846 | assert(rvalue); | |
847 | assert(data); | |
848 | ||
28414939 ZJS |
849 | log_syntax(unit, LOG_NOTICE, filename, line, 0, |
850 | "Support for option %s= has been removed.", | |
851 | lvalue); | |
948f7ce4 | 852 | log_info("Hint: try creating /etc/systemd/system/user-.slice.d/50-limits.conf with:\n" |
28414939 ZJS |
853 | " [Slice]\n" |
854 | " TasksMax=%s", | |
855 | rvalue); | |
c06eec15 LP |
856 | return 0; |
857 | } |