]>
Commit | Line | Data |
---|---|---|
20263082 LP |
1 | /*** |
2 | This file is part of systemd. | |
3 | ||
4 | Copyright 2011 Lennart Poettering | |
5 | ||
6 | systemd is free software; you can redistribute it and/or modify it | |
5430f7f2 LP |
7 | under the terms of the GNU Lesser General Public License as published by |
8 | the Free Software Foundation; either version 2.1 of the License, or | |
20263082 LP |
9 | (at your option) any later version. |
10 | ||
11 | systemd is distributed in the hope that it will be useful, but | |
12 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
5430f7f2 | 14 | Lesser General Public License for more details. |
20263082 | 15 | |
5430f7f2 | 16 | You should have received a copy of the GNU Lesser General Public License |
20263082 LP |
17 | along with systemd; If not, see <http://www.gnu.org/licenses/>. |
18 | ***/ | |
19 | ||
4f5dd394 | 20 | #include <errno.h> |
20263082 | 21 | #include <string.h> |
4f5dd394 | 22 | #include <sys/mount.h> |
20263082 | 23 | #include <unistd.h> |
20263082 | 24 | |
b5efdb8a | 25 | #include "alloc-util.h" |
90558f31 | 26 | #include "bus-common-errors.h" |
cc377381 | 27 | #include "bus-error.h" |
4f5dd394 | 28 | #include "bus-util.h" |
f5058264 | 29 | #include "cgroup-util.h" |
66cdd0f2 | 30 | #include "clean-ipc.h" |
4f5dd394 LP |
31 | #include "conf-parser.h" |
32 | #include "escape.h" | |
3ffd4af2 | 33 | #include "fd-util.h" |
4f5dd394 | 34 | #include "fileio.h" |
f97b34a6 | 35 | #include "format-util.h" |
f4f15635 | 36 | #include "fs-util.h" |
4f5dd394 | 37 | #include "hashmap.h" |
9e281beb | 38 | #include "label.h" |
3ffd4af2 | 39 | #include "logind-user.h" |
4f5dd394 | 40 | #include "mkdir.h" |
4349cd7c | 41 | #include "mount-util.h" |
6bedfcbb | 42 | #include "parse-util.h" |
4f5dd394 LP |
43 | #include "path-util.h" |
44 | #include "rm-rf.h" | |
45 | #include "smack-util.h" | |
46 | #include "special.h" | |
90558f31 | 47 | #include "stdio-util.h" |
8b43440b | 48 | #include "string-table.h" |
4f5dd394 | 49 | #include "unit-name.h" |
ee104e11 | 50 | #include "user-util.h" |
4f5dd394 | 51 | #include "util.h" |
20263082 | 52 | |
157f5057 DH |
53 | int user_new(User **out, Manager *m, uid_t uid, gid_t gid, const char *name) { |
54 | _cleanup_(user_freep) User *u = NULL; | |
6230bf75 | 55 | char lu[DECIMAL_STR_MAX(uid_t) + 1]; |
6230bf75 | 56 | int r; |
20263082 | 57 | |
157f5057 | 58 | assert(out); |
20263082 LP |
59 | assert(m); |
60 | assert(name); | |
61 | ||
14c3baca | 62 | u = new0(User, 1); |
20263082 | 63 | if (!u) |
157f5057 DH |
64 | return -ENOMEM; |
65 | ||
66 | u->manager = m; | |
67 | u->uid = uid; | |
68 | u->gid = gid; | |
b690ef12 | 69 | xsprintf(lu, UID_FMT, uid); |
20263082 LP |
70 | |
71 | u->name = strdup(name); | |
9444b1f2 | 72 | if (!u->name) |
157f5057 | 73 | return -ENOMEM; |
20263082 | 74 | |
de0671ee | 75 | if (asprintf(&u->state_file, "/run/systemd/users/"UID_FMT, uid) < 0) |
157f5057 | 76 | return -ENOMEM; |
20263082 | 77 | |
f9e4283d | 78 | if (asprintf(&u->runtime_path, "/run/user/"UID_FMT, uid) < 0) |
157f5057 | 79 | return -ENOMEM; |
f9e4283d | 80 | |
6230bf75 DH |
81 | r = slice_build_subslice(SPECIAL_USER_SLICE, lu, &u->slice); |
82 | if (r < 0) | |
157f5057 | 83 | return r; |
6230bf75 | 84 | |
b690ef12 DH |
85 | r = unit_name_build("user", lu, ".service", &u->service); |
86 | if (r < 0) | |
87 | return r; | |
88 | ||
157f5057 DH |
89 | r = hashmap_put(m->users, UID_TO_PTR(uid), u); |
90 | if (r < 0) | |
91 | return r; | |
20263082 | 92 | |
157f5057 DH |
93 | r = hashmap_put(m->user_units, u->slice, u); |
94 | if (r < 0) | |
95 | return r; | |
9444b1f2 | 96 | |
b690ef12 DH |
97 | r = hashmap_put(m->user_units, u->service, u); |
98 | if (r < 0) | |
99 | return r; | |
100 | ||
157f5057 DH |
101 | *out = u; |
102 | u = NULL; | |
103 | return 0; | |
20263082 LP |
104 | } |
105 | ||
157f5057 DH |
106 | User *user_free(User *u) { |
107 | if (!u) | |
108 | return NULL; | |
20263082 | 109 | |
14c3baca | 110 | if (u->in_gc_queue) |
71fda00f | 111 | LIST_REMOVE(gc_queue, u->manager->user_gc_queue, u); |
14c3baca | 112 | |
20263082 LP |
113 | while (u->sessions) |
114 | session_free(u->sessions); | |
115 | ||
157f5057 DH |
116 | if (u->service) |
117 | hashmap_remove_value(u->manager->user_units, u->service, u); | |
118 | ||
119 | if (u->slice) | |
120 | hashmap_remove_value(u->manager->user_units, u->slice, u); | |
fb6becb4 | 121 | |
157f5057 | 122 | hashmap_remove_value(u->manager->users, UID_TO_PTR(u->uid), u); |
6230bf75 | 123 | |
157f5057 DH |
124 | u->slice_job = mfree(u->slice_job); |
125 | u->service_job = mfree(u->service_job); | |
fb6becb4 | 126 | |
157f5057 DH |
127 | u->service = mfree(u->service); |
128 | u->slice = mfree(u->slice); | |
129 | u->runtime_path = mfree(u->runtime_path); | |
130 | u->state_file = mfree(u->state_file); | |
131 | u->name = mfree(u->name); | |
20263082 | 132 | |
157f5057 | 133 | return mfree(u); |
20263082 LP |
134 | } |
135 | ||
71161305 | 136 | static int user_save_internal(User *u) { |
9444b1f2 LP |
137 | _cleanup_free_ char *temp_path = NULL; |
138 | _cleanup_fclose_ FILE *f = NULL; | |
20263082 LP |
139 | int r; |
140 | ||
141 | assert(u); | |
142 | assert(u->state_file); | |
143 | ||
d2e54fae | 144 | r = mkdir_safe_label("/run/systemd/users", 0755, 0, 0); |
20263082 | 145 | if (r < 0) |
dacd6cee | 146 | goto fail; |
20263082 | 147 | |
14c3baca LP |
148 | r = fopen_temporary(u->state_file, &f, &temp_path); |
149 | if (r < 0) | |
dacd6cee | 150 | goto fail; |
14c3baca LP |
151 | |
152 | fchmod(fileno(f), 0644); | |
20263082 LP |
153 | |
154 | fprintf(f, | |
14c3baca | 155 | "# This is private data. Do not parse.\n" |
20263082 LP |
156 | "NAME=%s\n" |
157 | "STATE=%s\n", | |
158 | u->name, | |
159 | user_state_to_string(user_get_state(u))); | |
160 | ||
f9e4283d | 161 | /* LEGACY: no-one reads RUNTIME= anymore, drop it at some point */ |
20263082 | 162 | if (u->runtime_path) |
9444b1f2 | 163 | fprintf(f, "RUNTIME=%s\n", u->runtime_path); |
20263082 | 164 | |
fb6becb4 LP |
165 | if (u->service_job) |
166 | fprintf(f, "SERVICE_JOB=%s\n", u->service_job); | |
9444b1f2 | 167 | |
fb6becb4 LP |
168 | if (u->slice_job) |
169 | fprintf(f, "SLICE_JOB=%s\n", u->slice_job); | |
20263082 LP |
170 | |
171 | if (u->display) | |
9444b1f2 LP |
172 | fprintf(f, "DISPLAY=%s\n", u->display->id); |
173 | ||
174 | if (dual_timestamp_is_set(&u->timestamp)) | |
20263082 | 175 | fprintf(f, |
90b2de37 ZJS |
176 | "REALTIME="USEC_FMT"\n" |
177 | "MONOTONIC="USEC_FMT"\n", | |
178 | u->timestamp.realtime, | |
179 | u->timestamp.monotonic); | |
20263082 | 180 | |
034a2a52 LP |
181 | if (u->sessions) { |
182 | Session *i; | |
9b958eff | 183 | bool first; |
034a2a52 | 184 | |
4b61c875 | 185 | fputs_unlocked("SESSIONS=", f); |
9b958eff | 186 | first = true; |
034a2a52 | 187 | LIST_FOREACH(sessions_by_user, i, u->sessions) { |
9b958eff LP |
188 | if (first) |
189 | first = false; | |
190 | else | |
4b61c875 | 191 | fputc_unlocked(' ', f); |
9b958eff | 192 | |
4b61c875 | 193 | fputs_unlocked(i->id, f); |
034a2a52 LP |
194 | } |
195 | ||
4b61c875 | 196 | fputs_unlocked("\nSEATS=", f); |
9b958eff | 197 | first = true; |
034a2a52 | 198 | LIST_FOREACH(sessions_by_user, i, u->sessions) { |
9b958eff LP |
199 | if (!i->seat) |
200 | continue; | |
201 | ||
202 | if (first) | |
203 | first = false; | |
204 | else | |
4b61c875 | 205 | fputc_unlocked(' ', f); |
9b958eff | 206 | |
4b61c875 | 207 | fputs_unlocked(i->seat->id, f); |
034a2a52 LP |
208 | } |
209 | ||
4b61c875 | 210 | fputs_unlocked("\nACTIVE_SESSIONS=", f); |
9b958eff LP |
211 | first = true; |
212 | LIST_FOREACH(sessions_by_user, i, u->sessions) { | |
213 | if (!session_is_active(i)) | |
214 | continue; | |
215 | ||
216 | if (first) | |
217 | first = false; | |
218 | else | |
4b61c875 | 219 | fputc_unlocked(' ', f); |
9b958eff | 220 | |
4b61c875 | 221 | fputs_unlocked(i->id, f); |
9b958eff | 222 | } |
034a2a52 | 223 | |
4b61c875 | 224 | fputs_unlocked("\nONLINE_SESSIONS=", f); |
2dc8f41a CG |
225 | first = true; |
226 | LIST_FOREACH(sessions_by_user, i, u->sessions) { | |
227 | if (session_get_state(i) == SESSION_CLOSING) | |
228 | continue; | |
229 | ||
230 | if (first) | |
231 | first = false; | |
232 | else | |
4b61c875 | 233 | fputc_unlocked(' ', f); |
2dc8f41a | 234 | |
4b61c875 | 235 | fputs_unlocked(i->id, f); |
2dc8f41a CG |
236 | } |
237 | ||
4b61c875 | 238 | fputs_unlocked("\nACTIVE_SEATS=", f); |
9b958eff | 239 | first = true; |
034a2a52 | 240 | LIST_FOREACH(sessions_by_user, i, u->sessions) { |
9b958eff LP |
241 | if (!session_is_active(i) || !i->seat) |
242 | continue; | |
243 | ||
244 | if (first) | |
245 | first = false; | |
246 | else | |
4b61c875 | 247 | fputc_unlocked(' ', f); |
47acb2f1 | 248 | |
4b61c875 | 249 | fputs_unlocked(i->seat->id, f); |
034a2a52 | 250 | } |
2dc8f41a | 251 | |
4b61c875 | 252 | fputs_unlocked("\nONLINE_SEATS=", f); |
2dc8f41a CG |
253 | first = true; |
254 | LIST_FOREACH(sessions_by_user, i, u->sessions) { | |
255 | if (session_get_state(i) == SESSION_CLOSING || !i->seat) | |
256 | continue; | |
257 | ||
258 | if (first) | |
259 | first = false; | |
260 | else | |
4b61c875 | 261 | fputc_unlocked(' ', f); |
2dc8f41a | 262 | |
4b61c875 | 263 | fputs_unlocked(i->seat->id, f); |
2dc8f41a | 264 | } |
4b61c875 | 265 | fputc_unlocked('\n', f); |
034a2a52 LP |
266 | } |
267 | ||
dacd6cee LP |
268 | r = fflush_and_check(f); |
269 | if (r < 0) | |
270 | goto fail; | |
14c3baca | 271 | |
dacd6cee | 272 | if (rename(temp_path, u->state_file) < 0) { |
20263082 | 273 | r = -errno; |
dacd6cee | 274 | goto fail; |
20263082 LP |
275 | } |
276 | ||
dacd6cee LP |
277 | return 0; |
278 | ||
279 | fail: | |
280 | (void) unlink(u->state_file); | |
281 | ||
282 | if (temp_path) | |
283 | (void) unlink(temp_path); | |
14c3baca | 284 | |
dacd6cee | 285 | return log_error_errno(r, "Failed to save user data %s: %m", u->state_file); |
20263082 LP |
286 | } |
287 | ||
71161305 SM |
288 | int user_save(User *u) { |
289 | assert(u); | |
290 | ||
291 | if (!u->started) | |
292 | return 0; | |
293 | ||
294 | return user_save_internal (u); | |
295 | } | |
296 | ||
20263082 | 297 | int user_load(User *u) { |
9444b1f2 | 298 | _cleanup_free_ char *display = NULL, *realtime = NULL, *monotonic = NULL; |
98a28fef | 299 | Session *s = NULL; |
9444b1f2 | 300 | int r; |
20263082 LP |
301 | |
302 | assert(u); | |
303 | ||
a185c5aa | 304 | r = parse_env_file(u->state_file, NEWLINE, |
fb6becb4 | 305 | "SERVICE_JOB", &u->service_job, |
fb6becb4 LP |
306 | "SLICE_JOB", &u->slice_job, |
307 | "DISPLAY", &display, | |
308 | "REALTIME", &realtime, | |
309 | "MONOTONIC", &monotonic, | |
20263082 LP |
310 | NULL); |
311 | if (r < 0) { | |
20263082 LP |
312 | if (r == -ENOENT) |
313 | return 0; | |
314 | ||
d710aaf7 | 315 | return log_error_errno(r, "Failed to read %s: %m", u->state_file); |
20263082 LP |
316 | } |
317 | ||
9444b1f2 | 318 | if (display) |
98a28fef | 319 | s = hashmap_get(u->manager->sessions, display); |
20263082 | 320 | |
4d6d6518 | 321 | if (s && s->display && display_is_local(s->display)) |
20263082 LP |
322 | u->display = s; |
323 | ||
b895a735 BR |
324 | if (realtime) |
325 | timestamp_deserialize(realtime, &u->timestamp.realtime); | |
326 | if (monotonic) | |
327 | timestamp_deserialize(monotonic, &u->timestamp.monotonic); | |
9444b1f2 | 328 | |
20263082 LP |
329 | return r; |
330 | } | |
331 | ||
332 | static int user_mkdir_runtime_path(User *u) { | |
20263082 LP |
333 | int r; |
334 | ||
335 | assert(u); | |
336 | ||
d2e54fae | 337 | r = mkdir_safe_label("/run/user", 0755, 0, 0); |
f647962d MS |
338 | if (r < 0) |
339 | return log_error_errno(r, "Failed to create /run/user: %m"); | |
20263082 | 340 | |
e1873695 | 341 | if (path_is_mount_point(u->runtime_path, NULL, 0) <= 0) { |
1c231f56 LP |
342 | _cleanup_free_ char *t = NULL; |
343 | ||
f9e4283d | 344 | (void) mkdir_label(u->runtime_path, 0700); |
1c231f56 | 345 | |
6baa7db0 | 346 | if (mac_smack_use()) |
374738d5 LS |
347 | r = asprintf(&t, "mode=0700,smackfsroot=*,uid=" UID_FMT ",gid=" GID_FMT ",size=%zu", u->uid, u->gid, u->manager->runtime_dir_size); |
348 | else | |
349 | r = asprintf(&t, "mode=0700,uid=" UID_FMT ",gid=" GID_FMT ",size=%zu", u->uid, u->gid, u->manager->runtime_dir_size); | |
374738d5 | 350 | if (r < 0) { |
1c231f56 LP |
351 | r = log_oom(); |
352 | goto fail; | |
353 | } | |
354 | ||
f9e4283d | 355 | r = mount("tmpfs", u->runtime_path, "tmpfs", MS_NODEV|MS_NOSUID, t); |
1c231f56 | 356 | if (r < 0) { |
ec2ce0c5 | 357 | if (!IN_SET(errno, EPERM, EACCES)) { |
f9e4283d | 358 | r = log_error_errno(errno, "Failed to mount per-user tmpfs directory %s: %m", u->runtime_path); |
11c6476a CS |
359 | goto fail; |
360 | } | |
361 | ||
7dabbb55 | 362 | log_debug_errno(errno, "Failed to mount per-user tmpfs directory %s, assuming containerized execution, ignoring: %m", u->runtime_path); |
11c6476a | 363 | |
f9e4283d | 364 | r = chmod_and_chown(u->runtime_path, 0700, u->uid, u->gid); |
11c6476a CS |
365 | if (r < 0) { |
366 | log_error_errno(r, "Failed to change runtime directory ownership and mode: %m"); | |
367 | goto fail; | |
368 | } | |
1c231f56 | 369 | } |
9e281beb | 370 | |
f9e4283d | 371 | r = label_fix(u->runtime_path, false, false); |
9e281beb | 372 | if (r < 0) |
f9e4283d | 373 | log_warning_errno(r, "Failed to fix label of '%s', ignoring: %m", u->runtime_path); |
20263082 LP |
374 | } |
375 | ||
20263082 | 376 | return 0; |
1c231f56 LP |
377 | |
378 | fail: | |
f9e4283d DH |
379 | /* Try to clean up, but ignore errors */ |
380 | (void) rmdir(u->runtime_path); | |
1c231f56 | 381 | return r; |
20263082 LP |
382 | } |
383 | ||
fb6becb4 | 384 | static int user_start_slice(User *u) { |
4afd3348 | 385 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; |
6230bf75 DH |
386 | const char *description; |
387 | char *job; | |
20263082 LP |
388 | int r; |
389 | ||
390 | assert(u); | |
391 | ||
6230bf75 DH |
392 | u->slice_job = mfree(u->slice_job); |
393 | description = strjoina("User Slice of ", u->name); | |
394 | ||
395 | r = manager_start_slice( | |
396 | u->manager, | |
397 | u->slice, | |
398 | description, | |
399 | "systemd-logind.service", | |
400 | "systemd-user-sessions.service", | |
401 | u->manager->user_tasks_max, | |
402 | &error, | |
403 | &job); | |
2adae5ac | 404 | if (r >= 0) |
6230bf75 | 405 | u->slice_job = job; |
2adae5ac ZJS |
406 | else if (!sd_bus_error_has_name(&error, BUS_ERROR_UNIT_EXISTS)) |
407 | /* we don't fail due to this, let's try to continue */ | |
408 | log_error_errno(r, "Failed to start user slice %s, ignoring: %s (%s)", | |
409 | u->slice, bus_error_message(&error, r), error.name); | |
20263082 | 410 | |
20263082 LP |
411 | return 0; |
412 | } | |
413 | ||
414 | static int user_start_service(User *u) { | |
4afd3348 | 415 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; |
fb6becb4 LP |
416 | char *job; |
417 | int r; | |
418 | ||
20263082 LP |
419 | assert(u); |
420 | ||
b690ef12 | 421 | u->service_job = mfree(u->service_job); |
fb6becb4 | 422 | |
b690ef12 DH |
423 | r = manager_start_unit( |
424 | u->manager, | |
425 | u->service, | |
426 | &error, | |
427 | &job); | |
428 | if (r < 0) { | |
429 | /* we don't fail due to this, let's try to continue */ | |
430 | log_error_errno(r, "Failed to start user service, ignoring: %s", bus_error_message(&error, r)); | |
431 | } else { | |
432 | u->service_job = job; | |
fb6becb4 LP |
433 | } |
434 | ||
20263082 LP |
435 | return 0; |
436 | } | |
437 | ||
438 | int user_start(User *u) { | |
439 | int r; | |
440 | ||
441 | assert(u); | |
442 | ||
a832ab6f | 443 | if (u->started && !u->stopping) |
9418f147 LP |
444 | return 0; |
445 | ||
a832ab6f DH |
446 | /* |
447 | * If u->stopping is set, the user is marked for removal and the slice | |
448 | * and service stop-jobs are queued. We have to clear that flag before | |
449 | * queing the start-jobs again. If they succeed, the user object can be | |
450 | * re-used just fine (pid1 takes care of job-ordering and proper | |
451 | * restart), but if they fail, we want to force another user_stop() so | |
452 | * possibly pending units are stopped. | |
453 | * Note that we don't clear u->started, as we have no clue what state | |
454 | * the user is in on failure here. Hence, we pretend the user is | |
455 | * running so it will be properly taken down by GC. However, we clearly | |
456 | * return an error from user_start() in that case, so no further | |
457 | * reference to the user is taken. | |
458 | */ | |
459 | u->stopping = false; | |
460 | ||
461 | if (!u->started) { | |
462 | log_debug("New user %s logged in.", u->name); | |
463 | ||
464 | /* Make XDG_RUNTIME_DIR */ | |
465 | r = user_mkdir_runtime_path(u); | |
466 | if (r < 0) | |
467 | return r; | |
468 | } | |
20263082 LP |
469 | |
470 | /* Create cgroup */ | |
fb6becb4 | 471 | r = user_start_slice(u); |
20263082 LP |
472 | if (r < 0) |
473 | return r; | |
474 | ||
71161305 SM |
475 | /* Save the user data so far, because pam_systemd will read the |
476 | * XDG_RUNTIME_DIR out of it while starting up systemd --user. | |
477 | * We need to do user_save_internal() because we have not | |
478 | * "officially" started yet. */ | |
479 | user_save_internal(u); | |
480 | ||
20263082 LP |
481 | /* Spawn user systemd */ |
482 | r = user_start_service(u); | |
483 | if (r < 0) | |
484 | return r; | |
485 | ||
a832ab6f DH |
486 | if (!u->started) { |
487 | if (!dual_timestamp_is_set(&u->timestamp)) | |
488 | dual_timestamp_get(&u->timestamp); | |
489 | user_send_signal(u, true); | |
490 | u->started = true; | |
491 | } | |
9418f147 | 492 | |
7f7bb946 LP |
493 | /* Save new user data */ |
494 | user_save(u); | |
495 | ||
20263082 LP |
496 | return 0; |
497 | } | |
498 | ||
fb6becb4 | 499 | static int user_stop_slice(User *u) { |
4afd3348 | 500 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; |
fb6becb4 LP |
501 | char *job; |
502 | int r; | |
20263082 | 503 | |
20263082 LP |
504 | assert(u); |
505 | ||
fb6becb4 LP |
506 | r = manager_stop_unit(u->manager, u->slice, &error, &job); |
507 | if (r < 0) { | |
cc377381 | 508 | log_error("Failed to stop user slice: %s", bus_error_message(&error, r)); |
fb6becb4 LP |
509 | return r; |
510 | } | |
ed18b08b | 511 | |
fb6becb4 LP |
512 | free(u->slice_job); |
513 | u->slice_job = job; | |
ed18b08b | 514 | |
fb6becb4 | 515 | return r; |
20263082 LP |
516 | } |
517 | ||
fb6becb4 | 518 | static int user_stop_service(User *u) { |
4afd3348 | 519 | _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; |
fb6becb4 | 520 | char *job; |
20263082 | 521 | int r; |
20263082 LP |
522 | |
523 | assert(u); | |
524 | ||
fb6becb4 LP |
525 | r = manager_stop_unit(u->manager, u->service, &error, &job); |
526 | if (r < 0) { | |
cc377381 | 527 | log_error("Failed to stop user service: %s", bus_error_message(&error, r)); |
fb6becb4 LP |
528 | return r; |
529 | } | |
20263082 | 530 | |
fb6becb4 LP |
531 | free(u->service_job); |
532 | u->service_job = job; | |
20263082 | 533 | |
fb6becb4 LP |
534 | return r; |
535 | } | |
20263082 | 536 | |
20263082 LP |
537 | static int user_remove_runtime_path(User *u) { |
538 | int r; | |
539 | ||
540 | assert(u); | |
541 | ||
c6878637 | 542 | r = rm_rf(u->runtime_path, 0); |
1c231f56 | 543 | if (r < 0) |
da927ba9 | 544 | log_error_errno(r, "Failed to remove runtime directory %s: %m", u->runtime_path); |
1c231f56 | 545 | |
11c6476a CS |
546 | /* Ignore cases where the directory isn't mounted, as that's |
547 | * quite possible, if we lacked the permissions to mount | |
548 | * something */ | |
549 | r = umount2(u->runtime_path, MNT_DETACH); | |
4c701096 | 550 | if (r < 0 && !IN_SET(errno, EINVAL, ENOENT)) |
56f64d95 | 551 | log_error_errno(errno, "Failed to unmount user runtime directory %s: %m", u->runtime_path); |
1c231f56 | 552 | |
c6878637 | 553 | r = rm_rf(u->runtime_path, REMOVE_ROOT); |
20263082 | 554 | if (r < 0) |
da927ba9 | 555 | log_error_errno(r, "Failed to remove runtime directory %s: %m", u->runtime_path); |
20263082 | 556 | |
20263082 LP |
557 | return r; |
558 | } | |
559 | ||
9bb69af4 | 560 | int user_stop(User *u, bool force) { |
20263082 LP |
561 | Session *s; |
562 | int r = 0, k; | |
563 | assert(u); | |
564 | ||
b58b227a DH |
565 | /* Stop jobs have already been queued */ |
566 | if (u->stopping) { | |
567 | user_save(u); | |
568 | return r; | |
569 | } | |
570 | ||
20263082 | 571 | LIST_FOREACH(sessions_by_user, s, u->sessions) { |
9bb69af4 | 572 | k = session_stop(s, force); |
20263082 LP |
573 | if (k < 0) |
574 | r = k; | |
575 | } | |
576 | ||
577 | /* Kill systemd */ | |
578 | k = user_stop_service(u); | |
579 | if (k < 0) | |
580 | r = k; | |
581 | ||
582 | /* Kill cgroup */ | |
fb6becb4 | 583 | k = user_stop_slice(u); |
20263082 LP |
584 | if (k < 0) |
585 | r = k; | |
586 | ||
5f41d1f1 LP |
587 | u->stopping = true; |
588 | ||
405e0255 LP |
589 | user_save(u); |
590 | ||
591 | return r; | |
592 | } | |
593 | ||
594 | int user_finalize(User *u) { | |
595 | Session *s; | |
596 | int r = 0, k; | |
597 | ||
598 | assert(u); | |
599 | ||
600 | if (u->started) | |
601 | log_debug("User %s logged out.", u->name); | |
602 | ||
603 | LIST_FOREACH(sessions_by_user, s, u->sessions) { | |
604 | k = session_finalize(s); | |
605 | if (k < 0) | |
606 | r = k; | |
607 | } | |
608 | ||
20263082 LP |
609 | /* Kill XDG_RUNTIME_DIR */ |
610 | k = user_remove_runtime_path(u); | |
611 | if (k < 0) | |
612 | r = k; | |
613 | ||
00d9ef85 LP |
614 | /* Clean SysV + POSIX IPC objects, but only if this is not a system user. Background: in many setups cronjobs |
615 | * are run in full PAM and thus logind sessions, even if the code run doesn't belong to actual users but to | |
616 | * system components. Since enable RemoveIPC= globally for all users, we need to be a bit careful with such | |
617 | * cases, as we shouldn't accidentally remove a system service's IPC objects while it is running, just because | |
618 | * a cronjob running as the same user just finished. Hence: exclude system users generally from IPC clean-up, | |
619 | * and do it only for normal users. */ | |
620 | if (u->manager->remove_ipc && u->uid > SYSTEM_UID_MAX) { | |
621 | k = clean_ipc_by_uid(u->uid); | |
66cdd0f2 LP |
622 | if (k < 0) |
623 | r = k; | |
624 | } | |
625 | ||
d2f92cdf LP |
626 | unlink(u->state_file); |
627 | user_add_to_gc_queue(u); | |
628 | ||
405e0255 | 629 | if (u->started) { |
ed18b08b | 630 | user_send_signal(u, false); |
405e0255 LP |
631 | u->started = false; |
632 | } | |
9418f147 | 633 | |
20263082 LP |
634 | return r; |
635 | } | |
636 | ||
a185c5aa LP |
637 | int user_get_idle_hint(User *u, dual_timestamp *t) { |
638 | Session *s; | |
639 | bool idle_hint = true; | |
5cb14b37 | 640 | dual_timestamp ts = DUAL_TIMESTAMP_NULL; |
a185c5aa LP |
641 | |
642 | assert(u); | |
643 | ||
644 | LIST_FOREACH(sessions_by_user, s, u->sessions) { | |
645 | dual_timestamp k; | |
646 | int ih; | |
647 | ||
648 | ih = session_get_idle_hint(s, &k); | |
649 | if (ih < 0) | |
650 | return ih; | |
651 | ||
652 | if (!ih) { | |
653 | if (!idle_hint) { | |
654 | if (k.monotonic < ts.monotonic) | |
655 | ts = k; | |
656 | } else { | |
657 | idle_hint = false; | |
658 | ts = k; | |
659 | } | |
660 | } else if (idle_hint) { | |
661 | ||
662 | if (k.monotonic > ts.monotonic) | |
663 | ts = k; | |
664 | } | |
665 | } | |
666 | ||
667 | if (t) | |
668 | *t = ts; | |
669 | ||
670 | return idle_hint; | |
671 | } | |
672 | ||
3a9f7a30 | 673 | int user_check_linger_file(User *u) { |
cc377381 LP |
674 | _cleanup_free_ char *cc = NULL; |
675 | char *p = NULL; | |
e96cd586 | 676 | |
cc377381 LP |
677 | cc = cescape(u->name); |
678 | if (!cc) | |
e96cd586 LP |
679 | return -ENOMEM; |
680 | ||
63c372cb | 681 | p = strjoina("/var/lib/systemd/linger/", cc); |
e96cd586 | 682 | |
cc377381 | 683 | return access(p, F_OK) >= 0; |
e96cd586 LP |
684 | } |
685 | ||
cc377381 | 686 | bool user_check_gc(User *u, bool drop_not_started) { |
20263082 LP |
687 | assert(u); |
688 | ||
4a4b033f | 689 | if (drop_not_started && !u->started) |
cc377381 | 690 | return false; |
932e3ee7 | 691 | |
20263082 | 692 | if (u->sessions) |
cc377381 | 693 | return true; |
20263082 | 694 | |
e96cd586 | 695 | if (user_check_linger_file(u) > 0) |
cc377381 | 696 | return true; |
20263082 | 697 | |
cc377381 LP |
698 | if (u->slice_job && manager_job_is_active(u->manager, u->slice_job)) |
699 | return true; | |
700 | ||
701 | if (u->service_job && manager_job_is_active(u->manager, u->service_job)) | |
702 | return true; | |
405e0255 | 703 | |
cc377381 | 704 | return false; |
20263082 LP |
705 | } |
706 | ||
14c3baca LP |
707 | void user_add_to_gc_queue(User *u) { |
708 | assert(u); | |
709 | ||
710 | if (u->in_gc_queue) | |
711 | return; | |
712 | ||
71fda00f | 713 | LIST_PREPEND(gc_queue, u->manager->user_gc_queue, u); |
14c3baca LP |
714 | u->in_gc_queue = true; |
715 | } | |
716 | ||
20263082 LP |
717 | UserState user_get_state(User *u) { |
718 | Session *i; | |
719 | ||
720 | assert(u); | |
721 | ||
5f41d1f1 LP |
722 | if (u->stopping) |
723 | return USER_CLOSING; | |
724 | ||
71161305 | 725 | if (!u->started || u->slice_job || u->service_job) |
405e0255 | 726 | return USER_OPENING; |
c9caad80 | 727 | |
5f41d1f1 LP |
728 | if (u->sessions) { |
729 | bool all_closing = true; | |
730 | ||
731 | LIST_FOREACH(sessions_by_user, i, u->sessions) { | |
00555a2e DH |
732 | SessionState state; |
733 | ||
734 | state = session_get_state(i); | |
735 | if (state == SESSION_ACTIVE) | |
5f41d1f1 | 736 | return USER_ACTIVE; |
00555a2e | 737 | if (state != SESSION_CLOSING) |
5f41d1f1 LP |
738 | all_closing = false; |
739 | } | |
20263082 | 740 | |
c9caad80 | 741 | return all_closing ? USER_CLOSING : USER_ONLINE; |
5f41d1f1 | 742 | } |
e96cd586 LP |
743 | |
744 | if (user_check_linger_file(u) > 0) | |
745 | return USER_LINGERING; | |
746 | ||
747 | return USER_CLOSING; | |
20263082 LP |
748 | } |
749 | ||
de07ab16 | 750 | int user_kill(User *u, int signo) { |
de07ab16 LP |
751 | assert(u); |
752 | ||
fb6becb4 | 753 | return manager_kill_unit(u->manager, u->slice, KILL_ALL, signo, NULL); |
de07ab16 LP |
754 | } |
755 | ||
cde40acc | 756 | static bool elect_display_filter(Session *s) { |
7ffeb45c PW |
757 | /* Return true if the session is a candidate for the user’s ‘primary |
758 | * session’ or ‘display’. */ | |
759 | assert(s); | |
760 | ||
761 | return (s->class == SESSION_USER && !s->stopping); | |
762 | } | |
763 | ||
cde40acc | 764 | static int elect_display_compare(Session *s1, Session *s2) { |
7ffeb45c PW |
765 | /* Indexed by SessionType. Lower numbers mean more preferred. */ |
766 | const int type_ranks[_SESSION_TYPE_MAX] = { | |
767 | [SESSION_UNSPECIFIED] = 0, | |
768 | [SESSION_TTY] = -2, | |
769 | [SESSION_X11] = -3, | |
770 | [SESSION_WAYLAND] = -3, | |
771 | [SESSION_MIR] = -3, | |
772 | [SESSION_WEB] = -1, | |
773 | }; | |
774 | ||
775 | /* Calculate the partial order relationship between s1 and s2, | |
776 | * returning < 0 if s1 is preferred as the user’s ‘primary session’, | |
777 | * 0 if s1 and s2 are equally preferred or incomparable, or > 0 if s2 | |
778 | * is preferred. | |
779 | * | |
780 | * s1 or s2 may be NULL. */ | |
b9460fdc RC |
781 | if (!s1 && !s2) |
782 | return 0; | |
783 | ||
7ffeb45c PW |
784 | if ((s1 == NULL) != (s2 == NULL)) |
785 | return (s1 == NULL) - (s2 == NULL); | |
786 | ||
787 | if (s1->stopping != s2->stopping) | |
788 | return s1->stopping - s2->stopping; | |
789 | ||
790 | if ((s1->class != SESSION_USER) != (s2->class != SESSION_USER)) | |
791 | return (s1->class != SESSION_USER) - (s2->class != SESSION_USER); | |
792 | ||
793 | if ((s1->type == _SESSION_TYPE_INVALID) != (s2->type == _SESSION_TYPE_INVALID)) | |
794 | return (s1->type == _SESSION_TYPE_INVALID) - (s2->type == _SESSION_TYPE_INVALID); | |
795 | ||
796 | if (s1->type != s2->type) | |
797 | return type_ranks[s1->type] - type_ranks[s2->type]; | |
798 | ||
799 | return 0; | |
800 | } | |
801 | ||
952d3260 | 802 | void user_elect_display(User *u) { |
7ffeb45c | 803 | Session *s; |
952d3260 LP |
804 | |
805 | assert(u); | |
806 | ||
807 | /* This elects a primary session for each user, which we call | |
808 | * the "display". We try to keep the assignment stable, but we | |
809 | * "upgrade" to better choices. */ | |
7ffeb45c | 810 | log_debug("Electing new display for user %s", u->name); |
952d3260 LP |
811 | |
812 | LIST_FOREACH(sessions_by_user, s, u->sessions) { | |
7ffeb45c PW |
813 | if (!elect_display_filter(s)) { |
814 | log_debug("Ignoring session %s", s->id); | |
952d3260 | 815 | continue; |
7ffeb45c | 816 | } |
952d3260 | 817 | |
7ffeb45c PW |
818 | if (elect_display_compare(s, u->display) < 0) { |
819 | log_debug("Choosing session %s in preference to %s", s->id, u->display ? u->display->id : "-"); | |
820 | u->display = s; | |
821 | } | |
e9e74f28 | 822 | } |
952d3260 LP |
823 | } |
824 | ||
20263082 LP |
825 | static const char* const user_state_table[_USER_STATE_MAX] = { |
826 | [USER_OFFLINE] = "offline", | |
fb6becb4 | 827 | [USER_OPENING] = "opening", |
20263082 LP |
828 | [USER_LINGERING] = "lingering", |
829 | [USER_ONLINE] = "online", | |
e96cd586 LP |
830 | [USER_ACTIVE] = "active", |
831 | [USER_CLOSING] = "closing" | |
20263082 LP |
832 | }; |
833 | ||
834 | DEFINE_STRING_TABLE_LOOKUP(user_state, UserState); | |
1c231f56 LP |
835 | |
836 | int config_parse_tmpfs_size( | |
837 | const char* unit, | |
838 | const char *filename, | |
839 | unsigned line, | |
840 | const char *section, | |
841 | unsigned section_line, | |
842 | const char *lvalue, | |
843 | int ltype, | |
844 | const char *rvalue, | |
845 | void *data, | |
846 | void *userdata) { | |
847 | ||
848 | size_t *sz = data; | |
1c231f56 LP |
849 | int r; |
850 | ||
851 | assert(filename); | |
852 | assert(lvalue); | |
853 | assert(rvalue); | |
854 | assert(data); | |
855 | ||
9184ca48 LP |
856 | /* First, try to parse as percentage */ |
857 | r = parse_percent(rvalue); | |
858 | if (r > 0 && r < 100) | |
d8cf2ac7 | 859 | *sz = physical_memory_scale(r, 100U); |
9184ca48 | 860 | else { |
59f448cf | 861 | uint64_t k; |
1c231f56 | 862 | |
9184ca48 LP |
863 | /* If the passed argument was not a percentage, or out of range, parse as byte size */ |
864 | ||
59f448cf | 865 | r = parse_size(rvalue, 1024, &k); |
9184ca48 | 866 | if (r < 0 || k <= 0 || (uint64_t) (size_t) k != k) { |
12ca818f | 867 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse size value, ignoring: %s", rvalue); |
1c231f56 LP |
868 | return 0; |
869 | } | |
870 | ||
59f448cf | 871 | *sz = PAGE_ALIGN((size_t) k); |
1c231f56 LP |
872 | } |
873 | ||
874 | return 0; | |
875 | } | |
c06eec15 LP |
876 | |
877 | int config_parse_user_tasks_max( | |
878 | const char* unit, | |
879 | const char *filename, | |
880 | unsigned line, | |
881 | const char *section, | |
882 | unsigned section_line, | |
883 | const char *lvalue, | |
884 | int ltype, | |
885 | const char *rvalue, | |
886 | void *data, | |
887 | void *userdata) { | |
888 | ||
889 | uint64_t *m = data; | |
890 | uint64_t k; | |
891 | int r; | |
892 | ||
893 | assert(filename); | |
894 | assert(lvalue); | |
895 | assert(rvalue); | |
896 | assert(data); | |
897 | ||
f5058264 TH |
898 | if (isempty(rvalue)) { |
899 | *m = system_tasks_max_scale(DEFAULT_USER_TASKS_MAX_PERCENTAGE, 100U); | |
900 | return 0; | |
901 | } | |
902 | ||
903 | if (streq(rvalue, "infinity")) { | |
904 | *m = CGROUP_LIMIT_MAX; | |
905 | return 0; | |
906 | } | |
907 | ||
908 | /* Try to parse as percentage */ | |
c06eec15 | 909 | r = parse_percent(rvalue); |
cb3e4417 | 910 | if (r >= 0) |
c06eec15 LP |
911 | k = system_tasks_max_scale(r, 100U); |
912 | else { | |
913 | ||
914 | /* If the passed argument was not a percentage, or out of range, parse as byte size */ | |
915 | ||
916 | r = safe_atou64(rvalue, &k); | |
917 | if (r < 0) { | |
918 | log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse tasks maximum, ignoring: %s", rvalue); | |
919 | return 0; | |
920 | } | |
921 | } | |
922 | ||
923 | if (k <= 0 || k >= UINT64_MAX) { | |
924 | log_syntax(unit, LOG_ERR, filename, line, 0, "Tasks maximum out of range, ignoring: %s", rvalue); | |
925 | return 0; | |
926 | } | |
927 | ||
928 | *m = k; | |
929 | return 0; | |
930 | } |