[PATCH v2 10/14] systemd-logind: Add systemd-logind "core"

Hans de Goede hdegoede at redhat.com
Tue Feb 11 09:10:22 CET 2014 

Hi,

On 02/11/2014 04:16 AM, Jasper St. Pierre wrote:
> As said before, with systemd user sessions, this will not happen. Unless
> I'm misremembering, Lennart has said that the only thing that should be
> inside the PAM session environment proper should be the session leader like
> "gnome-session". (Disregarding the session worker process like
> gdm-session-worker)

That sounds very wrong, many things will break if they are not run in a
proper login session.

Anyways lets bring Lennart himself into the loop.

Lennart, my current version of the xserver logind integration patches use
GetSessionByPID(getpid()), Jasper is afraid this will break in the future,
because the xserver will be running outside of the user-session, see below.
Is he right?

To be clear, the goal of the GetSessionByPID() call is to determine the
session on which to issues the TakeControl() call.

Also how does this relate to the fake-sessions spawning multiple heads we
were talking about before?

Regards,

Hans

> 
> 
> On Mon, Feb 10, 2014 at 4:54 PM, Hans de Goede <hdegoede at redhat.com> wrote:
> 
> Hi,
> 
> On 02/10/2014 10:49 PM, David Herrmann wrote:
>>>> Hi
>>>>
>>>> On Mon, Feb 10, 2014 at 10:48 PM, Hans de Goede <hdegoede at redhat.com>
> wrote:
>>>>> Hi,
>>>>>
>>>>> On 02/10/2014 09:58 PM, Jasper St. Pierre wrote:
>>>>>> Something I noticed here is that you use GetSessionByPID(). This works
> right now, but with systemd user sessions, the display server will run
> outside of a session. We have to decide what to do in this case.
>>>>>
>>>>> AFAIK that won't work, the display server must be inside the pam login
> session of the user, otherwise logind will refuse to give access to any of
> the devices belonging to the seat.
>>>>>
>>>>> To be precise, logind will only give access to a process which is
> inside the user-session which is the active session on a certain head, and
> then only to devices which belong to said head.
>>>>
>>>> To be precise, only processes with the uid of the user or root can call
> TakeControl(), no other restrictions are enforced. So the process does not
> have to be in the session.
> 
> Ah right, so I guess it could be outside the user session, as long
> as it gets started with the uid of the user, however I think that starting
> user processes without them being inside a properly setup pam login session
> is very ugly.
> 
> So it would be greatly preferable and more simple IMHO to just start it
> inside the user-session, and AFAIK Ray Strode is working on doing exactly
> that in gdm.
> 
> If we go this route calling GetSessionByPID() should not be a problem
> at all.
> 
> Regards,
> 
> Hans
>>
> 
> 
> 
> 
> 
> _______________________________________________
> xorg-devel at lists.x.org: X.Org development
> Archives: http://lists.x.org/archives/xorg-devel
> Info: http://lists.x.org/mailman/listinfo/xorg-devel
>

More information about the xorg-devel mailing list