shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2025-02-03 17:47:28 +03:00
Code

Merge pull request #31841 from AdrianVovk/homed-trivial

Browse Source 
Small homed changes + revert
This commit is contained in:
Yu Watanabe 2024-03-19 17:22:34 +09:00 committed by GitHub
commit 169b282bf9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 50 additions and 184 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

59
man/org.freedesktop.home1.xml
View File

@ -112,8 +112,6 @@ node /org/freedesktop/home1 {
out h send_fd);
@org.freedesktop.systemd1.Privileged("true")
ReleaseHome(in s user_name);
InhibitSuspendHome(in s user_name,
out h send_fd);
@org.freedesktop.systemd1.Privileged("true")
LockAllHomes();
@org.freedesktop.systemd1.Privileged("true")
@ -187,8 +185,6 @@ node /org/freedesktop/home1 {
<variablelist class="dbus-method" generated="True" extra-ref="ReleaseHome()"/>
<variablelist class="dbus-method" generated="True" extra-ref="InhibitSuspendHome()"/>
<variablelist class="dbus-method" generated="True" extra-ref="LockAllHomes()"/>
<variablelist class="dbus-method" generated="True" extra-ref="DeactivateAllHomes()"/>
@ -208,7 +204,9 @@ node /org/freedesktop/home1 {
the numeric UID and GID, the real name, home directory and shell. In addition it returns a state
identifier describing the state the user's home directory is in, as well as a bus path referring to the
bus object encapsulating the user record and home directory. This object implements the
<classname>org.freedesktop.home1.Home</classname> interface documented below.</para>
<classname>org.freedesktop.home1.Home</classname> interface documented below. This method, and most others
in this interface that take user names, will try to use the caller's home area if the specified user name is
an empty string.</para>
<para><function>GetHomeByUID()</function> is similar to <function>GetHomeByName()</function> but
acquires the information based on the numeric UID of the user.</para>
@ -387,10 +385,9 @@ node /org/freedesktop/home1 {
re-authenticate when the system comes back from suspending. It should be set by all clients that
implement a secure lock screen running outside of the user's context, that is brought up when the
system comes back from suspend and can be used to re-acquire the credentials to unlock the user's home
directory. A home directory is locked automatically at system suspend only if all clients with open
references to the home directory specify that they support this functionality, and no client has
temporarily inhibited it (see <function>InhibitSuspendHome()</function> below); otherwise the directory
remains unlocked. This method is equivalent to <function>Acquire()</function> on the
directory. If a home directory has at least one client with an open reference to the home directory
that does not support this it is not suspended automatically at system suspend, otherwise it is. This
method is equivalent to <function>Acquire()</function> on the
<classname>org.freedesktop.home1.Home</classname> interface.</para>
<para><function>RefHome()</function> is similar to <function>AcquireHome()</function> but takes no user
@ -412,25 +409,9 @@ node /org/freedesktop/home1 {
triggered deactivation is completed. This method is equivalent to <function>Release()</function> on the
<classname>org.freedesktop.home1.Home</classname> interface.</para>
<para><function>InhibitSuspendHome()</function> temporarily inhibits automatic locking during system
suspend for a home directory. It returns a file descriptor that inhibits this functionality for as long
as it is open. As mentioned above, locking a home directory requires a secure lock screen running
outside of the user context, and is likely to freeze any process that attempts to access the directory.
Thus, locking a home directory is a trade-off: it increases security, but prevents the client from
displaying any user content on its secure lock screen, including notifications, media controls, contact
information for incoming phone calls, and much more. A client may use this method to implement more
complicated automatic locking behavior for home directories, in order to solve some of these UX issues.
For instance, the client may choose to only lock the home directory and switch to the secure lock screen
if the device has been suspended for over 24 hours. Note that this inhibitor does not prevent clients from
calling <function>LockHome()</function>, and in fact clients will need to call <function>LockHome()</function>
manually as part of their custom behavior to lock the home directory. Clients should take care to ensure that
the file descriptor is closed in the event that their custom behavior fails or is disabled. This method is
equivalent to <function>InhibitSuspend()</function> on the <classname>org.freedesktop.home1.Home</classname>
interface.</para>
<para><function>LockAllHomes()</function> locks all active home directories that only have references
that opted into automatic locking during system suspend and have no clients inhibiting this behavior.
This is usually invoked automatically shortly before system suspend.</para>
that opted into automatic suspending during system suspend. This is usually invoked automatically
shortly before system suspend.</para>
<para><function>DeactivateAllHomes()</function> deactivates all home areas that are currently
active. This is usually invoked automatically shortly before system shutdown.</para>
@ -492,7 +473,6 @@ node /org/freedesktop/home1/home {
out h send_fd);
@org.freedesktop.systemd1.Privileged("true")
Release();
InhibitSuspend(out h send_fd);
properties:
@org.freedesktop.DBus.Property.EmitsChangedSignal("const")
readonly s UserName = '...';
@ -556,8 +536,6 @@ node /org/freedesktop/home1/home {
<variablelist class="dbus-method" generated="True" extra-ref="Release()"/>
<variablelist class="dbus-method" generated="True" extra-ref="InhibitSuspend()"/>
<variablelist class="dbus-property" generated="True" extra-ref="UserName"/>
<variablelist class="dbus-property" generated="True" extra-ref="UID"/>
@ -579,14 +557,15 @@ node /org/freedesktop/home1/home {
<function>Update()</function>, <function>UpdateEx()</function>, <function>Resize()</function>,
<function>ChangePassword()</function>, <function>Lock()</function>, <function>Unlock()</function>,
<function>Acquire()</function>, <function>Ref()</function>, <function>RefUnrestricted()</function>,
<function>Release()</function>, <function>InhibitSuspend()</function> operate like their matching counterparts
on the <classname>org.freedesktop.home1.Manager</classname> interface (see above). The main difference is that
they are methods of the home directory objects, and hence carry no additional user name
parameter. Which of the two flavors of methods to call depends on the handles to the user known on the
client side: if only the user name is known, it's preferable to use the methods on the manager object
since they operate with user names only. If however the home object path was already acquired some way
it is preferable to operate on the <classname>org.freedesktop.home1.Home</classname> objects
instead.</para>
<function>Release()</function>,
operate like their matching counterparts on the <classname>org.freedesktop.home1.Manager</classname>
interface (see above). The main difference is that they are methods of the home directory objects, and
hence carry no additional user name parameter. Which of the two flavors of methods to call depends on
the handles to the user known on the client side: if only the user name is known, it's preferable to use
the methods on the manager object since they operate with user names only. Clients can also easily operate
on their own home area by using the methods on the manager object with an empty string as the user name.
If the client has the home's object path already acquired in some way, however, it is preferable to operate
on the <classname>org.freedesktop.home1.Home</classname> objects instead.</para>
</refsect2>
<refsect2>
@ -611,12 +590,12 @@ node /org/freedesktop/home1/home {
<title>History</title>
<refsect2>
<title>The Manager Object</title>
<para><function>InhibitSuspendHome()</function>, <function>ActivateHomeIfReferenced()</function>, <function>RefHomeUnrestricted()</function>,
<para><function>ActivateHomeIfReferenced()</function>, <function>RefHomeUnrestricted()</function>,
<function>CreateHomeEx()</function>, and <function>UpdateHomeEx()</function> were added in version 256.</para>
</refsect2>
<refsect2>
<title>Home Objects</title>
<para><function>InhibitSuspend()</function>, <function>ActivateIfReferenced()</function>, <function>RefUnrestricted()</function>, and
<para><function>ActivateIfReferenced()</function>, <function>RefUnrestricted()</function>, and
<function>UpdateEx()</function> were added in version 256.</para>
</refsect2>
</refsect1>

58
src/home/homed-home-bus.c
View File

@ -415,7 +415,7 @@ int bus_home_method_authenticate(
return 1;
}
int bus_home_method_update_record(
int bus_home_update_record(
Home *h,
sd_bus_message *message,
UserRecord *hr,
@ -487,7 +487,7 @@ int bus_home_method_update(
return r;
}
return bus_home_method_update_record(h, message, hr, blobs, flags, error);
return bus_home_update_record(h, message, hr, blobs, flags, error);
}
int bus_home_method_resize(
@ -657,7 +657,7 @@ int bus_home_method_acquire(
return r;
/* This operation might not be something we can executed immediately, hence queue it */
fd = home_create_fifo(h, please_suspend ? HOME_FIFO_PLEASE_SUSPEND : HOME_FIFO_DONT_SUSPEND);
fd = home_create_fifo(h, please_suspend);
if (fd < 0)
return sd_bus_reply_method_errnof(message, fd, "Failed to allocate FIFO for %s: %m", h->user_name);
@ -716,7 +716,7 @@ int bus_home_method_ref(
}
}
fd = home_create_fifo(h, please_suspend ? HOME_FIFO_PLEASE_SUSPEND : HOME_FIFO_DONT_SUSPEND);
fd = home_create_fifo(h, please_suspend);
if (fd < 0)
return sd_bus_reply_method_errnof(message, fd, "Failed to allocate FIFO for %s: %m", h->user_name);
@ -745,51 +745,6 @@ int bus_home_method_release(
return 1;
}
int bus_home_method_inhibit_suspend(
sd_bus_message *message,
void *userdata,
sd_bus_error *error) {
_cleanup_close_ int fd = -EBADF;
Home *h = ASSERT_PTR(userdata);
HomeState state;
int r;
r = home_verify_polkit_async(
h,
message,
"org.freedesktop.home1.inhibit-suspend",
h->uid,
error);
if (r < 0)
return r;
if (r == 0)
return 1; /* Will call us back */
state = home_get_state(h);
switch (state) {
case HOME_ABSENT:
return sd_bus_error_setf(error, BUS_ERROR_HOME_ABSENT, "Home %s is currently missing or not plugged in.", h->user_name);
case HOME_UNFIXATED:
case HOME_INACTIVE:
case HOME_DIRTY:
return sd_bus_error_setf(error, BUS_ERROR_HOME_NOT_ACTIVE, "Home %s not active.", h->user_name);
case HOME_LOCKED:
return sd_bus_error_setf(error, BUS_ERROR_HOME_LOCKED, "Home %s is currently locked.", h->user_name);
default:
if (HOME_STATE_IS_ACTIVE(state))
break;
return sd_bus_error_setf(error, BUS_ERROR_HOME_BUSY, "An operation on home %s is currently being executed.", h->user_name);
}
fd = home_create_fifo(h, HOME_FIFO_INHIBIT_SUSPEND);
if (fd < 0)
return sd_bus_reply_method_errnof(message, fd, "Failed to allocate FIFO for %s: %m", h->user_name);
return sd_bus_reply_method_return(message, "h", fd);
}
/* We map a uid_t as uint32_t bus property, let's ensure this is safe. */
assert_cc(sizeof(uid_t) == sizeof(uint32_t));
@ -949,11 +904,6 @@ const sd_bus_vtable home_vtable[] = {
bus_home_method_ref,
0),
SD_BUS_METHOD("Release", NULL, NULL, bus_home_method_release, 0),
SD_BUS_METHOD_WITH_ARGS("InhibitSuspend",
SD_BUS_NO_ARGS,
SD_BUS_RESULT("h", send_fd),
bus_home_method_inhibit_suspend,
SD_BUS_VTABLE_UNPRIVILEGED),
SD_BUS_VTABLE_END
};

4
src/home/homed-home-bus.h
View File

@ -17,7 +17,6 @@ int bus_home_method_remove(sd_bus_message *message, void *userdata, sd_bus_error
int bus_home_method_fixate(sd_bus_message *message, void *userdata, sd_bus_error *error);
int bus_home_method_authenticate(sd_bus_message *message, void *userdata, sd_bus_error *error);
int bus_home_method_update(sd_bus_message *message, void *userdata, sd_bus_error *error);
int bus_home_method_update_record(Home *home, sd_bus_message *message, UserRecord *hr, Hashmap *blobs, uint64_t flags, sd_bus_error *error);
int bus_home_method_resize(sd_bus_message *message, void *userdata, sd_bus_error *error);
int bus_home_method_change_password(sd_bus_message *message, void *userdata, sd_bus_error *error);
int bus_home_method_lock(sd_bus_message *message, void *userdata, sd_bus_error *error);
@ -25,7 +24,8 @@ int bus_home_method_unlock(sd_bus_message *message, void *userdata, sd_bus_error
int bus_home_method_acquire(sd_bus_message *message, void *userdata, sd_bus_error *error);
int bus_home_method_ref(sd_bus_message *message, void *userdata, sd_bus_error *error);
int bus_home_method_release(sd_bus_message *message, void *userdata, sd_bus_error *error);
int bus_home_method_inhibit_suspend(sd_bus_message *message, void *userdata, sd_bus_error *error);
int bus_home_update_record(Home *home, sd_bus_message *message, UserRecord *hr, Hashmap *blobs, uint64_t flags, sd_bus_error *error);
extern const BusObjectImplementation home_object;

60
src/home/homed-home.c
View File

@ -226,7 +226,6 @@ Home *home_free(Home *h) {
h->ref_event_source_please_suspend = sd_event_source_disable_unref(h->ref_event_source_please_suspend);
h->ref_event_source_dont_suspend = sd_event_source_disable_unref(h->ref_event_source_dont_suspend);
h->inhibit_suspend_event_source = sd_event_source_disable_unref(h->inhibit_suspend_event_source);
h->pending_operations = ordered_set_free(h->pending_operations);
h->pending_event_source = sd_event_source_disable_unref(h->pending_event_source);
@ -2707,9 +2706,6 @@ static int on_home_ref_eof(sd_event_source *s, int fd, uint32_t revents, void *u
if (h->ref_event_source_dont_suspend == s)
h->ref_event_source_dont_suspend = sd_event_source_disable_unref(h->ref_event_source_dont_suspend);
if (h->inhibit_suspend_event_source == s)
h->inhibit_suspend_event_source = sd_event_source_disable_unref(h->inhibit_suspend_event_source);
if (home_is_referenced(h))
return 0;
@ -2725,42 +2721,25 @@ static int on_home_ref_eof(sd_event_source *s, int fd, uint32_t revents, void *u
return 0;
}
int home_create_fifo(Home *h, HomeFifoType type) {
static const struct {
const char *suffix;
const char *description;
size_t event_source;
} table[_HOME_FIFO_TYPE_MAX] = {
[HOME_FIFO_PLEASE_SUSPEND] = {
.suffix = ".please-suspend",
.description = "acquire-ref",
.event_source = offsetof(Home, ref_event_source_please_suspend),
},
[HOME_FIFO_DONT_SUSPEND] = {
.suffix = ".dont-suspend",
.description = "acquire-ref-dont-suspend",
.event_source = offsetof(Home, ref_event_source_dont_suspend),
},
[HOME_FIFO_INHIBIT_SUSPEND] = {
.suffix = ".inhibit-suspend",
.description = "inhibit-suspend",
.event_source = offsetof(Home, inhibit_suspend_event_source),
},
};
int home_create_fifo(Home *h, bool please_suspend) {
_cleanup_close_ int ret_fd = -EBADF;
sd_event_source **evt;
const char *fn;
sd_event_source **ss;
const char *fn, *suffix;
int r;
assert(h);
assert(type >= 0 && type < _HOME_FIFO_TYPE_MAX);
evt = (sd_event_source**) ((uint8_t*) h + table[type].event_source);
if (please_suspend) {
suffix = ".please-suspend";
ss = &h->ref_event_source_please_suspend;
} else {
suffix = ".dont-suspend";
ss = &h->ref_event_source_dont_suspend;
}
fn = strjoina("/run/systemd/home/", h->user_name, table[type].suffix);
fn = strjoina("/run/systemd/home/", h->user_name, suffix);
if (!*evt) {
if (!*ss) {
_cleanup_close_ int ref_fd = -EBADF;
(void) mkdir("/run/systemd/home/", 0755);
@ -2771,19 +2750,20 @@ int home_create_fifo(Home *h, HomeFifoType type) {
if (ref_fd < 0)
return log_error_errno(errno, "Failed to open FIFO %s for reading: %m", fn);
r = sd_event_add_io(h->manager->event, evt, ref_fd, 0, on_home_ref_eof, h);
r = sd_event_add_io(h->manager->event, ss, ref_fd, 0, on_home_ref_eof, h);
if (r < 0)
return log_error_errno(r, "Failed to allocate reference FIFO event source: %m");
(void) sd_event_source_set_description(*evt, table[type].description);
(void) sd_event_source_set_description(*ss, "acquire-ref");
r = sd_event_source_set_priority(*evt, SD_EVENT_PRIORITY_IDLE-1);
r = sd_event_source_set_priority(*ss, SD_EVENT_PRIORITY_IDLE-1);
if (r < 0)
return r;
r = sd_event_source_set_io_fd_own(*evt, true);
r = sd_event_source_set_io_fd_own(*ss, true);
if (r < 0)
return log_error_errno(r, "Failed to pass ownership of FIFO event fd to event source: %m");
TAKE_FD(ref_fd);
}
@ -2863,10 +2843,8 @@ bool home_is_referenced(Home *h) {
bool home_shall_suspend(Home *h) {
assert(h);
/* We lock the home area on suspend if... */
return h->ref_event_source_please_suspend && /* at least one client supports suspend, and... */
!h->ref_event_source_dont_suspend && /* no clients lack support for suspend, and... */
!h->inhibit_suspend_event_source; /* no client is temporarily inhibiting suspend */
/* Suspend if there's at least one client referencing this home directory that wants a suspend and none who does not. */
return h->ref_event_source_please_suspend && !h->ref_event_source_dont_suspend;
}
static int home_dispatch_release(Home *h, Operation *o) {

23
src/home/homed-home.h
View File

@ -139,17 +139,12 @@ struct Home {
bool unregister_on_failure;
/* The reading side of a FIFO stored in /run/systemd/home/, the writing side being used for reference
* counting. The references dropped to zero as soon as we see EOF. This concept exists thrice: once
* for clients that are fine if we lock the home directory on system suspend, once for clients
* that are not ok with that, and once for clients that are usually ok with it but temporarily
* want to opt-out so that they can implement more advanced behavior on their own. This allows
* us to determine for each home whether there are any clients that don't support suspend at this
* moment. */
* counting. The references dropped to zero as soon as we see EOF. This concept exists twice: once
* for clients that are fine if we suspend the home directory on system suspend, and once for clients
* that are not ok with that. This allows us to determine for each home whether there are any clients
* that support unsuspend. */
sd_event_source *ref_event_source_please_suspend;
sd_event_source *ref_event_source_dont_suspend;
/* This is distinct from ref_event_source_dont_suspend because it can be obtained from unprivileged
* code, and thus we don't count it as a reference on the home area. */
sd_event_source *inhibit_suspend_event_source;
/* Any pending operations we still need to execute. These are for operations we want to queue if we
* can't execute them right-away. */
@ -215,15 +210,7 @@ int home_killall(Home *h);
int home_augment_status(Home *h, UserRecordLoadFlags flags, UserRecord **ret);
typedef enum {
HOME_FIFO_PLEASE_SUSPEND,
HOME_FIFO_DONT_SUSPEND,
HOME_FIFO_INHIBIT_SUSPEND,
_HOME_FIFO_TYPE_MAX,
_HOME_FIFO_TYPE_INVALID = -EINVAL,
} HomeFifoType;
int home_create_fifo(Home *h, HomeFifoType mode);
int home_create_fifo(Home *h, bool please_suspend);
int home_schedule_operation(Home *h, Operation *o, sd_bus_error *error);
int home_auto_login(Home *h, char ***ret_seats);

12
src/home/homed-manager-bus.c
View File

@ -592,7 +592,7 @@ static int method_update_home(sd_bus_message *message, void *userdata, sd_bus_er
if (!h)
return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_HOME, "No home for user %s known", hr->user_name);
return bus_home_method_update_record(h, message, hr, blobs, flags, error);
return bus_home_update_record(h, message, hr, blobs, flags, error);
}
static int method_resize_home(sd_bus_message *message, void *userdata, sd_bus_error *error) {
@ -623,10 +623,6 @@ static int method_release_home(sd_bus_message *message, void *userdata, sd_bus_e
return generic_home_method(userdata, message, bus_home_method_release, error);
}
static int method_inhibit_suspend_home(sd_bus_message *message, void *userdata, sd_bus_error *error) {
return generic_home_method(userdata, message, bus_home_method_inhibit_suspend, error);
}
static int method_lock_all_homes(sd_bus_message *message, void *userdata, sd_bus_error *error) {
_cleanup_(operation_unrefp) Operation *o = NULL;
bool waiting = false;
@ -901,12 +897,6 @@ static const sd_bus_vtable manager_vtable[] = {
method_release_home,
0),
SD_BUS_METHOD_WITH_ARGS("InhibitSuspendHome",
SD_BUS_ARGS("s", user_name),
SD_BUS_RESULT("h", send_fd),
method_inhibit_suspend_home,
SD_BUS_VTABLE_UNPRIVILEGED),
/* An operation that acts on all homes that allow it */
SD_BUS_METHOD("LockAllHomes", NULL, NULL, method_lock_all_homes, 0),
SD_BUS_METHOD("DeactivateAllHomes", NULL, NULL, method_deactivate_all_homes, 0),

8
src/home/org.freedesktop.home1.conf
View File

@ -137,10 +137,6 @@
send_interface="org.freedesktop.home1.Manager"
send_member="ReleaseHome"/>
<allow send_destination="org.freedesktop.home1"
send_interface="org.freedesktop.home1.Manager"
send_member="InhibitSuspendHome"/>
<allow send_destination="org.freedesktop.home1"
send_interface="org.freedesktop.home1.Manager"
send_member="LockAllHomes"/>
@ -227,10 +223,6 @@
send_interface="org.freedesktop.home1.Home"
send_member="Release"/>
<allow send_destination="org.freedesktop.home1"
send_interface="org.freedesktop.home1.Home"
send_member="InhibitSuspend"/>
<allow receive_sender="org.freedesktop.home1"/>
</policy>

10
src/home/org.freedesktop.home1.policy
View File

@ -69,16 +69,6 @@
</defaults>
</action>
<action id="org.freedesktop.home1.inhibit-suspend">
<description gettext-domain="systemd">Inhibit automatic lock of a home area</description>
<message gettext-domain="systemd">Authentication is required to inhibit automatic lock of a user's home area.</message>
<defaults>
<allow_any>auth_admin_keep</allow_any>
<allow_inactive>auth_admin_keep</allow_inactive>
<allow_active>auth_admin_keep</allow_active>
</defaults>
</action>
<action id="org.freedesktop.home1.activate-home">
<description gettext-domain="systemd">Activate a home area</description>
<message gettext-domain="systemd">Authentication is required to activate a user's home area.</message>