trinity-devel@lists.pearsoncomputing.net

Message: previous - next
Month: February 2014

TDE running on systemd will require code changes proper session tracking?

From: "David C. Rankin" <drankinatty@...>
Date: Mon, 03 Feb 2014 10:57:19 -0600
Tim, All,

  I have stumbled upon an issue that may be responsible for the sound and sftp
session closing (bug 1902) problems I experience running TDE on a systemd based
system. The problem surrounds pam/tdm and polkit setup and tracking user
sessions in the absence of Consolekit. The issue is addressed in the freedesktop
articles:

http://www.freedesktop.org/wiki/Software/systemd/writing-display-managers/

http://www.freedesktop.org/wiki/Software/systemd/writing-desktop-environments/

  The porting changes necessary for TDE to work in a systemd/polkit environment
look minimal, but they are a bit above my understanding at the moment.

  I have detailed the sftp issue in
http://bugs.pearsoncomputing.net/show_bug.cgi?id=1902 along with diagnostics.
The crux of the current issue is that tdebase/tdebase mkpamserv does not provide
an environment where proper session tracking occurs:

08:29 valhalla:~> loginctl show-session $XDG_SESSION_ID
NAutoVTs=6
KillExcludeUsers=root
KillUserProcesses=no
IdleHint=yes
IdleSinceHint=0
IdleSinceHintMonotonic=0
InhibitDelayMaxUSec=5s
HandlePowerKey=poweroff
HandleSuspendKey=suspend
HandleHibernateKey=hibernate
HandleLidSwitch=suspend
IdleAction=ignore
IdleActionUSec=30min
PreparingForShutdown=no
PreparingForSleep=no

  does not contain Remote=no and Active=yes which apparently indicate proper
user session tracking. I need someone who has a bit more experience with tdebase
code and in this area to review the freedesktop links regarding the new session
tracking requirements under systemd and see if this is an issue that needs to be
jumped on before RC1 is frozen. Currently, the current problems I have
discovered under systemd impact user sound access/printer driver generation/and
sftp session closure. I suspect the problems may be more widespread but I have
yet to discover all of them.

  I have compared what TDE does with /etc/pam.d/trinity and what is currently
done with kde4 on arch. The current TDE pam.d settings are:

/etc/pam.d/trinity
#%PAM-1.0
#auth       required     pam_securetty.so
auth       requisite    pam_nologin.so
auth       include      system-local-login
account    include      system-local-login
session    include      system-local-login

  The comparable pam setup for kde4 on Arch uses (noc is cat with no-comment):

09:56 alchemy:~/tde/tmp/pam> noc kde4/kde
#%PAM-1.0
auth            include         system-login
account         include         system-login
password        include         system-login
session         include         system-login
09:56 alchemy:~/tde/tmp/pam> noc kde4/kde-np
#%PAM-1.0
auth            required        pam_tally.so    onerr=succeed file=/var/log/faillog
auth            required        pam_shells.so
auth            requisite       pam_nologin.so
auth            required        pam_env.so
auth            optional        pam_permit.so
account         include      system-login
password        include      system-login
session         include      system-login
10:00 alchemy:~/tde/tmp/pam> noc kde4/kscreensaver
#%PAM-1.0
auth            required        pam_unix_auth.so

  I have tried changing /etc/pam.d/trinity to use:

#%PAM-1.0
#auth       required     pam_securetty.so
auth       requisite    pam_nologin.so
auth            include         system-login
account         include         system-login
password        include         system-login
session         include         system-login

  Login is fine using system-login instead of the current 'system-local-login',
but the output of 'loginctl show-session $XDG_SESSION_ID' is unchanged.

  I have posted the issue to the Arch list and will report any suggestins back.
Experts, what say you?

-- 
David C. Rankin, J.D.,P.E.

powered by ezmlm-www (v1.4.5)