[Dev] Tizen 3.0 Multiuser Support Architecture Release candidate 1

Dominig ar Foll dominig.arfoll at fridu.net
Thu Oct 31 13:14:17 GMT 2013


Lukasz,

thanks for the pointers.

Dominig

Le 31/10/2013 09:29, Łukasz Stelmach a écrit :
> It was <2013-10-30 śro 19:38>, when Dominig ar Foll (Intel OTC) wrote:
>> Le 30/10/2013 17:50, Łukasz Stelmach a écrit :
>>> On the page 20 of the PDF file there is a chain of processes
>>>
>>> systemd
>>>   |
>>>   +-> systemd --user    <--- why ???
>>>   |    |
>>>   |    +-> Display Server
>>>   |    |
>>>   |    +-> ....?        <--- what is going to work here?
>> Remember that the use of TLM is optional, so creating a config without
>> must be possible.
>> As we cannot present all use cases (I actually do not even have them),
>> we need to be generic.
>> In the slide, I just want to present that you can start initial
>> services before the tlm is you want.
>> Proposing to use systemd --user is just way to make the lanch simple
>> and well controlled.
> Systemd's main feature is parallel start-up. Upon start-up systemd reads
> its configuration files, creates a DAG[1] of units and walks around
> it to start the units as much in parallel as possible.  Putting some
> services under supervision of another instance (systemd --user) creates
> a black box from the point of view of PID#1. Different instances of
> systemd do not exchange information about their DAGs, hence they cannot
> optimise their DAG with regard to services (units) supervised by other
> instances. Conclusion: everything that is a system-wide service should
> be controlled by PID#1 and only per-user programmes should be started by
> a separate systemd instance. If one needs to run a service without root
> privileges User=[2] option should be used.
>
>> We could also have some other generic services which do not need to
>> run as root launched at that place.
>> A good application would be the base live TV service that need to
>> start quicky before than other sofisticated service is available.
> That is what the User option in the service files is for[2].
>
>>>   |
>>>   +-> TLM
>>>        |
>>>        +-> systemd --user
>>>        |
>>>        +-> systemd --user
>>>        |
>>>        +-> systemd --user
>>>        |
>>>        ...
>>>
>>> I would like to know, why do we need "systemd --user" to run the Display
>>> Server? Isn't it enough to put "User=" in the systemd service file of
>>> the Display Server and have it running as a sibling of TLM with a
>>> non-root uid?
>> We do not need it. It's simply easy to use it to sync with what ever
>> need to be launch with a generic user.
> For syncing I'd recommend systemd's socket activation[3][4]. I've
> created patches for xorg-server[5]. Starting Wayland this way should
> not be much of a problem too.
>
> P.S. It isn't my goal to be pesky here, however we've already tried a
> few ideas for privilege separation with and without user sessions and
> I'd simply like to share my experience.
>
> Footnotes:
>
> [1] http://en.wikipedia.org/wiki/Directed_acyclic_graph
>
> [2] http://www.freedesktop.org/software/systemd/man/systemd.exec.html#User=
>
> [3] http://0pointer.de/blog/projects/socket-activation.html
>
> [4] http://0pointer.de/blog/projects/socket-activation2.html
>
> [5] http://thread.gmane.org/gmane.comp.freedesktop.xorg.devel/36092/focus=37693
>

-- 
Dominig ar Foll
Senior Software Architect
Intel Open Source Technology Centre



More information about the Dev mailing list