[Dev] Remove root privileges from daemons. - weston case

Stéphane Desneux stephane.desneux at open.eurogiciel.org
Tue Apr 15 21:32:40 GMT 2014


Hi Jussi.

Just a reminder: there's still an open bug on user session startup (PTREL-763): 
the way user sessions are started must be reviewed and particularly the relation 
with pam sessions (think also to su, ssh, login on tty ...). The latest patch I 
proposed on PTREL-763 works but it also removes some functionalities on su 
sessions (see my last comment on the bug page)

Also, there's another goal I didn't reach (yet:-)): this is a simple dependency 
problem between both parts of systemd: system side and user side.

Actually, the main steps are as follows:
- systemd (system) tries to reach its default target == graphical.target,
- the graphical target 'wants' user-session-launch
- I added a dependency on user-session-launch that requires 
display-manager.path, i.e. the wayland socket
- in turn, this will trigger display-manager.service then 
display-manager-run.service and start weston, set the rights on socket etc.
- finally, the user session can start: systemd --user is started
- to reach the default target inside the user session, weston-user.service is wanted
- weston-user.service creates a symlink for the user wayland socket 
(/run/user/<uid>/wayland-0) to the shared wayland socket started on system side 
(/run/display/wayland-0)
- then it starts tz-launcher which is the user app launcher (minimal shell)

Everything seems fine. But I want to link the user session to weston existence, 
that is: if display-manager-run.service stops (say weston crashes) on system 
side and we add an auto restart to the display-manager-run service, I'd like to 
have the user sessions closed then restarted from scratch, so that tz-launcher 
would be relaunched.

Actually, user sessions do not depend on weston existence: just kill weston and 
you'll see that users are still logged in.

Any hints from systemd gurus ?

-- 
Stéphane Desneux
Intel OTC - Vannes/FR
gpg:1CA35726/DFA9B0232EF80493AF2891FA24E3A2841CA35726

Jussi Laako wrote:
> On 15.4.2014 11:51, Stéphane Desneux wrote:
>> In the recent Tizen:Common wayland images (for example here [1]), we run
>> weston in the following conditions:
>> - started by systemd (system) outside user sessions
>> - with a system user 'display' and system group 'display' (no root)
>> - on tty7 (X nostalgia :-) but also to see messages on tty1!) - of
>> course, we can revert to tty1...
>> - without weston-launch (no step as root, no pending
>> process, no extra PAM session)
>> - the compositor is shared by multiple users
>> - thus any user or daemon being in the group 'display' can be a weston
>> client and show something on the screen. The trick is to do a symbolic
>> link into the user's XDG_RUNTIME_DIR to the real weston socket (in
>> /run/display/) Also, weston could be modified to handle this without tricks.
>
> Looks good, I got it running. I will now try to replace user-session-launch with
> tlm and still keep the same functionality otherwise.
>
> Then you can trigger user switches per seat using tlm. (and would also get
> default/guest user home directory cleanups)
>
> There's also small EFL GUI for controlling tlm.
>
> _______________________________________________
> Dev mailing list
> Dev at lists.tizen.org
> https://lists.tizen.org/listinfo/dev


More information about the Dev mailing list