- Desktop
- Enterprise
- Gaming
- Graphics
- Hardware
- Linux Kernel
- Multimedia
- Operating Systems
- Programming
- System Internals
- All Projects
- Latest News
- WINE: Release 9.8.
- or1k: Add hard float libm-test-ulps
- or1k: Add hard float support
- lavc/rv40dsp: R-V V chroma_mc
- avfilter/vf_scale: add optional "ref" input
- tdf#49885 Updated CJK BreakIterator to use ICU
- lavc/vp9dsp: R-V V ipred dc
- improve the mergedlib script
- Latest News (cont.)
- fate/iamf: add a demux text
- pg_combinebackup: Add --version to --help output
- PostgreSQL: Support SSL_R_VERSION_TOO_LOW when using LibreSSL
- avcodec/mediacodecenc: Add global header support
- tdf#159660: also add normal blend filter
- Linux Kernel: Linux 6.9-rc5
- WINE: Release 9.7.
- Sync psm/evdev/atkbd with FreeBSD
- lavfi: Add pad_vaapi filter
- lavfi: Add drawbox_vaapi filter
- Linux Kernel: Linux 6.9-rc4
Featured content is also available via:
Decide whether devices are on the same seat by uid, not pid
System Internals / UDisks - Simon McVittie [collabora.co.uk] - 30 June 2015 00:52 UTC
In systemd user sessions, some of a user's processes can exist outside the scope of any particular session:
└─user.slice └─user-1000.slice ├─user@1000.service │ ├─2089 /lib/systemd/systemd --user │ └─dbus.service │ ├─ 2233 /usr/bin/dbus-daemon … │ ├─ 2297 /usr/lib/gvfs/gvfsd │ … └─session-2.scope ├─ 2102 gnome-session ├─ 2376 /usr/bin/gnome-shell …
If processes outside sessions don't have access to devices on those sessions' seats, then gvfsd won't be able to mount devices. Conversely, there is no privilege boundary between the sessions and the non-session processes - in particular, the user's processes can usually ptrace each other and write to each other's configuration files - so isolating them doesn't make a great deal of sense.
I'm specifically looking for one or more *active* sessions on the device's seat because in a situation like this:
… ├─ alice │ ├─ graphical session on seat0, tty7, active │ └─ system --user ├─ bob │ ├─ graphical session on seat0, tty8, inactive │ ├─ graphical session on seat1, active │ └─ systemd --user └─ chris ├─ ssh session on no seat, active └─ systemd --user
the desired behaviour is that alice controls seat0 devices and bob controls seat1 devices, corresponding to their respective physically-present locations; bob should not have control over seat0 devices until he returns to seat0, and chris should not have control over either.
Despite udisks_daemon_util_on_same_seat being documented, it is not actually public API or ABI: it is part of libudisks-daemon.la, which is a convenience library statically linked into udisksd and the tests. As such, it's harmless to replace it with _on_user_seat. I'm renaming it in order to force compilation failure if a branch has other callers for the old semantics; if it was not renamed, passing a pid_t where a uid_t was expected would have compiled, but silently produced wrong results.
https://bugs.freedesktop.org/show_bug.cgi?id=89501 https://bugs.debian.org/780004
b208be4 Decide whether devices are on the same seat by uid, not pid
doc/udisks2-sections.txt | 2 +-
src/udisksdaemonutil.c | 24 ++++++----------
src/udisksdaemonutil.h | 8 ++----
src/udiskslinuxblock.c | 15 +---------
src/udiskslinuxdrive.c | 30 ++------------------
src/udiskslinuxdriveata.c | 20 +++++++------
src/udiskslinuxencrypted.c | 15 +---------
src/udiskslinuxfilesystem.c | 32 ++-------------------
src/udiskslinuxpartition.c | 60 +++------------------------------------
src/udiskslinuxpartitiontable.c | 15 +---------
10 files changed, 36 insertions(+), 185 deletions(-)
Upstream: cgit.freedesktop.org