// SPDX-License-Identifier: GPL-2.0+
/*
* Copyright (C) 2008 - 2015 Red Hat, Inc.
* Author: David Zeuthen <davidz@redhat.com>
* Author: Dan Williams <dcbw@redhat.com>
* Author: Matthias Clasen
* Author: Pavel Šimerda <psimerda@redhat.com>
*/
#include "nm-default.h"
#include "nm-session-monitor.h"
#include <pwd.h>
#include <sys/stat.h>
#if SESSION_TRACKING_SYSTEMD && SESSION_TRACKING_ELOGIND
#error Cannot build both systemd-logind and elogind support
#endif
#if SESSION_TRACKING_SYSTEMD
#include <systemd/sd-login.h>
#define LOGIND_NAME "systemd-logind"
#endif
#if SESSION_TRACKING_ELOGIND
#include <elogind/sd-login.h>
#define LOGIND_NAME "elogind"
#endif
#include "NetworkManagerUtils.h"
#define SESSION_TRACKING_XLOGIND (SESSION_TRACKING_SYSTEMD || SESSION_TRACKING_ELOGIND)
#define CKDB_PATH "/run/ConsoleKit/database"
/*****************************************************************************/
enum {
CHANGED,
LAST_SIGNAL,
};
static guint signals[LAST_SIGNAL] = { 0 };
struct _NMSessionMonitor {
GObject parent;
#if SESSION_TRACKING_XLOGIND
struct {
sd_login_monitor *monitor;
GSource *watch;
} sd;
#endif
#if SESSION_TRACKING_CONSOLEKIT
struct {
GFileMonitor *monitor;
GHashTable *cache;
time_t timestamp;
} ck;
#endif
};
struct _NMSessionMonitorClass {
GObjectClass parent;
};
G_DEFINE_TYPE (NMSessionMonitor, nm_session_monitor, G_TYPE_OBJECT);
#define _NMLOG_DOMAIN LOGD_CORE
#define _NMLOG(level, ...) __NMLOG_DEFAULT (level, _NMLOG_DOMAIN, "session-monitor", __VA_ARGS__)
/*****************************************************************************/
#if SESSION_TRACKING_XLOGIND
static gboolean
st_sd_session_exists (NMSessionMonitor *monitor, uid_t uid, gboolean active)
{
int status;
if (!monitor->sd.monitor)
return FALSE;
status = sd_uid_get_sessions (uid, active, NULL);
if (status < 0)
_LOGE ("failed to get "LOGIND_NAME" sessions for uid %d: %d", uid, status);
return status > 0;
}
static gboolean
st_sd_changed (int fd,
GIOCondition condition,
gpointer user_data)
{
NMSessionMonitor *monitor = user_data;
g_signal_emit (monitor, signals[CHANGED], 0);
sd_login_monitor_flush (monitor->sd.monitor);
return G_SOURCE_CONTINUE;
}
static void
st_sd_init (NMSessionMonitor *monitor)
{
int status;
if (!g_file_test ("/run/systemd/seats/", G_FILE_TEST_EXISTS))
return;
if ((status = sd_login_monitor_new (NULL, &monitor->sd.monitor)) < 0) {
_LOGE ("failed to create "LOGIND_NAME" monitor: %d", status);
return;
}
monitor->sd.watch = nm_g_unix_fd_source_new (sd_login_monitor_get_fd (monitor->sd.monitor),
G_IO_IN,
G_PRIORITY_DEFAULT,
st_sd_changed,
monitor,
NULL);
g_source_attach (monitor->sd.watch, NULL);
}
static void
st_sd_finalize (NMSessionMonitor *monitor)
{
if (monitor->sd.monitor) {
sd_login_monitor_unref (monitor->sd.monitor);
monitor->sd.monitor = NULL;
}
nm_clear_g_source_inst (&monitor->sd.watch);
}
#endif /* SESSION_TRACKING_XLOGIND */
/*****************************************************************************/
#if SESSION_TRACKING_CONSOLEKIT
typedef struct {
gboolean active;
} CkSession;
static gboolean
ck_load_cache (GHashTable *cache)
{
GKeyFile *keyfile = g_key_file_new ();
char **groups = NULL;
GError *error = NULL;
gsize i, len;
gboolean finished = FALSE;
if (!g_key_file_load_from_file (keyfile, CKDB_PATH, G_KEY_FILE_NONE, &error))
goto out;
if (!(groups = g_key_file_get_groups (keyfile, &len))) {
_LOGE ("could not load groups from " CKDB_PATH);
goto out;
}
g_hash_table_remove_all (cache);
for (i = 0; i < len; i++) {
guint uid = G_MAXUINT;
CkSession session = { .active = FALSE };
if (!g_str_has_prefix (groups[i], "Session "))
continue;
uid = g_key_file_get_integer (keyfile, groups[i], "uid", &error);
if (error)
goto out;
session.active = g_key_file_get_boolean (keyfile, groups[i], "is_active", &error);
if (error)
goto out;
g_hash_table_insert (cache, GUINT_TO_POINTER (uid), nm_memdup (&session, sizeof session));
}
finished = TRUE;
out:
if (error)
_LOGE ("failed to load ConsoleKit database: %s", error->message);
g_clear_error (&error);
nm_clear_pointer (&groups, g_strfreev);
nm_clear_pointer (&keyfile, g_key_file_free);
return finished;
}
static gboolean
ck_update_cache (NMSessionMonitor *monitor)
{
struct stat statbuf;
int errsv;
if (!monitor->ck.cache)
return FALSE;
/* Check the database file */
if (stat (CKDB_PATH, &statbuf) != 0) {
errsv = errno;
_LOGE ("failed to check ConsoleKit timestamp: %s", nm_strerror_native (errsv));
return FALSE;
}
if (statbuf.st_mtime == monitor->ck.timestamp)
return TRUE;
/* Update the cache */
if (!ck_load_cache (monitor->ck.cache))
return FALSE;
monitor->ck.timestamp = statbuf.st_mtime;
return TRUE;
}
static gboolean
ck_session_exists (NMSessionMonitor *monitor, uid_t uid, gboolean active)
{
CkSession *session;
if (!ck_update_cache (monitor))
return FALSE;
session = g_hash_table_lookup (monitor->ck.cache, GUINT_TO_POINTER (uid));
if (!session)
return FALSE;
if (active && !session->active)
return FALSE;
return TRUE;
}
static void
ck_changed (GFileMonitor * file_monitor,
GFile * file,
GFile * other_file,
GFileMonitorEvent event_type,
gpointer user_data)
{
g_signal_emit (user_data, signals[CHANGED], 0);
}
static void
ck_init (NMSessionMonitor *monitor)
{
GFile *file = g_file_new_for_path (CKDB_PATH);
GError *error = NULL;
if (g_file_query_exists (file, NULL)) {
if ((monitor->ck.monitor = g_file_monitor_file (file, G_FILE_MONITOR_NONE, NULL, &error))) {
monitor->ck.cache = g_hash_table_new_full (nm_direct_hash, NULL, NULL, g_free);
g_signal_connect (monitor->ck.monitor,
"changed",
G_CALLBACK (ck_changed),
monitor);
} else {
_LOGE ("error monitoring " CKDB_PATH ": %s", error->message);
g_clear_error (&error);
}
}
g_object_unref (file);
}
static void
ck_finalize (NMSessionMonitor *monitor)
{
nm_clear_pointer (&monitor->ck.cache, g_hash_table_unref);
g_clear_object (&monitor->ck.monitor);
}
#endif /* SESSION_TRACKING_CONSOLEKIT */
/*****************************************************************************/
NM_DEFINE_SINGLETON_GETTER (NMSessionMonitor, nm_session_monitor_get, NM_TYPE_SESSION_MONITOR);
/**
* nm_session_monitor_uid_to_user:
* @uid: UID.
* @out_user: Return location for user name.
*
* Translates a UID to a user name.
*/
gboolean
nm_session_monitor_uid_to_user (uid_t uid, const char **out_user)
{
struct passwd *pw = getpwuid (uid);
g_assert (out_user);
if (!pw)
return FALSE;
*out_user = pw->pw_name;
return TRUE;
}
/**
* nm_session_monitor_user_to_uid:
* @user: User naee.
* @out_uid: Return location for UID.
*
* Translates a user name to a UID.
*/
gboolean
nm_session_monitor_user_to_uid (const char *user, uid_t *out_uid)
{
struct passwd *pw = getpwnam (user);
g_assert (out_uid);
if (!pw)
return FALSE;
*out_uid = pw->pw_uid;
return TRUE;
}
/**
* nm_session_monitor_session_exists:
* @self: the session monitor
* @uid: A user ID.
* @active: Ignore inactive sessions.
*
* Checks whether the given @uid is logged into an active session. Don't
* use this feature for security purposes. It is there just to allow you
* to prefer an agent from an active session over an agent from an
* inactive one.
*
* Returns: %FALSE if @error is set otherwise %TRUE if the given @uid is
* logged into an active session.
*/
gboolean
nm_session_monitor_session_exists (NMSessionMonitor *self,
uid_t uid,
gboolean active)
{
g_return_val_if_fail (NM_IS_SESSION_MONITOR (self), FALSE);
#if SESSION_TRACKING_XLOGIND
if (st_sd_session_exists (self, uid, active))
return TRUE;
#endif
#if SESSION_TRACKING_CONSOLEKIT
if (ck_session_exists (self, uid, active))
return TRUE;
#endif
return FALSE;
}
/*****************************************************************************/
static void
nm_session_monitor_init (NMSessionMonitor *monitor)
{
#if SESSION_TRACKING_XLOGIND
st_sd_init (monitor);
_LOGD ("using "LOGIND_NAME" session tracking");
#endif
#if SESSION_TRACKING_CONSOLEKIT
ck_init (monitor);
_LOGD ("using ConsoleKit session tracking");
#endif
}
static void
finalize (GObject *object)
{
#if SESSION_TRACKING_XLOGIND
st_sd_finalize (NM_SESSION_MONITOR (object));
#endif
#if SESSION_TRACKING_CONSOLEKIT
ck_finalize (NM_SESSION_MONITOR (object));
#endif
G_OBJECT_CLASS (nm_session_monitor_parent_class)->finalize (object);
}
static void
nm_session_monitor_class_init (NMSessionMonitorClass *klass)
{
GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
gobject_class->finalize = finalize;
/**
* NMSessionMonitor::changed:
* @monitor: A #NMSessionMonitor
*
* Emitted when something changes.
*/
signals[CHANGED] = g_signal_new (NM_SESSION_MONITOR_CHANGED,
NM_TYPE_SESSION_MONITOR,
G_SIGNAL_RUN_LAST,
0, NULL, NULL,
g_cclosure_marshal_VOID__VOID,
G_TYPE_NONE,
0);
}