Re: [PATCHES] Update elogind to 219.13

[ludo@gnu.org (Ludovic Courtès)]

Andy Wingo <wingo@igalia.com> skribis:

> 1. What is now possible
> -----------------------
>
> The attached patches update to the latest elogind, for which I just cut
> a new release.  The big change is that elogind can now map PIDs to
> sessions.  Elogind already keeps an idea of what sessions are "active".
> On the other hand, polkit can implicitly grant some permissions to
> "active" users.  This set of permissions is initially empty but it can
> be augmented by other services, like gnome-settings-daemon.  In the
> specific case of gnome-settings-daemon, gnome-settings-daemon ships an
> .action file that allows the active user to invoke a helper that can
> change the backlight of your screen.  For example:

Awesome!

> 2. How elogind maps PIDs to sessions
> ------------------------------------
>
> Systemd uses cgroups in two ways: one, to organize the tree of processes
> into users, slices, machines, sessions, and scopes; and two, to allow
> the user to balance resource usage between users, slices, etc.

Woow, thanks for the explanation and all.

systemd-logind already uses a cgroup like /sys/fs/cgroups/elogind,
right?

Anyway, that sounds great.  :-)

> 3. Caveats
> ----------
>
> Polkit 0.113 broke "pkexec" in the case where your desktop environment
> didn't already install a polkit authentication agent.
>
> The background is, it's usually graphical applications that want to do
> things on your behalf as root or some other user, and you might need to
> authenticate yourself or even authenticate as root to do the action.
> However it would be ~~~~~clownshoes pants-on-fire zaniness~~~~~~~ if
> apps popped up dialog boxes asking you to put in the root password.
> Probably those apps have security vulnerabilities, and it can be hard to
> know if you should trust the app with those credentials, or trust the
> app as root, or trust that the permissions it appears to be asking you
> for correspond with what it's actually going to do.  So desktop
> environments ship graphical authentication agents that are carefully
> coded to be able to use credentials in a very limited way: only to
> *answer* the polkit daemon's query that a user is authenticated.
>
> But in the absence of such an auth agent, it could be that pkexec has to
> install one on its own, to allow you to enter your password on the
> console.  It's setuid IPC madness but I have followed most of the code
> paths and I am OK with it.
>
> But, this fallback console agent is broken in 0.113:
> https://bugs.freedesktop.org/show_bug.cgi?id=90837.  So should polkit
> need to ask you for a password, it will take your password but then fail
> to authenticate.  I have a patch to fix it:
> http://thread.gmane.org/gmane.comp.gnu.guix.devel/16906 but probably
> something else will go upstream (check that bug).

Would it make sense to apply your patch until upstream has a better fix?
What are the risks?

> For the specific permissions about the backlight helper, you need
> http://thread.gmane.org/gmane.comp.gnu.guix.devel/16937.  Need to push
> that one along.

We’re getting there!

> Finally to actually have your backlight keys work, there is something
> still missing -- gnome-settings-daemon has to run and I don't have that
> fully working yet.  Perhaps some other brave soul will get on this :)

Heh.

> From f9911bdc3ff24999b5b961f299f4a3b4461c381c Mon Sep 17 00:00:00 2001
> From: Andy Wingo <wingo@igalia.com>
> Date: Wed, 2 Mar 2016 20:29:47 +0100
> Subject: [PATCH 1/2] gnu: system: Add elogind cgroup mount.
>
> * gnu/system/file-systems.scm (%elogind-file-systems): Add elogind
>   cgroup mount.
> ---
>  gnu/system/file-systems.scm | 11 ++++++++++-
>  1 file changed, 10 insertions(+), 1 deletion(-)
>
> diff --git a/gnu/system/file-systems.scm b/gnu/system/file-systems.scm
> index d93044c..0891ed2 100644
> --- a/gnu/system/file-systems.scm
> +++ b/gnu/system/file-systems.scm
> @@ -232,7 +232,16 @@ initrd code."
>            (check? #f)
>            (flags '(no-suid no-dev no-exec))
>            (options "mode=0755")
> -          (create-mount-point? #t))))
> +          (create-mount-point? #t))
> +        ;; Elogind uses cgroups to organize processes, not to control them.

“to organize processes, not to control them.  This allows it to find out
which session a process is in and so on.”

(So the future me remembers what this is all about.  ;-))

> From c4d97c9ea8f1ee48d847895e9b3ef974daa4fbdc Mon Sep 17 00:00:00 2001
> From: Andy Wingo <wingo@igalia.com>
> Date: Sun, 6 Mar 2016 19:00:29 +0100
> Subject: [PATCH 2/2] gnu: elogind: Update to 219.13.
>
> * gnu/packages/freedesktop.scm (elogind): Update to 219.13.  Remove
>   build fix that is no longer needed.  Update home page.

OK!

Thanks for the insightful explanations!

Ludo’.