Hey, I've implemented "native" shutdown fallback code on the BSDs (tested on FreeBSD, OpenBSD, DragonflyBSD). Current fallback code relies on Polkit, but when it is not available, the fallback code does not work and user can't shutdown/reboot/suspend/hibernate. On the BSD however, users of group operator can shutdown/reboot the systems, on FreeBSD/NetBSD/DragonFly users with write access to /dev/acpi can hibernate/suspend the system (typicall operators users), on OpenBSD users with /var/run/apmdev can suspend/hibernate. So I have added code to handle all of this. Here is the code: https://git.xfce.org/users/ali/xfce4-session/
Cool stuff ! Reading your diff, from what i understand, on BSD the code will first check - if the user is operator, if we're shutting down/rebooting - or the user has access to apmdev, which means the system has to run apmd, and the user is in wheel group (on OpenBSD apmdev is mode 660, root:wheel) - and if we're suspending/hibernating If those conditions are fullfilled, it will *first* use the 'native' methode (ie shutdown -p, shutdown -r, zzz, ZZZ), and *then* use polkit as a fallback ? i like this behaviour, i just want to make sure i understand it fully so that i can document it properly for users in https://github.com/openbsd/ports/blob/master/meta/xfce/pkg/README-main#L20 - if you run apmd and are in the wheel group, you can suspend/hibernate - if you are in operator group you can shutdown/reboot - as a fallback, you should install polkit, *and* have systemwide dbus daemon running will test your diff in the coming days in various situations so that i can confirm reality matches my understanding. Thanks !
Your understanding is correct, access to apmdev is checked on OpenBSD, on FreeBSD/Dragonfly the check is performed on /dev/acpi for suspend/hibernate. You need to have consolekit disabled in order to use the fallback code, the session works as follows on *BSD (after the patch) 1. Consolekit 2. Fallback 3. Polkit using xfsm-shutdown-helper (You need to have polkit rule for org.xfce.session.xfsm-shutdown-helper)
hmmm, so i think something is wrong somewhere: - i've built xfce4-session 4.13.1 with your commit ported on top - disabled consolekit (ie i just use startxfce4 from .xsession, usually i use ck-launch-session /usr/local/bin/startxfce4 ) - ck-list-sessions lists nothing - apmd is of course running, even if i'm on a desktop... - i'm in group operator & wheel and in the logout dialog i only have logout/reboot/halt, with the last two greyed out. Time for more debugging i guess..
setting XFSM_VERBOSE=1, it seems it tries to use a dbus method: TRACE[xfsm-manager.c:2298] xfsm_manager_dbus_can_shutdown(): entering TRACE[xfsm-manager.c:2343] xfsm_manager_dbus_can_restart(): entering TRACE[xfsm-manager.c:2390] xfsm_manager_dbus_can_suspend(): entering TRACE[xfsm-manager.c:2438] xfsm_manager_dbus_can_hibernate(): entering TRACE[xfsm-manager.c:2486] xfsm_manager_dbus_can_hybrid_sleep(): entering which i guess tries to fallback to polkit, instead of the new fallback code? or im reading it wrong.. the polkit rule for the shutdown helper is installed in /usr/local/share/polkit-1/actions/org.xfce.session.policy but i guess its not active by default as not in /etc/polkit-1 ?
Ah... i needed to kill the systemwide dbus daemon. If the systemwide daemon is running but ckit is not in use, i only have 3 buttons with reboot/halt greyed out, my guess is that an unexpected codepath is taken... If there's no systemwide dbus, all 6 buttons are present and active.. so it goes through the new fallback code. If i then kill apmd, all buttons are present, but the suspend/hibernate/hybrid sleep are inactive, as expected.
cc'ing olivier duchateau & youri mouton who iirc maintain the freebsd & netbsd xfce ports..
What do you mean by systemwide dbus? Careful that D-Bus auto-run consolekit when the session asks for a proxy on its name. You have to have consolekit completely removed, otherwise it gets activated by D-Bus.
systemwide dbus is the one run as root when the system boots (responsible for spawing upowerd, polkitd...), not the session one spawned with the user session and running as user. ckit was not auto spawned when i started the session with only 'startxfce4', but when being started by 'ck-launch-session startxfce4' or 'startxfce4 --with-ck-launch' - at least ck-list-sessions didnt show active consolekit sessions.
Yes, but you really don't have to disabled the systemwide dbus, it is enough to remove consolekit. The session logout code creates a proxy for consolekit when you open the dialog (using g_dbus_proxy_new). If consolekit is installed it gets activated, and it denies you from using the fallback code. I think the best way is to provide a compile flag to disable consolekit all (actually the session tries to communicate to logind first! Even on the BSD*), this should be optional as well.
Right, now i think i better understand why i only got 3 buttons with 2 disabled then.. A compile flag is an option, another one would be to only try talking to ckit upon logout if the session was already handled by ckit, ie started with ck-launch-session or --with-ck-launch ? That should be a 'state' the session is aware of, no ?
(In reply to Landry Breuil from comment #10) > Right, now i think i better understand why i only got 3 buttons with 2 > disabled then.. I have just tested the patch on a new openbsd 6.3 install, the fallback code works as expected! > > A compile flag is an option, another one would be to only try talking to > ckit upon logout if the session was already handled by ckit, ie started with > ck-launch-session or --with-ck-launch ? That should be a 'state' the session > is aware of, no ? I would prefer a compile flag, also probably specifying 'G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START' on the consolekit proxy creating should avoid auto-launching the daemon if it is not already running.
(In reply to Landry Breuil from comment #6) > cc'ing olivier duchateau & youri mouton who iirc maintain the freebsd & > netbsd xfce ports.. Also add Guido, as he's main maintainer of the Xfce ports on FreeBSD.
Fwiw i've been running with those commits on all my OpenBSD machines, removing the direct need for consolekit/polkit/systemwide dbus (you still need them if you run upowerd but that's a different matter..) - would be nice to have feedback from the other BSDs, but i'd like this to move forward/get commited for the next release :)
Sorry for the delay in replying. I would like tot test this but I don't have an XFCE 4.13 environment at present. I'd need some time to setup such an environment for building all required parts and create a virtual machine. I'll try to do this but am a little busy with day job and will require some time.
I will try these patches on FreeBSD this week-end.
I tried your patches, and it fails on FreeBSD. I can only close session (however without Xorg I can shutdown my machine). I'm member of operator, and ConsoleKit2 is not installed.
In fact, everything works fine (ConsoleKit2 was installed, so fallback mode was never enabled). I wonder, why you define MAX_USER_GROUPS, in BSD world there is sysconf(3) function and we can use current value of _SC_NGROUPS_MAX.
I noticed, when I use the fallback mode (without ConsoleKit), xfdesktop crashes, when I shutdown (or reboot) my machine. Not yet investiguate why, verbose mode gives nothing special.
ok, first i looked and tried hard to understand the existing xfce4-session 4.12 code flow without patches, here on OpenBSD, and those are my findings: - if : - messagebus/systemwide dbus is running - the session is launched within consolekit - polkit is running - but we're not in operator group in the logout dialog, all actions are available. - the shutdown code tries to go via consolekit_try_shutdown, but the default consolekit rules on OpenBSD (http://cvsweb.openbsd.org/cgi-bin/cvsweb/ports/sysutils/consolekit/files/10-openbsd-consolekit.rules?rev=1.2&content-type=text/x-cvsweb-markup) require operator group to shutdown, or would ask for auth - i dont have a polkit agent installed, so the ckit codepath fails, doesnt ask for a passwd (apparently, even with mate-polkit installed it fails) - the fallback code 'works' because the polkit rule installed by xfce4-session in polkit-1/actions/org.xfce.session.policy allows the active session (<allow_active>yes</allow_active>) to execute xfsm-shutdown-helper (via consolekit, which runs as root) so a regular user (not in the operator group) is allowed to shutdown/reboot. now, to look again at that new fallback code....
I've looked again at ali's branch, and i see that autospawning ckit (if installed but not launched, because messagebus doesnt run or the session hasnt been lauched within ckit) has been disabled by G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START in https://git.xfce.org/users/ali/xfce4-session/commit/?h=bsd-shutdown-fallback&id=b7fab5309f40979da56c29bc649f1d16e625a16c and that makes sense, as starting a ckit daemon from the session will only lead to issues, as a running session cannot be 'reparented' later on to a ckit launched after the session. so besides the nit on _SC_NGROUPS_MAX/MAX_USER_GROUPS (maybe using int new_grp = sysconf(_SC_NGROUPS_MAX) in https://git.xfce.org/users/ali/xfce4-session/tree/xfce4-session/xfsm-shutdown-fallback.c?h=bsd-shutdown-fallback#n210 and remove the #define), i think this should be merged so that its properly tested for 4.14. Otherwise that'll miss it... olivier, guido, more opinions ?
I've taken ali's work, rebased it on top of master, and fixed the MAX_USER_GROUPS thing in https://git.xfce.org/users/landry/xfce-session?h=bsd-shutdown-fallback-14722 - anyone feeling to test it more and merge ? simon, any particular opinion on the code itself ?
(In reply to Landry Breuil from comment #20) > I've looked again at ali's branch, and i see that autospawning ckit (if > installed but not launched, because messagebus doesnt run or the session > hasnt been lauched within ckit) has been disabled by > G_DBUS_PROXY_FLAGS_DO_NOT_AUTO_START in > https://git.xfce.org/users/ali/xfce4-session/commit/?h=bsd-shutdown- > fallback&id=b7fab5309f40979da56c29bc649f1d16e625a16c and that makes sense, > as starting a ckit daemon from the session will only lead to issues, as a > running session cannot be 'reparented' later on to a ckit launched after the > session. > > so besides the nit on _SC_NGROUPS_MAX/MAX_USER_GROUPS (maybe using int > new_grp = sysconf(_SC_NGROUPS_MAX) in > https://git.xfce.org/users/ali/xfce4-session/tree/xfce4-session/xfsm- > shutdown-fallback.c?h=bsd-shutdown-fallback#n210 and remove the #define), i > think this should be merged so that its properly tested for 4.14. Otherwise > that'll miss it... > > olivier, guido, more opinions ? I already use sysconf(_SC_NGROUPS_MAX) [1] (I think it's more BSD friendly). [1] https://app.assembla.com/spaces/xfce4/subversion/source/HEAD/tags/4.13/x11-wm/xfce4-session/files/patch-xfce4-session_xfsm-shutdown-fallback.c#ln100
Yeah, had integrated this in https://git.xfce.org/users/landry/xfce-session/commit/?h=bsd-shutdown-fallback-14722&id=83641d8486dac9bd2f4c2c22602c8e298daa83d3 and https://git.xfce.org/users/landry/xfce-session/commit/?h=bsd-shutdown-fallback-14722&id=7722f496bfa92ac7ffc48d3b075dc01148234ef2
Ali Abdallah referenced this bugreport in commit 1d56462b83cf320dff96d5b9ac3a767b019a0dd4 Added better shutdown fallback support for the BSDs (Bug #14722) https://git.xfce.org/xfce/xfce4-session/commit?id=1d56462b83cf320dff96d5b9ac3a767b019a0dd4
Landry Breuil referenced this bugreport in commit 207954303e3510aac0d51567f10cf1bd0b9f3fda Use sysconf(_SC_NGROUPS_MAX) instead of #defining an arbitrary MAX_USER_GROUPS (bug #14722) https://git.xfce.org/xfce/xfce4-session/commit?id=207954303e3510aac0d51567f10cf1bd0b9f3fda
Squashed the commits from my branch and merged them to master, thanks ali !
and closing ticket