From Fedora Project Wiki

Revision as of 15:54, 17 November 2011 by Rbergero (talk | contribs) (Moved to FeatureAcceptedF17 - feature was accepted at 2011-11-14 meeting.)

ConsoleKit Removal/Automatic Multi-Seat Support

Summary

A grab-bag of little cleanups and improvements all related to session and seat handling.

Owner

Current status

  • Targeted release: Fedora 17
  • Last updated: 2011-07-27
  • Percentage of completion: 75%

Logic is now in rawhide (in systemd 30), patches for some subsystems (X11, accountsservice) ready. These patches have been put into F16 packages. The necessary gdm [patches] are still in testing.

Detailed Description

  • Automatic multi-seat support
  • Make systemd available in the session
  • Removal of XDG_SESSION_COOKIE and its security problems, emphasis on audit loginuid and cgroup names instead
  • On-Demand starting of VT gettys
  • Covering all of getty, SSH and X11 sessions
  • Make session exit of pam_systemd more robust
  • Introduce D-Bus user bus
  • allow systemd user services to be run outside of a session, for selected users, a la cron with cron.allow

When we reach the point where ConsoleKit is actually dropped, additionally

  • Simplify our stack by removing CK
  • Fix the 63 threads CK VT watching issue

This feature introduces a new systemd daemon, systemd-logind, which takes over a lot of the logic of pam_systemd (which is reduced to a small stub that is a lot more robust) as well as ConsoleKit and udev-acl. systemd-logind can be configured in systemd-logind.conf and controlled via systemd-loginctl.

Benefit to Fedora

Things become safer, cleaner and smaller. We add automatic multi-seat support. We can optionally start user services outside of a login (i.e. a user Rygel on boot without having the user to log in).

Scope

Precise scope outlined in:

https://docs.google.com/document/pub?id=1_ev4f0gwBuvs6SH_N8fN5LO4LV3sbwtJsLq52F_wwpU

systemd needs to be updated to version 30 or newer.

To get working automatic multiseat support, we need to patch X, accountsservice and gdm.

To complete the removal of ConsoleKit, a larger set of packages need to be touched.

Packages that currently require ConsoleKit:

  • libfprint
  • polkit
  • accountsservice (DONE)
  • gdm

Packages that are using the ConsoleKit api at runtime:

  • gnome-session
  • gnome-power-manager
  • gnome-packagekit
  • gnome-settings-daemon
  • control-center
  • gnome-screensaver
  • nautilus
  • udisks
  • NetworkManager

How To Test

  • Test Multi-Seat support (ideally with hardware from plugable): plug in plugable hw and you should instantly get a new gdm display on the seat
  • You should have 6 gettys on tty1-6
  • To test ConsoleKit removal, inspect that manifest of the desktop spin and

verify that it does not include ConsoleKit.

User Experience

Plugging in certain multi-seat hw should just work: i.e. make a gdm appear on it.

Dependencies

We need smaller changes in: X11, gdm, CK, udev, dbus, plymouth, PK, NM, accountsservice

For details see https://docs.google.com/document/pub?id=1_ev4f0gwBuvs6SH_N8fN5LO4LV3sbwtJsLq52F_wwpU

Contingency Plan

Until the 'ckremoval' part of this feature is complete, ConsoleKit will continue to be available simultaneously as the new logic. The multiseat part of this feature can be used even if ConsoleKit has not been completely removed.

If the multiseat part of this feature does not get completed, we can just disable the systemd specific login manager again and things should work as previously.

Documentation

For details see https://docs.google.com/document/pub?id=1_ev4f0gwBuvs6SH_N8fN5LO4LV3sbwtJsLq52F_wwpU

Release Notes

Fedora 17 is using systemd as a login manager. For details, see systemd-logind.conf(5) and systemd-loginctl(1). This provides automatic multi-seat support. The login manager part of systemd supersedes ConsoleKit functionality.

[if ckremoval is complete] ConsoleKit is no longer installed by default.

[if ckremoval is not complete] ConsoleKit is still available to support parts of the system that have not been ported to the new systemd APIs.

Comments and Discussion