:: Re: [DNG] libpam-xdg-support / libp…
Top Page
Delete this message
Reply to this message
Author: tilt!
Date:  
To: dng
Subject: Re: [DNG] libpam-xdg-support / libpam-systemd
Hi,

On 09/10/2015 10:01 PM, Roger Leigh wrote:
> On 10/09/2015 20:33, tilt! wrote:
>> [...]
>> Come to think of it, my choice of
>>
>> ${XDG_RUNTIME_DIR:-/tmp/run/$USER}
>>
>> is no good, because, just as an example, if $USER comes from an AD
>> domain or LDAP it might contain '\'; in the least, $USER had to
>> undergo some transformation (escaping?) to ensure that it's
>> filesystem-safe.
>>
>> [...]
>
> You can always use the uid instead of the name? One saving grace of
> this facility is that since it's entirely defined by XDG_RUNTIME_DIR,
> you can construct the path however you see fit.
> [...]


As an example for an implementation, systemd (seen in [1]),
uses the user ID:

    asprintf(&p, "/run/systemd/users/"UID_FMT, pw->pw_uid)


where UID_FMT is conditionally defined to be "%" PRIu32 or
"%" PRIu16 in "formats-util.h".

This is hardcoded in PAM_EXTERN pam_sm_open_session(), not
accessible for outside programs individually, and can not
easily be modified.

I think we should offer a configuration mechanism, supply
reasonable defaults and document it:

#1 A "prefix" for XDG_RUNTIME_DIR, meaning the directory where
    runtime directories are created; this definition is missing
    in [2], so we have to introduce it.


    In the systemd example above this was:


       XDG_RUNTIME_PREFIX="/run/systemd/users"


    It could also be something like this:


       XDG_RUNTIME_PREFIX="/tmp/xdg-runtime/user"


    I have no preference, except on a systemd-free system i would
    not expect the directory name to contain the string "systemd".


    This definition could go to "/etc/xdg/runtime-prefix.default"


#2 A procedure that, if called with no arguments, considers
    the setting of #1 and returns a value for XDG_RUNTIME_DIR
    for the current user:


       . /etc/xdg/runtime-prefix.default


       xdg_runtime_dir_default() {
          echo "$XDG_RUNTIME_PREFIX/$(/usr/bin/id -ru)"
       }


    This code could go to "/etc/xdg/runtime-dir-default.sh".


#3 An integration in the X session that applies these settings:

       . /etc/xdg/runtime-dir-default.sh


       export XDG_RUNTIME_DIR="$(xdg_runtime_dir_default)"


    This code could go to "/etc/X11/Xsession.d/61xdg-runtime-dir".


Site-maintainers then had the possibility to redefine the runtime
directory prefix by modifying #1, to redefine the determination of
a specific runtime directory by modifying #2 and, at least in the
context of X sessions, to apply a completely individual mechanism
by modifying #3.

Unaddressed remained the deletion of $XDG_RUNTIME_DIR when a user
has "fully logged out" as mandated by [2].

Kind regards,
T.

Links:

[1] github.com, systemd v226, pam_systemd.c, line 269.
URL:
https://github.com/systemd/systemd/blob/v226/src/login/pam_systemd.c#L269

[2] freedesktop.org. XDG Base Directory Specification.
URL: http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html