[Pkg-utopia-maintainers] Bug#1076728: elogind: privileged operation with polkit fails

Mark Hindley mark at hindley.org.uk
Wed Dec 18 10:10:03 GMT 2024 

[ Dropping xfce4 CC ]

Andrew,

On Tue, Dec 17, 2024 at 07:52:10PM +0000, Simon McVittie wrote:
> On Tue, 17 Dec 2024 at 19:15:26 +0000, Andrew Bower wrote:
> > It looks like the agent (the legacy gnome one) fails to start when
> > launched by the DE, as does lxagent if substituted:
> > 
> >   Unable to determine the session we are in: No session for pid 24111
> 
> This could be an elogind problem. It indicates that
> polkit_unix_session_new_for_process_sync() is failing with that error.
> 
> "No session for pid %d" probably means that
> polkit_unix_session_initable_init() in src:policykit-1
> src/polkit/polkitunixsession-systemd.c is failing, which probably means
> that:
> 
> 1. sd_pid_get_session() was not able to associate pid 24111 with a login
>    session; and
> 2. either sd_pid_get_owner_uid() failed to determine the uid of pid 24111,
>    or sd_uid_get_display() was unable to find a graphical session for
>    that uid
> 
> Those are libsystemd functions that communicate with systemd-logind,
> or with elogind on elogind systems, so they seem like something that
> would be valuable for elogind maintainers to investigate.

I don't immediately see significant differences between systemd's and elogind's
cg_pid_get_session() or cg_pid_get_owner_uid(); sd_uid_get_display() is handled
solely within libsystemd0.

Can you please check the runtime data?

How is /sys/fs/cgroup mounted?

test at DebianUnstable:~$ mount|grep cgroup
cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate)

test at DebianUnstable:~$ loginctl
SESSION  UID USER    SEAT  TTY STATE   IDLE SINCE
      1 1000 test    seat0 -   closing no   -    
      3 1000 test    seat0 -   active  no   -    
     c1  105 lightdm seat0 -   closing no   -    
     c2  105 lightdm seat0 -   closing no   -    

4 sessions listed.

Take the active user session.

test at DebianUnstable:~$ cat /run/systemd/sessions/3
# This is private data. Do not parse.
UID=1000
USER=test
ACTIVE=1
IS_DISPLAY=1
STATE=active
REMOTE=0
TYPE=x11
ORIGINAL_TYPE=x11
CLASS=user
FIFO=/run/systemd/sessions/3.ref
SEAT=seat0
DISPLAY=:0
SERVICE=lightdm
DESKTOP=xfce
VTNR=7
LEADER=2063
AUDIT=3
REALTIME=1734375305872153
MONOTONIC=4650196364

Verify the DISPLAY matches

test at DebianUnstable:~$ echo $DISPLAY
:0.0

Take the LEADER pid.

test at DebianUnstable:~$ cat /proc/2063/cgroup 
0::/user.slice/user-1000.slice/session-3.scope

Verify that path exists beneath /sys/fs/cgroup

test at DebianUnstable:~$ ls -l /sys/fs/cgroup/user.slice/user-1000.slice/session-3.scope/
total 0
-r--r--r-- 1 root root 0 Dec 18 09:35 cgroup.controllers
-r--r--r-- 1 root root 0 Dec 18 09:35 cgroup.events
-rw-r--r-- 1 root root 0 Dec 18 09:35 cgroup.max.depth
-rw-r--r-- 1 root root 0 Dec 18 09:35 cgroup.max.descendants
-rw-r--r-- 1 root root 0 Dec 18 09:35 cgroup.procs
-r--r--r-- 1 root root 0 Dec 18 09:35 cgroup.stat
-rw-r--r-- 1 root root 0 Dec 18 09:35 cgroup.subtree_control
-rw-r--r-- 1 root root 0 Dec 18 09:35 cgroup.threads
-rw-r--r-- 1 root root 0 Dec 18 09:35 cgroup.type
-r--r--r-- 1 root root 0 Dec 18 09:35 cpu.stat

If none of this shows any significant discrepancy, I think you will need to build elogind
with debugging. Having downloaded the source, add

 -Ddebug-extra=elogind

to CONFFLAGS in debian/rules and then build.

Thanks.

Mark

More information about the Pkg-utopia-maintainers mailing list