[gcr/wip/dueno/ssh-agent: 1/2] gcr-ssh-agent: wire up systemd activation
- From: Daiki Ueno <dueno src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [gcr/wip/dueno/ssh-agent: 1/2] gcr-ssh-agent: wire up systemd activation
- Date: Fri, 12 Feb 2021 07:26:03 +0000 (UTC)
commit 9ba29b19f4aa0e57a917fd2588781704e4dd6e36
Author: Daiki Ueno <dueno src gnome org>
Date: Thu Feb 11 18:32:56 2021 +0100
gcr-ssh-agent: wire up systemd activation
gcr/gcr-ssh-agent-service.c | 70 ++++++++++++++++++++++++++++++++------------
gcr/gcr-ssh-agent.service.in | 14 +++++++++
gcr/gcr-ssh-agent.socket | 11 +++++++
gcr/meson.build | 17 +++++++++--
meson.build | 11 +++++++
meson_options.txt | 5 ++++
6 files changed, 108 insertions(+), 20 deletions(-)
---
diff --git a/gcr/gcr-ssh-agent-service.c b/gcr/gcr-ssh-agent-service.c
index d677726..ad89440 100644
--- a/gcr/gcr-ssh-agent-service.c
+++ b/gcr/gcr-ssh-agent-service.c
@@ -39,6 +39,10 @@
#include <glib/gstdio.h>
#include <gcr/gcr-base.h>
+#ifdef WITH_SYSTEMD
+#include <systemd/sd-daemon.h>
+#endif
+
#include <glib/gi18n-lib.h>
EGG_SECURE_DECLARE (ssh_agent);
@@ -370,27 +374,57 @@ on_closed (GcrSshAgentProcess *process,
gboolean
gcr_ssh_agent_service_start (GcrSshAgentService *self)
{
- gchar *path;
- GError *error;
+ GError *error = NULL;
- path = g_strdup_printf ("%s/ssh", self->path);
- g_unlink (path);
- self->address = g_unix_socket_address_new (path);
- g_free (path);
+#if WITH_SYSTEMD
+ int ret;
- error = NULL;
- if (!g_socket_listener_add_address (self->listener,
- self->address,
- G_SOCKET_TYPE_STREAM,
- G_SOCKET_PROTOCOL_DEFAULT,
- NULL,
- NULL,
- &error)) {
- g_warning ("couldn't listen on %s: %s",
- g_unix_socket_address_get_path (G_UNIX_SOCKET_ADDRESS (self->address)),
- error->message);
- g_error_free (error);
+ ret = sd_listen_fds (0);
+ if (ret > 1) {
+ g_warning ("too many file descriptors received");
return FALSE;
+ } else if (ret == 1) {
+ GSocket *socket;
+
+ socket = g_socket_new_from_fd (SD_LISTEN_FDS_START + 0, &error);
+ if (!socket) {
+ g_warning ("couldn't create a socket: %s", error->message);
+ g_error_free (error);
+ return FALSE;
+ }
+ if (!g_socket_listener_add_socket (self->listener,
+ socket,
+ G_OBJECT (self),
+ &error)) {
+ g_warning ("couldn't bind socket on %d: %s",
+ g_socket_get_fd (socket),
+ error->message);
+ g_object_unref (socket);
+ g_error_free (error);
+ return FALSE;
+ }
+ } else
+#endif
+ {
+ gchar *path;
+ path = g_strdup_printf ("%s/ssh", self->path);
+ g_unlink (path);
+ self->address = g_unix_socket_address_new (path);
+ g_free (path);
+
+ if (!g_socket_listener_add_address (self->listener,
+ self->address,
+ G_SOCKET_TYPE_STREAM,
+ G_SOCKET_PROTOCOL_DEFAULT,
+ NULL,
+ NULL,
+ &error)) {
+ g_warning ("couldn't listen on %s: %s",
+ g_unix_socket_address_get_path (G_UNIX_SOCKET_ADDRESS (self->address)),
+ error->message);
+ g_error_free (error);
+ return FALSE;
+ }
}
g_signal_connect (self->listener, "run", G_CALLBACK (on_run), self);
diff --git a/gcr/gcr-ssh-agent.service.in b/gcr/gcr-ssh-agent.service.in
new file mode 100644
index 0000000..b2a9819
--- /dev/null
+++ b/gcr/gcr-ssh-agent.service.in
@@ -0,0 +1,14 @@
+[Unit]
+Description=ssh-agent wrapper
+
+Requires=gcr-ssh-agent.socket
+
+[Service]
+Type=simple
+StandardError=journal
+ExecStart=@libexecdir@/gcr-ssh-agent %t/gcr
+Restart=on-failure
+
+[Install]
+Also=gcr-ssh-agent.socket
+WantedBy=default.target
diff --git a/gcr/gcr-ssh-agent.socket b/gcr/gcr-ssh-agent.socket
new file mode 100644
index 0000000..31a3d4c
--- /dev/null
+++ b/gcr/gcr-ssh-agent.socket
@@ -0,0 +1,11 @@
+[Unit]
+Description=p11-kit server
+
+[Socket]
+Priority=6
+Backlog=5
+ListenStream=%t/p11-kit/pkcs11
+SocketMode=0600
+
+[Install]
+WantedBy=sockets.target
diff --git a/gcr/meson.build b/gcr/meson.build
index 87923f3..7a3b69a 100644
--- a/gcr/meson.build
+++ b/gcr/meson.build
@@ -250,7 +250,7 @@ if get_option('ssh_agent')
gcr_ssh_agent = executable('gcr-ssh-agent',
gcr_ssh_agent_lib_sources + [ 'gcr-ssh-agent.c' ],
- dependencies: [ gcr_base_deps, gcr_base_dep, libsecret_dep ],
+ dependencies: [ gcr_base_deps, gcr_base_dep, libsecret_dep, libsystemd_deps ],
c_args: [
'-DGCR_COMPILATION',
'-DGCR_API_SUBJECT_TO_CHANGE',
@@ -260,6 +260,19 @@ if get_option('ssh_agent')
install_dir: get_option('libexecdir'),
)
+ if with_systemd
+ configure_file(
+ input: 'gcr-ssh-agent.service.in',
+ output: '@BASENAME@',
+ configuration: {
+ 'libexecdir': gcr_prefix / get_option('libexecdir'),
+ },
+ install_dir: systemduserunitdir,
+ )
+ install_data('gcr-ssh-agent.socket',
+ install_dir: systemduserunitdir)
+ endif
+
gcr_ssh_agent_test_cflags = [
'-DSRCDIR="@0@"'.format(source_root),
'-D_GCR_TEST_SSH_ASKPASS_PATH="@0@"'.format(gcr_ssh_askpass.full_path()),
@@ -267,7 +280,7 @@ if get_option('ssh_agent')
gcr_ssh_agent_test_lib = static_library('gcr-ssh-agent-test',
sources: gcr_ssh_agent_lib_sources + [ 'gcr-ssh-agent-test.c' ],
- dependencies: [ gcr_base_deps, gcr_base_dep, libsecret_dep ],
+ dependencies: [ gcr_base_deps, gcr_base_dep, libsecret_dep, libsystemd_deps ],
c_args: [
'-DGCR_COMPILATION',
'-DGCR_API_SUBJECT_TO_CHANGE',
diff --git a/meson.build b/meson.build
index 98b8f35..fa0e3a0 100644
--- a/meson.build
+++ b/meson.build
@@ -55,6 +55,16 @@ libsecret_dep = dependency('libsecret-1', version: '>= 0.20', required: get_opti
ssh_add_path = find_program('ssh-add', required: get_option('ssh_agent')).path()
ssh_agent_path = find_program('ssh-agent', required: get_option('ssh_agent')).path()
+with_systemd = false
+libsystemd_deps = []
+libsystemd = dependency('libsystemd', required: get_option('systemd'))
+systemd = dependency('systemd', required: get_option('systemd'))
+if libsystemd.found() and systemd.found()
+ systemduserunitdir = systemd.get_pkgconfig_variable('systemduserunitdir')
+ libsystemd_deps += libsystemd
+ with_systemd = true
+endif
+
if get_option('gtk')
gtk_min_version = '3.22'
gtk_dep = dependency('gtk+-3.0', version: '>=' + gtk_min_version)
@@ -74,6 +84,7 @@ conf.set_quoted('GPG_EXECUTABLE', gpg_path)
conf.set_quoted('LIBGCRYPT_VERSION', libgcrypt_dep.version())
conf.set_quoted('SSH_ADD_EXECUTABLE', ssh_add_path)
conf.set_quoted('SSH_AGENT_EXECUTABLE', ssh_agent_path)
+conf.set10('WITH_SYSTEMD', with_systemd)
config_file = configure_file(
output: 'config.h',
configuration: conf,
diff --git a/meson_options.txt b/meson_options.txt
index 17683d9..f96a47c 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -23,3 +23,8 @@ option('ssh_agent',
value: true,
description: 'Build ssh-agent binary',
)
+option('systemd',
+ type: 'feature',
+ value: 'auto',
+ description: 'Use systemd socket activation for server programs'
+)
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]