[547] in athena10
GNOME and session isolation
daemon@ATHENA.MIT.EDU (ghudson@MIT.EDU)
Fri Sep 26 13:20:48 2008
Date: Fri, 26 Sep 2008 13:20:02 -0400 (EDT)
From: ghudson@MIT.EDU
Message-Id: <200809261720.m8QHK2as026059@outgoing.mit.edu>
To: athena10@mit.edu
In Athena 9.4 we have some local code changes to isolate login
sessions from one another with regard to GNOME components. They
affect ORBit2, ORBit, GConf2, and GConf, and use the
ATHENA_SESSION_TMPDIR environment variable.
The primary purpose of these changes is to avoid reusing a gconfd or a
Bonobo component (such as an Evolution data component) from another
login session which might have different (i.e. expired or destroyed)
AFS credentials. Part of the reason we needed to address this bug was
processes being left behind after a logout (which we also addressed
with dustbuster, but that was an incremental process); another reason
is that you might log into a machine via ssh with X forwarding, run a
GNOME process, and then have that login session interfere with an
xlogin session later on.
The upstream GNOME source trees for ORBit2 and GConf2 now have support
for environment variables ORBIT_SOCKETDIR and GCONF_TMPDIR.
Unfortunately, the versions in Ubuntu Hardy do not have that code, or
we would be able to solve this problem by simply setting some
environment variables in /etc/X11/Xsession.d/98debathena-xsession.
In Athena 10 this is not really an issue for cluster machines.
Leftover processes will be reliably killed by the login chroot code,
and people don't ssh into cluster machines if we can help it.
There is some value in solving the problem for private workstations.
However, making code changes to native software will never be a 100%
clean process; I think it is not worthwhile in this case. I will
modify the project plan to note that we are desupporting this feature
until it becomes implementable through scripting in a future version
of the base OS.
