Bug 701704

Summary:	doesn't clear the screen on logout
Product:	[Fedora] Fedora	Reporter:	Bill Nottingham <notting>
Component:	systemd	Assignee:	Lennart Poettering <lpoetter>
Status:	CLOSED RAWHIDE	QA Contact:	Fedora Extras Quality Assurance <extras-qa>
Severity:	unspecified	Docs Contact:
Priority:	unspecified
Version:	15	CC:	jlaska, johannbg, kzak, lpoetter, metherid, mschmidt, notting, plautrba, rhel, rvokal, tflink
Target Milestone:	---
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:	RejectedNTH
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2011-07-14 12:57:48 UTC	Type:	---
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Bill Nottingham 2011-05-03 15:53:03 UTC

Description of problem:

Historically (since the dawn of time, or shortly thereafter) we've cleared the screen before login. This was (more or less) due to the use of mingetty, which did this by default.

With systemd, we've switched to using agetty, which does not do this by default. This is a behavior change, and should at a minimum be documented.

However, it may be simplest to just restore the previous behavior. Options include:

1) patch agetty to clear the screen by default, and support an option to not clear the screen

Pros: clean interface
Cons: requires patching and adding a agetty option

2) patch getty@.service to call agetty like so:

ExecStart=-/sbin/agetty %I -I '\033[2J\033[f' 38400

Pros: works now
Cons: that's gross

3) patch /etc/skel to drop a .bash_logout with 'clear' in it everywhere

Pros: simple
Cons: doesn't catch existing users, or users of other shells

4) ... ?

Version-Release number of selected component (if applicable):

systemd-25-1.fc15.x86_64
util-linux-2.19-4.fc15.x86_64

How reproducible:

100%

Steps to Reproduce:
1. Logout
  
Actual results:

New getty appears below

Expected results:

New getty appears on cleared screen

Comment 1 James Laska 2011-05-03 15:59:41 UTC

At the suggestion from notting, I tested option#2 and option#3, both obviously worked.

This feels like it has security implications since a user can view another users session output.  I'm not aware of any 15 Final release criteria this would impact, but it seems like something we'd really want to resolve.  Perhaps NTH might be a better fit.  Either way, I think this should land in F15.

Comment 2 James Laska 2011-05-03 16:08:49 UTC

(In reply to comment #1)
> At the suggestion from notting, I tested option#2 and option#3, both obviously
> worked.
> 
> This feels like it has security implications since a user can view another
> users session output.  I'm not aware of any 15 Final release criteria this
> would impact, but it seems like something we'd really want to resolve.  Perhaps
> NTH might be a better fit.  Either way, I think this should land in F15.

After some discussion w/ notting, I'm moving this to a proposed nice-to-have (NTH) fix for F15.  We've confirmed that neither mingetty nor agetty inhibit the virtual console's native scrollback ability.  So, prior to Fedora 15, assuming the clearback buffer wasn't purged, a user could <Shift>PgUp and scroll to view a previous logged in user's session info.  This doesn't appear to be a change in behavior.

However, having the session data still present on the screen seems like something people will notice, and seems worth discussing if a simple fix is available.

Comment 3 Karel Zak 2011-05-04 06:59:20 UTC

The util-linux upstream goal is to merge mingetty features into agetty. My guess is that the new features will be available in Fedora-16.

http://thread.gmane.org/gmane.linux.utilities.util-linux-ng/3929/focus=4015

Comment 4 Bill Nottingham 2011-05-04 18:17:40 UTC

Should we move this to util-linux, then, and document it (and potential workaround #2) in the release notes?

Comment 5 James Laska 2011-05-04 19:33:52 UTC

(In reply to comment #4)
> Should we move this to util-linux, then, and document it (and potential
> workaround #2) in the release notes?

Definitely seems worthy of some documentation for F15.  Since the mingetty -> agetty change is intentional, I agree that release notes is a good fit.

Comment 6 Tim Flink 2011-05-06 20:08:19 UTC

Discussed in the 2011-05-06 blocker review meeting. Rejected as NTH because it appears as if all parties agree that a fix in the F15 isn't practical but the change needs to be documented.

If a tested fix becomes available, it can be re-proposed as NTH.

Comment 7 Lennart Poettering 2011-05-11 14:45:34 UTC

So, I think this is actually fixable properly. We probably could teach systemd to deallocate a VT before invoking getty on it. The deallocation step should release the scrollback buffer completely (at least I hope, haven't tried it, but I'd bet on it).

We wanted to add support for vhangup() on the ttys anyway, in order to ensure that the processes we start are guaranteed to be the only ones accessing it. Adding an option to flush the VT scrollback buffer should be relatively easy and could be exposed via the same (or similar) configuration options.

So I am all for fixing this in systemd, rather then agetty, since whatever process we start we probably want to offer the same vhangup/screen clear options.

Comment 8 Lennart Poettering 2011-05-25 19:12:20 UTC

This is not fixed properly in systemd git. With a suitably new kernel we will now issue an escape sequence that clears the scrollback buffer when getty is run.

Comment 9 Bill Nottingham 2011-05-25 19:34:44 UTC

s/not/now/, obviously.

http://cgit.freedesktop.org/systemd/commit/?id=b83bc4e9cce2ba46371e75fe0f83af32060f0ae3

Comment 10 Lennart Poettering 2011-07-14 12:57:48 UTC

This is now in Rawhide.