Bug 653135 - RFE: vlock should be able to lock terminals when execute from a daemon
Summary: RFE: vlock should be able to lock terminals when execute from a daemon
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: vlock
Version: 6.0
Hardware: Unspecified
OS: Unspecified
low
medium
Target Milestone: rc
: ---
Assignee: Karel Zak
QA Contact: BaseOS QE - Apps
URL:
Whiteboard:
Depends On:
Blocks: 565939 641886
TreeView+ depends on / blocked
 
Reported: 2010-11-14 16:20 UTC by Gal Hammer
Modified: 2011-03-03 22:31 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-11-15 13:08:58 UTC
Target Upstream Version:
ghammer: needinfo+


Attachments (Terms of Use)

Description Gal Hammer 2010-11-14 16:20:23 UTC
In RHEV-M, when a user, using a SPICE client to connect to a guest, close the connection, the vdsm tells the guest agent to lock the machine. The RHEV-agent daemon tries to lock the machine by calling "/usr/bin/vlock -a" but the execution always fails.

It is possible to lock the virtual terminals this way?

Comment 2 Karel Zak 2010-11-15 11:06:59 UTC
(In reply to comment #0)
> In RHEV-M, when a user, using a SPICE client to connect to a guest, close the
> connection, the vdsm tells the guest agent to lock the machine. The RHEV-agent
> daemon tries to lock the machine by calling "/usr/bin/vlock -a" but the
> execution always fails.

What does it mean "execution fails"? (do you have any error message?)

> It is possible to lock the virtual terminals this way?

I think that "vlock -a"  makes sense on standard consoles (tty0 ... tty16) on machines where all consoles are accessible from the same physical place.

The "vlock -a" does not lock all consoles, it locks the *current console* and  controls switching between consoles (e.g. Alt-Fn keys). So after "vlock -a" you cannot use or leave the current console without a valid password. That's all.

Comment 3 Gal Hammer 2010-11-15 12:33:56 UTC
(In reply to comment #2)

> What does it mean "execution fails"? (do you have any error message?)

I'm using Python's subprocess.call. The function returns 1 when I execute vlock.

> The "vlock -a" does not lock all consoles, it locks the *current console* and 

I'm okay with this behavior. The problem is that I'm executing vlock as a daemon which doesn't have a *current console* to lock.

Comment 4 Karel Zak 2010-11-15 13:08:58 UTC
vlock opens /dev/tty, this special device is associated with the current process terminal. 

Yes, it probably does not makes sense to call vlock -a from any daemon if the daemon is outside the current session (terminal).

I have no clue how to fix your problem. Try to ask at tech-list.

Comment 5 Tomas Mraz 2010-11-15 13:38:05 UTC
IMO the most appropriate way for locking the consoles on a guest is to reserve one of the consoles for the vlock and in case of timeout switch into this console and run vlock -a in it.

Comment 6 Gal Hammer 2010-11-15 13:57:19 UTC
(In reply to comment #5)
> IMO the most appropriate way for locking the consoles on a guest is to reserve
> one of the consoles for the vlock and in case of timeout switch into this
> console and run vlock -a in it.

Thanks. I'll try it.


Note You need to log in before you can comment on or make changes to this bug.