obel1x/fedora-OEMDRV
0
0
Fork 1
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

kwallet: proper session lifecycle + chrony/desktop fixes #32

Merged
obel1x merged 6 commits from unbrot/fedora-OEMDRV:main into main 2026-05-11 13:19:21 +02:00
Conversation 0 Commits 6 Files Changed 3
+16 -1
unbrot commented 2026-05-11 13:01:28 +02:00
Contributor
Copy Link
Copy Source

Summary

  • kwallet/user_run.sh: switch kwalletd6-logon from --scope to a transient service; stop any leftover unit from previous session before starting new one; treat exit code 1 (Wayland disconnect on logout) as success via SuccessExitStatus=1
  • kwallet/install.sh: add sudoers rule for bind-mount umount; remove race-prone systemctl stop call that caused ExecStop to unmount the freshly remounted wallet on second login
  • kwallet: drop ExecStop entirely — install.sh already handles umount/remount each login, and the ExecStop approach introduced an unavoidable race condition between concurrent login/logout
  • 0040_autostart_logon_script: remove executable bit from .desktop file (systemd-xdg-autostart-generator warning)
  • sync_client_software: remove Anaconda-added server _gateway iburst from chrony.conf — _gateway is unresolvable at chronyd startup; DHCP-sourced NTP via sourcedir /run/chrony-dhcp already covers NTP discovery

Test plan

  • Login, logout, re-login: wallet mounts correctly on both sessions
  • kwalletd6-logon.service starts cleanly on each login (no unit-name conflict)
  • No chronyd: Invalid host _gateway warning in journal after first login
  • No executable-bit warning for logon_script.sh.desktop in journal

🤖 Generated with Claude Code

## Summary - `kwallet/user_run.sh`: switch kwalletd6-logon from `--scope` to a transient service; stop any leftover unit from previous session before starting new one; treat exit code 1 (Wayland disconnect on logout) as success via `SuccessExitStatus=1` - `kwallet/install.sh`: add sudoers rule for bind-mount umount; remove race-prone `systemctl stop` call that caused ExecStop to unmount the freshly remounted wallet on second login - `kwallet`: drop ExecStop entirely — install.sh already handles umount/remount each login, and the ExecStop approach introduced an unavoidable race condition between concurrent login/logout - `0040_autostart_logon_script`: remove executable bit from `.desktop` file (systemd-xdg-autostart-generator warning) - `sync_client_software`: remove Anaconda-added `server _gateway iburst` from chrony.conf — `_gateway` is unresolvable at chronyd startup; DHCP-sourced NTP via `sourcedir /run/chrony-dhcp` already covers NTP discovery ## Test plan - [ ] Login, logout, re-login: wallet mounts correctly on both sessions - [ ] `kwalletd6-logon.service` starts cleanly on each login (no unit-name conflict) - [ ] No `chronyd: Invalid host _gateway` warning in journal after first login - [ ] No executable-bit warning for `logon_script.sh.desktop` in journal 🤖 Generated with [Claude Code](https://claude.com/claude-code)
unbrot added 6 commits 2026-05-11 13:01:29 +02:00
kwallet: unmount bind mount cleanly on session logout 3429ffa48f 
Switch kwalletd6-logon from --scope to a transient service with
RemainAfterExit=yes (kwalletd6 forks to background, so the service
must stay active after the main process exits). ExecStop runs
'sudo umount -l' to detach the wallet bind mount before gocryptfs
unmounts ~/data (Before=gocryptfs-home.service ordering).

install.sh adds a per-user sudoers drop-in so the user service
can call umount as root without a password.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
kwallet: treat exit code 1 as success in kwalletd6-logon.service 5b13ea7372 
kwalletd6 exits with code 1 when the Wayland compositor shuts down
during logout. Without SuccessExitStatus=1, the service is marked
failed and ExecStop (the bind mount umount) never runs. Treating
exit code 1 as success keeps the service in active-exited state so
systemd fires ExecStop cleanly on session end.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
kwallet: stop kwalletd6-logon.service before remounting wallet b32cc96ca0 
ExecStop (umount) fires asynchronously ~26s after logout, by which
time a second login's install.sh has already remounted the wallet.
ExecStop then unmounts the fresh mount, leaving kwalletd6 without
the wallet directory.

Fix: stop kwalletd6-logon.service at the top of install.sh so its
ExecStop fires and drains before the remount, eliminating the race.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
kwallet: remove ExecStop, stop old unit in user_run.sh instead 5e0f268962 
ExecStop on the user service caused an unmount race: it fired
asynchronously after logout while the next login's install.sh had
already remounted the wallet, then unmounted it again leaving
kwalletd6 without its wallet directory.

install.sh already handles umount/remount at login start, so no
ExecStop is needed. On gocryptfs systems the wallet becomes
inaccessible at logout naturally when ~/data is unmounted.

user_run.sh now explicitly stops any leftover kwalletd6-logon unit
from a previous session before creating a new one, avoiding the
systemd-run unit-name-conflict failure.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
0040_autostart_logon_script: remove executable bit from .desktop file 01b39e892f 
systemd-xdg-autostart-generator warns that .desktop files with
execute permissions set are invalid. .desktop files should not be
executable.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
sync_client_software: remove unresolvable _gateway NTP entry from chrony.conf ac85c665a8 
Anaconda adds 'server _gateway iburst' as a fallback NTP source when
no NTP servers are specified in the kickstart. chronyd cannot resolve
the special hostname '_gateway' at startup, logging an error each boot.
The sourcedir /run/chrony-dhcp directive already handles DHCP-provided
NTP servers, making the _gateway line redundant.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
obel1x merged commit f705722e6d into main 2026-05-11 13:19:21 +02:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
obel1x (Daniel Pätzold)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: obel1x/fedora-OEMDRV#32
Delete Branch "unbrot/fedora-OEMDRV:main"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?