Skip to content

util: Blacklist some session-specific variables

Iain Lane requested to merge wip/blacklist-session-specific-variables into master

Things like XDG_SESSION_ID should not be uploaded to the environment. For example this is broken currently:

  1. SSH to your machine
  2. Log in to GNOME Shell
  3. Log out
  4. Log in again
  5. Lock the screen
  6. Try to unlock

You can't, and this is because the XDG_SESSION_ID from the first session (step 2) has leaked through to the second one (step 4), and so GNOME Shell is listening to the logind UnlockSession signal for the wrong session. The SSH session established in step 1 serves to keep the systemd --user instance alive, so that the state is not torn down between logins.

This is just one example of something that is broken currently, but it's likely that other things will be too in more or less subtle ways than this one. The idea is that we should stop setting things in the environment that are specific to one session and this is inspired by an example from D-Bus upstream.

Merge request reports