diff --git a/CLAUDE.md b/CLAUDE.md index b693b5d..1a20bbb 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -40,12 +40,12 @@ cd pkg && makepkg -sf && sudo pacman -U moongreet-git--x86_64.pkg.tar.z - `ipc.rs` — greetd Socket-Kommunikation (4-byte LE header + JSON) - `users.rs` — Benutzer aus /etc/passwd, Avatare (AccountsService + ~/.face), Symlink-Rejection - `sessions.rs` — Wayland/X11 Sessions aus .desktop Files -- `power.rs` — Reboot/Shutdown via loginctl +- `power.rs` — Reboot/Shutdown via systemctl (`--no-ask-password`) - `i18n.rs` — Locale-Erkennung (LANG / /etc/locale.conf) und String-Tabellen (DE/EN), alle UI- und Login-Fehlermeldungen - `fingerprint.rs` — fprintd D-Bus Probe (gio::DBusProxy) — Geräteerkennung und Enrollment-Check für UI-Feedback - `config.rs` — TOML-Config ([appearance] background, gtk-theme, fingerprint-enabled) + Wallpaper-Fallback + Blur-Validierung (finite, clamp 0–200) - `greeter.rs` — GTK4 UI (Overlay-Layout), Login-Flow via greetd IPC (Multi-Stage-Auth für fprintd), Faillock-Warnung, Avatar-Cache, Last-User/Last-Session Persistence (0o700 Dirs, 0o600 Files) -- `main.rs` — Entry Point, GTK App, Layer Shell Setup, Multi-Monitor mit Hotplug via `items-changed` auf Monitor-ListModel (one greeter window per monitor, first gets keyboard), systemd-journal-logger +- `main.rs` — Entry Point, GTK App, Layer Shell Setup, ein Greeter-Fenster auf dem fokussierten Output (kein `set_monitor`), `KeyboardMode::Exclusive`, systemd-journal-logger - `resources/style.css` — Catppuccin-inspiriertes Theme ## Design Decisions diff --git a/Cargo.lock b/Cargo.lock index 4df5c03..1dbc5c1 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -575,7 +575,7 @@ dependencies = [ [[package]] name = "moongreet" -version = "0.8.6" +version = "0.8.7" dependencies = [ "gdk-pixbuf", "gdk4", diff --git a/Cargo.toml b/Cargo.toml index d85a828..0b8b367 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "moongreet" -version = "0.8.6" +version = "0.8.7" edition = "2024" description = "A greetd greeter for Wayland with GTK4 and Layer Shell" license = "MIT" diff --git a/DECISIONS.md b/DECISIONS.md index a909799..541a739 100644 --- a/DECISIONS.md +++ b/DECISIONS.md @@ -1,5 +1,12 @@ # Decisions +## 2026-06-02 – Power buttons fixed (loginctl→systemctl) + single greeter window (v0.8.7) + +- **Who**: ClaudeCode, Dom +- **Why**: At the greeter the reboot and shutdown buttons always failed with "Neustart/Herunterfahren fehlgeschlagen". Root cause: `power.rs` invoked `/usr/bin/loginctl reboot|poweroff`, but `loginctl` has no such verbs (systemd 260: `Unknown command verb 'reboot'`, exit 1) — power-management verbs belong to `systemctl`. moonlock and moonset already used `systemctl`; moongreet was the outlier (moonset carried the same bug until Mar 29). The polkit rule shipped in v0.8.3 treated the wrong layer — `CanReboot` returns `yes`, polkit was never the blocker. Separately, the multi-monitor greeter (v0.8.0/v0.8.2) gave `KeyboardMode::Exclusive` to only the first enumerated monitor's window, so on a multi-output setup the user could not type the password when focused on any other output. +- **Tradeoffs**: Dropping the per-monitor + hotplug windows leaves secondary monitors blank during login; irrelevant for a login screen (input happens on one output). Exclusive keyboard binds input to the single greeter surface regardless of pointer position — the mouse may wander to a blank output but typing always reaches the greeter (chosen over compositor-level pointer confinement). The polkit rule is kept as a harmless safety net for the agent-less greeter session; its misleading "session is inactive" comment was corrected. +- **How**: (1) `power::reboot`/`shutdown` call `/usr/bin/systemctl --no-ask-password reboot|poweroff` (matches moonlock; `--no-ask-password` fails fast instead of hanging on a missing askpass agent). (2) `main.rs` `activate()` creates one greeter window with no `set_monitor` (compositor places it on the focused output, like moonset) and `KeyboardMode::Exclusive`; the monitor loop, `connect_items_changed` hotplug handler, and the now-unused `glib::clone`/`std::rc::Rc` imports are removed. (3) The missing journal entries were investigated and are **not** a logging bug — the greeter user delivers all priorities to journald (verified live); the two button errors were lost because boot -2 was hard-cut before journald's 5-minute sync. + ## 2026-04-24 – Audit LOW fixes: stdout null, utf-8 path, debug value, hidden sessions (v0.8.6) - **Who**: ClaudeCode, Dom diff --git a/config/polkit/50-moongreet-power.rules b/config/polkit/50-moongreet-power.rules index edc276b..ac6945b 100644 --- a/config/polkit/50-moongreet-power.rules +++ b/config/polkit/50-moongreet-power.rules @@ -1,5 +1,5 @@ // ABOUTME: Allow the greeter user to reboot and power off without authentication. -// ABOUTME: Required because greetd's greeter session is inactive in logind. +// ABOUTME: Safety net for the agent-less greeter session — no askpass/polkit agent to answer a challenge. polkit.addRule(function(action, subject) { if (subject.user === "greeter" && diff --git a/src/greeter.rs b/src/greeter.rs index b6af489..572eee5 100644 --- a/src/greeter.rs +++ b/src/greeter.rs @@ -189,7 +189,7 @@ fn render_blurred_texture( } /// Create a Picture widget for the wallpaper background, optionally with GPU blur. -/// Uses `blur_cache` to compute the blurred texture only once across all monitors. +/// Uses `blur_cache` to compute the blurred texture only once and reuse it. fn create_background_picture( texture: &gdk::Texture, blur_radius: Option, diff --git a/src/main.rs b/src/main.rs index b6a2a87..a09b0f7 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,5 +1,5 @@ // ABOUTME: Entry point for Moongreet — greetd greeter for Wayland. -// ABOUTME: Sets up GTK Application, Layer Shell, CSS, and multi-monitor windows. +// ABOUTME: Sets up GTK Application, Layer Shell, CSS, and a single greeter window. mod config; mod fingerprint; @@ -11,11 +11,9 @@ mod sessions; mod users; use gdk4 as gdk; -use glib::clone; use gtk4::prelude::*; use gtk4::{self as gtk, gio}; use gtk4_layer_shell::LayerShell; -use std::rc::Rc; fn load_css(display: &gdk::Display) { let css_provider = gtk::CssProvider::new(); css_provider.load_from_resource("/dev/moonarch/moongreet/style.css"); @@ -26,13 +24,11 @@ fn load_css(display: &gdk::Display) { ); } -fn setup_layer_shell(window: >k::ApplicationWindow, keyboard: bool, layer: gtk4_layer_shell::Layer) { +fn setup_layer_shell(window: >k::ApplicationWindow, layer: gtk4_layer_shell::Layer) { window.init_layer_shell(); window.set_layer(layer); window.set_exclusive_zone(-1); - if keyboard { - window.set_keyboard_mode(gtk4_layer_shell::KeyboardMode::Exclusive); - } + window.set_keyboard_mode(gtk4_layer_shell::KeyboardMode::Exclusive); // Anchor to all edges for fullscreen window.set_anchor(gtk4_layer_shell::Edge::Top, true); window.set_anchor(gtk4_layer_shell::Edge::Bottom, true); @@ -66,49 +62,15 @@ fn activate(app: >k::Application) { log::debug!("Layer shell: {use_layer_shell}"); if use_layer_shell { - // One greeter window per monitor — only the first gets keyboard input - let monitors = display.monitors(); - log::debug!("Monitor count: {}", monitors.n_items()); - let mut first = true; - for i in 0..monitors.n_items() { - if let Some(monitor) = monitors - .item(i) - .and_then(|obj| obj.downcast::().ok()) - { - let window = greeter::create_greeter_window(bg_texture.as_ref(), &config, &blur_cache, app); - setup_layer_shell(&window, first, gtk4_layer_shell::Layer::Top); - window.set_monitor(Some(&monitor)); - window.present(); - first = false; - } - } - - // Handle monitor hotplug — create greeter windows for newly added monitors - // (without keyboard, since the primary monitor already has it) - let bg_texture = Rc::new(bg_texture); - let config = Rc::new(config); - monitors.connect_items_changed(clone!( - #[weak] - app, - #[strong] - blur_cache, - move |list, position, _removed, added| { - for i in position..position + added { - if let Some(monitor) = list - .item(i) - .and_then(|obj| obj.downcast::().ok()) - { - log::debug!("Monitor hotplug: creating greeter window"); - let window = greeter::create_greeter_window( - bg_texture.as_ref().as_ref(), &config, &blur_cache, &app, - ); - setup_layer_shell(&window, false, gtk4_layer_shell::Layer::Top); - window.set_monitor(Some(&monitor)); - window.present(); - } - } - } - )); + // Single greeter window. No set_monitor — the compositor places it on the + // focused output (same as moonset). Exclusive keyboard binds input to this + // surface regardless of pointer position; the mouse may wander to other + // outputs but typing always reaches the greeter. The previous per-monitor + // approach gave keyboard only to the first monitor's window, so a user on + // any other output could not type the password. + let window = greeter::create_greeter_window(bg_texture.as_ref(), &config, &blur_cache, app); + setup_layer_shell(&window, gtk4_layer_shell::Layer::Top); + window.present(); } else { // No layer shell — single window for development let greeter_window = greeter::create_greeter_window(bg_texture.as_ref(), &config, &blur_cache, app); diff --git a/src/power.rs b/src/power.rs index ec8b961..4cf4516 100644 --- a/src/power.rs +++ b/src/power.rs @@ -1,4 +1,4 @@ -// ABOUTME: Power actions — reboot and shutdown via loginctl. +// ABOUTME: Power actions — reboot and shutdown via systemctl. // ABOUTME: Wrappers around system commands for the greeter UI. use std::fmt; @@ -99,14 +99,21 @@ fn run_command(action: &'static str, program: &str, args: &[&str]) -> Result<(), } } -/// Reboot the system via loginctl. +/// Reboot the system via systemctl. +/// +/// `--no-ask-password` keeps systemctl from spawning an interactive askpass +/// agent — the greeter session has none, so without it a denied authorization +/// would hang instead of failing fast. pub fn reboot() -> Result<(), PowerError> { - run_command("reboot", "/usr/bin/loginctl", &["reboot"]) + run_command("reboot", "/usr/bin/systemctl", &["--no-ask-password", "reboot"]) } -/// Shut down the system via loginctl. +/// Shut down the system via systemctl. +/// +/// `--no-ask-password` for the same reason as [`reboot`] — the agent-less +/// greeter session has nothing to answer an authorization challenge. pub fn shutdown() -> Result<(), PowerError> { - run_command("shutdown", "/usr/bin/loginctl", &["poweroff"]) + run_command("shutdown", "/usr/bin/systemctl", &["--no-ask-password", "poweroff"]) } #[cfg(test)]