Try both --output=json and --json=short when running loginctl list-sessions output

[RebeccaMahany]

The output flag for loginctl list-sessions has changed in more recent versions of systemd: https://www.freedesktop.org/software/systemd/man/latest/loginctl.html#Session%20Commands

On Ubuntu at least up to 24.04, systemd doesn't use this new --json flag -- I think at this point, the older flag will be much more widely supported in our userbase. So I have defaulted to trying with the older flag first, and falling back to the newer flag in case of error. Eventually we will want to swap the order that we try the flags in.

Confirmed --json=short output is compatible with what we previously expected (session, uid, user, seat all present):

[becca@arch-2 ~]$ loginctl --version
systemd 256 (256.1-1-arch-g34ba18b^)
+PAM +AUDIT -SELINUX -APPARMOR -IMA +SMACK +SECCOMP +GCRYPT +GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBCRYPTSETUP_PLUGINS +LIBFDISK +PCRE2 +PWQUALITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK +XKBCOMMON +UTMP -SYSVINIT +LIBARCHIVE

[becca@arch-2 ~]$ loginctl list-sessions --no-legend --no-pager --json=short
[{"session":"3","uid":1002,"user":"becca","seat":null,"leader":9206,"class":"user","tty":"pts/0","idle":false,"since":null}]

Relates to #1758

Notes on setting up a test environment

I set up an arch VM in Google Cloud to test this -- here are the steps.

I used a base image from this project and created a VM:

gcloud compute instances create <VM name> --image-project=arch-linux-gce --image-family=arch --project <project name>

I SSHed to the VM and got it updated via these instructions

pacman -Sy --needed archlinux-keyring && pacman -Su

Validated that it's adequately updated via loginctl --version and loginctl list-sessions --no-legend --no-pager --json=short.

I stopped the VM, enabled display device, and restarted the VM – I think this is what got me a Remote=no Active=yes session to be able to get a desktop process going.

I uploaded launcher binary from this PR's artifacts to VM; I uploaded osqueryd binary from the releases to the VM; chmod +x both.

I made a root dir for testing, then ran launcher and let it start up:

sudo ./launcher --hostname <k2 hostname here> --root_directory <root dir here> --osqueryd_path <path-to-your-osqueryd> --transport jsonrpc --enroll_secret <secret here>

In another window, I confirmed I saw the launcher desktop process eventually -- ps -eaf | grep launcher. There were some errors (e.g. no tray is running, so we get errors about no tray running), but seeing the desktop process running should be enough to prove this fix.

[directionless]

Do we need this if?

[RebeccaMahany]

No point in trying to unmarshal if the command failed, right -- or have I missed something?

[directionless]

If the command failed, it returns on line 76

[RebeccaMahany]

That's the creation of the exec.Cmd struct -- we return on 76 if we fail to validate the command (e.g. if we can't find the loginctl binary). But we don't exec the command till line 78, so we're checking for exec failures here.

[directionless]

Oh, I see it now. This is inverted logic -- no error early returns. You could probably combine, if legacyOut, err := legacyCmd.Output(); err == nil { but I don' think that changes anything real.

Thank you for putting up with my fuzziness.

[directionless]

Oh, I see it now. This is inverted logic -- no error early returns. You could probably combine, if legacyOut, err := legacyCmd.Output(); err == nil { but I don' think that changes anything real.

Thank you for putting up with my fuzziness.