Allow GUIVM clients to know if GUIVM has session

ben-grande · ben-grande · commit e0c91d7605eb · 2025-12-02T12:38:18.000+01:00
Or if GUID of the client can be found on the server. This script is replicated on qubes-core-qrexec. For: QubesOS/qubes-notification-proxy#13 For: QubesOS/qubes-gui-agent-linux#251 For: QubesOS/qubes-core-admin#757 For: QubesOS/qubes-issues#1512 For: QubesOS/qubes-issues#9940 Fixes: QubesOS/qubes-issues#10443
diff --git a/qubes-rpc/qubes.WaitForSession b/qubes-rpc/qubes.WaitForSession
@@ -1,13 +1,80 @@
 #!/bin/sh
+#
+# If no argument is provided, wait for the session to start.
+# If QREXEC_SERVICE_ARGUMENT=guid, wait for QREXEC_REMOTE_DOMAIN's GUID.
+
 set -eu
 
-if test "$(qubesdb-read --default=True /qubes-gui-enabled)" = "True"; then
-    user="$(qubesdb-read /default-user || echo 'user')"
-    while ! [ -e "/var/run/qubes/qrexec-server.$user.sock" ]; do
-        sleep 0.1
+wait_client_guid(){
+    qube="${1-}"
+    # Waits for qubes-guid to become available for a given domain.
+    if test -z "$qube"; then
+        echo "QREXEC_REMOTE_DOMAIN variable needs to be set" >&2
+        exit 1
+    fi
+
+    # Traverse /var/run/qubes/qrexec.NAME -> qrexec.ID symlink
+    qrexec_name_sock="/var/run/qubes/qrexec.$qube"
+    if ! test -L "$qrexec_name_sock"; then
+        echo "$0: $qrexec_name_sock not found, domain might be dead" >&2
+        exit 1
+    fi
+
+    qrexec_id_sock="$(readlink -e "$qrexec_name_sock")"
+    if test -z "$qrexec_id_sock"; then
+        echo "$0: readlink failed for $qrexec_name_sock" >&2
+        exit 1
+    fi
+
+    # Watch for /var/run/qubes/guid-running.ID
+    xid="${qrexec_id_sock##*/qrexec.}"
+    basename="${qrexec_id_sock%/*}"
+    guid_running="$basename/guid-running.$xid"
+    while true; do
+        if test -f "$guid_running"; then
+            break
+        fi
+
+        if ! test -e "$qrexec_id_sock"; then
+            echo "$0: $qrexec_id_sock not found, domain might be dead" >&2
+            exit 1
+        fi
+
+        sleep 0.5
     done
-fi
+    exit 0
+}
+
+wait_self_session(){
+    if ! command -v qrexec-client >/dev/null &&
+        test "$(qubesdb-read --default=True /qubes-gui-enabled)" = "True"
+    then
+        user="$(qubesdb-read /default-user || echo 'user')"
+        while ! test -e "/var/run/qubes/qrexec-server.$user.sock"; do
+            sleep 0.1
+        done
+    fi
+
+    true "${XDG_RUNTIME_DIR:="/run/user/$(id -u)"}"
+    true "${DBUS_SESSION_BUS_ADDRESS:="unix:path=${XDG_RUNTIME_DIR}/bus"}"
+    export DBUS_SESSION_BUS_ADDRESS
+    systemctl --user --wait --quiet is-system-running
+    exit 0
+}
 
-systemctl --user --wait --quiet is-system-running
+main(){
+    arg="${QREXEC_SERVICE_ARGUMENT-}"
+    client="${QREXEC_REMOTE_DOMAIN-}"
+    case "${arg}" in
+        guid)
+            wait_client_guid "$client"
+            ;;
+        "")
+            wait_self_session
+            ;;
+        *)
+            echo "Invalid argument, only allowed value is 'guid'" >&2
+    esac
+}
 
-exit 0
+main
