On Sep 19, Hilmar Preuße <hill...@web.de> wrote:

> > Proftpd should use the common-session-noninteractive PAM configuration
> > fragment, which does not call pam_systemd:
> > 
> > /etc/pam.d/proftpd:
> > -@include common-session-noninteractive
> > +@include common-session
> > 
> Currently:
> 
> hille@sid:~ $ less -X /etc/pam.d/proftpd
> #%PAM-1.0
> auth       required     pam_listfile.so item=user sense=deny
> file=/etc/ftpusers onerr=succeed
> @include common-auth
> 
> # This is disabled because anonymous logins will fail otherwise,
> # unless you give the 'ftp' user a valid shell, or /bin/false and add
> # /bin/false to /etc/shells.
> #auth       required    pam_shells.so
> 
> @include common-account
> @include common-session
> <snip>
> 
> If I understand correctly it is exactly as you requested.
Sorry, my patch was reversed: what we need is "@include 
common-session-noninteractive" or else systemd will open a new user 
session (with the related daemons) for every FTP login.

> Further on my system (I never touched pam) /etc/pam.d/common-session &
> /etc/pam.d/common-session-noninteractive differ just in the included
> comments. Just /usr/share/pam/common-session-noninteractive &
> /usr/share/pam/common-session differ.
Looks like your systems is old? In unstable common-session has an extra 
line for pam_systemd.so.

-- 
ciao,
Marco

Attachment: signature.asc
Description: PGP signature

Reply via email to