On Sep 19, Hilmar Preuße <[email protected]> wrote: > > Proftpd should use the common-session-noninteractive PAM configuration > > fragment, which does not call pam_systemd: > > > > /etc/pam.d/proftpd: > > -@include common-session-noninteractive > > +@include common-session > > > Currently: > > hille@sid:~ $ less -X /etc/pam.d/proftpd > #%PAM-1.0 > auth required pam_listfile.so item=user sense=deny > file=/etc/ftpusers onerr=succeed > @include common-auth > > # This is disabled because anonymous logins will fail otherwise, > # unless you give the 'ftp' user a valid shell, or /bin/false and add > # /bin/false to /etc/shells. > #auth required pam_shells.so > > @include common-account > @include common-session > <snip> > > If I understand correctly it is exactly as you requested. Sorry, my patch was reversed: what we need is "@include common-session-noninteractive" or else systemd will open a new user session (with the related daemons) for every FTP login.
> Further on my system (I never touched pam) /etc/pam.d/common-session & > /etc/pam.d/common-session-noninteractive differ just in the included > comments. Just /usr/share/pam/common-session-noninteractive & > /usr/share/pam/common-session differ. Looks like your systems is old? In unstable common-session has an extra line for pam_systemd.so. -- ciao, Marco
signature.asc
Description: PGP signature
