Am 13.01.2017 um 10:33 schrieb Juha Erkkilä:
> Package: libpam-systemd
> Version: 232-8
> Severity: normal
> Dear Maintainer,
> provides a mechanism to add users to supplementary groups
> via configurations from /etc/security/group.conf.  This mechanism
> works only partially to user desktop processes when logging in through
> gdm.  It may not be that systemd is here to blame, but my suspicion
> is that the systemd user instance is the most relevant component here.
> To reproduce, install recent Debian Stretch with GDM and Gnome desktop.
> Configure active by adding the following line to
> /etc/pam.d/common-auth (as the last line):
> auth  optional


> However, when logging in through gdm, only some of the processes belong
> to the "dialout"-group.  To reproduce, login to Gnome desktop through
> gdm, and then start up a gnome-terminal through Alt+F2 and writing
> "gnome-terminal".  Also start up an xterm from the terminal.  Start up
> another xterm by writing Alt+F2 + "xterm".  Now the situation is strange,
> because "gnome-terminal", and the "xterm" do *not* have "dialout" as
> a supplementary group, but the "xterm" that was started through Alt+F2
> actually has!

gnome-terminal uses a systemd --user service which uses
As you can see, this pam module does not include common-auth.
If you add pam_group to /etc/pam.d/systemd-user I suspect it would work.

Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to