I have some systemd --user services from other packages.
The units are located in /etc/systemd/user/ or /usr/lib/systemd/user/
and enabled on installing.
When a daemon uses su or sudo on debian, it starts a service
user@$UID.service which is a systemd-daemon for the user-session. This
sessions are normally not started for Daemons with UID below 1000
I asked on the systemd-mailinglist, whats the problem, because sometimes
leafnode starts an user-session (and with this the user-services which are
thought for login-users with UID greater-equal 1000).
They told me, there must be the use of su or sudo in some scripts from
I looked around and found, that there is su used in
Just change from su to runuser, the cronjob also does his job, but
without invoking pam_systemd!
You find my changes below to use runuser instead of su, which solves the
problems comming from the su-command.
Your original command is commented below my new line.
-- System Information:
Debian Release: 9.1
APT prefers stable
APT policy: (990, 'stable'), (700, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.12.0-trunk-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8),
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages leafnode depends on:
ii debconf [debconf-2.0] 1.5.61
ii libc6 2.24-11+deb9u1
ii libpcre3 2:8.39-3
ii logrotate 3.11.0-0.1
ii netbase 5.4
ii openbsd-inetd [inet-superserver] 0.20160825-2
ii tcpd 7.6.q-26
leafnode recommends no packages.
Versions of packages leafnode suggests:
ii perl 5.24.1-3+deb9u1
pn slrn | news-reader <none>
-- Configuration Files:
if [ -x /usr/sbin/texpire ]; then
#su news -s /bin/sh -c "/usr/sbin/texpire" >/dev/null
runuser news -s /bin/sh -c "/usr/sbin/texpire" >/dev/null
if [ -x /usr/bin/touch_newsgroup -a -f /etc/news/leafnode/touch_groups ]; then
if /usr/bin/perl -MNet::NNTP < /dev/null 2>/dev/null ; then
#su news -s /bin/sh -c "/usr/bin/touch_newsgroup -f
runuser news -s /bin/sh -c "/usr/bin/touch_newsgroup -f
cat << EOF
You have requested that touch_newsgroup be run to mark the groups
listed in /etc/news/leafnode/touch_groups as read. This requires
that both perl and the Net::NNTP module (part of libnet-perl) are
avalible, which does not appear to be the case:
/usr/bin/perl -MNet::NNTP < /dev/null
if [ "" != "`ls /var/spool/news/failed.postings/ 2>/dev/null`" ]; then
cat << EOF
Some articles posted via Leafnode have been placed in the
failed.postings directory. This typically means that they were
rejected by one or more of the upstream news servers. Examining the
news log files should provide some indication as to why.
To retry the posting move the queue files into /var/spool/news/out.going
and run /usr/sbin/fetchnews.
-- debconf information:
* leafnode/server: news.albasani.net
* leafnode/network: PPP