On Fri, 2013-07-26 at 13:57 -0400, Stephen Gallagher wrote: > 2) We still need to consider use-cases where a cron job or other > long-running service needs to use credentials given to it by the user, > though they are no longer signed in. With the current approach, we > still need to be concerned that the /run/user/UID directory may just > cease to exist if there are no more active sessions on the machine.
One kind of nontrivial approach, but at least worth thinking about, is changing cron to keep a zygote process around (with a session) for users with active cron jobs. Futhermore if this zygote is terminated, then no cron jobs for the user will be run. A nice advantage of this is is say you have an abusive user and do "killall -u baduser" - they can't "escape" this by scheduling cron jobs. And cron jobs could theoretically be stored in ~username/.config/<machine-id> instead of /var/spool/cron. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
