Am 08.03.2018 um 20:08 schrieb Jonathan Billings:
> There's a google doc in the Debian bug that I wrote
> (https://docs.google.com/document/d/1P27fP1uj-C8QdxDKMKtI-Qh00c5_9zJa4YHjnpB6ODM/pub),
>
> which was to create an /etc/systemd/user/aklog.service that is
> automatically started as part of
On Fri, Mar 9, 2018 at 2:24 PM, Garance A Drosehn wrote:
> Chances are very good that most administrators won't really understand
> the security issues. Or maybe THEY will understand, but their users
> will not. And then the users will get into weird problems with no
>
On 9 Mar 2018, at 11:06, Dirk Heinrichs wrote:
> Am 08.03.2018 um 18:54 schrieb Jeffrey Altman:
>> Switching to the user keyring is unreasonable. The impact of such
>> a change is that all user sessions on a system share the same tokens
>> and an effective uid change permits access to those same
Am 08.03.2018 um 18:54 schrieb Jeffrey Altman:
>> 2. let AFS use the per-user keyring instead of the per-session one
>> (suggested in the systemd bug discussion)
>>
>> Does the second one sound reasonable?
> Switching to the user keyring is unreasonable. The impact of such a
> change is that
There's a google doc in the Debian bug that I wrote (
https://docs.google.com/document/d/1P27fP1uj-C8QdxDKMKtI-Qh00c5_9zJa4YHjnpB6ODM/pub),
which was to create an /etc/systemd/user/aklog.service that is
automatically started as part of the login, what it does is runs an aklog
so that the processes
> 2. let AFS use the per-user keyring instead of the per-session one
> (suggested in the systemd bug discussion)
>
> Does the second one sound reasonable?
Switching to the user keyring is unreasonable. The impact of such a
change is that all user sessions on a system share the same tokens
Hi,
as some Linux users might already have noticed, there's an
incompatibility issue between systemctl --user and users having their
$HOME below /afs.
Background: systemctl --user is the per-user equivalent of systemctl,
which means starting services on behalf of the current user. For this to