On Wed, 2024-05-22 at 17:42 +0200, Lennart Poettering wrote:
> On Mi, 22.05.24 17:13, Nop (ctx...@gmail.com) wrote:
>
> > Hello folks,
> > I have a question about what you guys considers to be the
> > right/expect way.
> >
> > I read documentation a bit about INVOCATION_ID and JOURNAL_STREAM and,
On Tue, 2022-04-26 at 11:02 +0200, Lennart Poettering wrote:
> On Mo, 25.04.22 18:15, Benjamin Berg (benja...@sipsolutions.net) wrote:
>
> > > So, permitting fingerprint auth while homedir is unlocked might still
> > > be worthy though, i.e. for sudo or polkit
Hello,
On Tue, 2022-04-26 at 10:11 +0300, juice wrote:
> On 4/26/22 09:41, Ulrich Windl wrote:
> > > Using fingerprint for *authentication* is totally broken concept which
> > > should never be allowed.
> > Why? Is a PIN any better?
>
> PIN is much better. You will not be leaving your PIN to any
On Mon, 2022-04-25 at 17:46 +0200, Lennart Poettering wrote:
> On Mo, 25.04.22 17:05, Benjamin Berg (benja...@sipsolutions.net) wrote:
>
> > > i.e. that wen you enroll a fingerprint you can associate some secret
> > > key with it that you pass to the hw. And then you sto
On Mon, 2022-04-25 at 16:29 +0200, Lennart Poettering wrote:
> On Mo, 25.04.22 15:39, Benjamin Berg (benja...@sipsolutions.net) wrote:
>
> > > Right now homed supports neither (I think it would make a ton of sense
> > > to add though.
> > >
> > >
On Mon, 2022-04-25 at 13:28 +0200, Lennart Poettering wrote:
> On Mo, 25.04.22 12:09, Benjamin Berg (benja...@sipsolutions.net) wrote:
> > if the home directory needs to be decrypted during login then we really
> > need a password for authentication, etc. And, that means that
> &
Hi,
if the home directory needs to be decrypted during login then we really
need a password for authentication, etc. And, that means that
fingerprint login must not be used (if we are authenticating to log in
the user).
I have not looked at pam_systemd_home.so more closely. But, if we need
the us
HI,
On Thu, 2022-03-24 at 12:40 +0100, Felip Moll wrote:
> False, the JobRemoved signal returns the id, job, unit and result. To
> wait for JobRemoved only needs a matching rule for this signal. The
> matching rule can just contain the path. In fact, nothing else than
> strings can be matched in a
Hi,
systemd will not help you with managing the cgroup sub-hierarchy
underneath the daemon. I suppose the most generic solution would be
something like cgrulesengd for cgroup v2. No idea if something like
that exists.
I assume you have had a look at
https://systemd.io/CGROUP_DELEGATION/#three-s
On Fri, 2021-05-21 at 20:14 +0300, Andrei Borzenkov wrote:
> On 21.05.2021 17:07, Benjamin Berg wrote:
> > [SNIP]
> > Yes, you need to set it on all ancestors, and the documentation
> > mentions this:
> >
> > """
> > For a protection
Hi,
On Fri, 2021-05-21 at 15:25 +0300, Andrei Borzenkov wrote:
> systemd offers MemoryLow for an individual units. It actually sets
> memory.low cgroup attribute, so this is OK. The problem is according to
> kernel dcouemtation, memory.low is limited by value set in parent
> cgroup and all parent
Hi,
On Tue, 2021-04-06 at 19:02 +0300, Arseny Maslennikov wrote:
> [SNIP]
> The above was a brainstormed reproducer; I did actually encounter
> this
> kind of bug IRL a couple of times this way.
> I'd used GDM to log in to GNOME on Xorg, then logged out, then logged
> in
> to Sway (a Wayland compo
On Thu, 2021-02-04 at 22:16 +0300, Andrei Borzenkov wrote:
> 03.02.2021 22:25, Benjamin Berg пишет:
> > Requires= actually has the difference that the unit must become
> > part of
> > the transaction (if it is not active already). So you get a hard
> > failure and appr
On Thu, 2021-02-04 at 13:07 +0100, Reindl Harald wrote:
> Am 04.02.21 um 12:46 schrieb Benjamin Berg:
> > On Wed, 2021-02-03 at 16:43 +0100, Reindl Harald wrote:
> > > seriously - explain what you expect to happen in case of
> > >
> > > Requi
On Wed, 2021-02-03 at 16:43 +0100, Reindl Harald wrote:
> seriously - explain what you expect to happen in case of
>
> Requires=a.service
> Before=a.service
>
> except some warning that it's nonsense
So, one way I used it is as ExecStartPost= equivalent for a .target
unit. i.e. pull in a Type=on
On Wed, 2021-02-03 at 20:47 +0300, Andrei Borzenkov wrote:
> 03.02.2021 00:25, Benjamin Berg пишет:
> > On Tue, 2021-02-02 at 22:50 +0300, Andrei Borzenkov wrote:
> > > 02.02.2021 17:59, Lennart Poettering пишет:
> > > >
> > > > Note that Requires= i
On Wed, 2021-02-03 at 08:00 +0100, Reindl Harald wrote:
>
>
> Am 02.02.21 um 22:25 schrieb Benjamin Berg:
> > On Tue, 2021-02-02 at 22:50 +0300, Andrei Borzenkov wrote:
> > > 02.02.2021 17:59, Lennart Poettering пишет:
> > > >
> > > > Note that
On Tue, 2021-02-02 at 22:50 +0300, Andrei Borzenkov wrote:
> 02.02.2021 17:59, Lennart Poettering пишет:
> >
> > Note that Requires= in almost all cases should be combined with an
> > order dep of After= onto the same unit.
>
> Years ago I asked for example when Requires makes sense without
> Aft
On Wed, 2020-09-30 at 11:04 +0200, Ulrich Windl wrote:
> > > > Reindl Harald schrieb am 30.09.2020 um 10:56 in
> Nachricht :
>
> > Am 30.09.20 um 09:06 schrieb Ulrich Windl:
> > > > my webserver is killed because it served at monday, tuesday, thursday
> > > > and friday 4 different files with 2 G
On Mon, 2020-09-28 at 11:37 +0200, Reindl Harald wrote:
>
> Am 28.09.20 um 11:19 schrieb Benjamin Berg:
> > > if i would set "MemoryMax" to 4G "Memory: 8.6G" would kill it
> > > when the
> > > caches are accounted in that context
> >
&g
On Mon, 2020-09-28 at 10:43 +0200, Reindl Harald wrote:
>
> Am 28.09.20 um 10:37 schrieb Tomasz Torcz:
> > On Mon, Sep 28, 2020 at 10:08:15AM +0200, Reindl Harald wrote:
> > > Am 27.09.20 um 23:39 schrieb Benjamin Berg:
> > > > > > > however, that value
On Sun, 2020-09-27 at 17:45 +0200, Reindl Harald wrote:
>
> Am 27.09.20 um 14:08 schrieb Greg KH:
> > On Sun, Sep 27, 2020 at 01:41:33PM +0200, Reindl Harald wrote:
> > > Memory: 8.6G
> > >
> > > looks like there is a large part of os-caching included where i wonmder
> > > how that's done because
Hi,
you can use Wants= to pull in another service, and then use
StopWhenUnneeded= to make that shutdown after the last sshd@.service
disappears.
So, I guess something like the below:
sshd@.service drop-in:
```
[Unit]
Wants=sshd-running.service
```
sshd-running.service
```
[Unit]
StopWhenUnneede
Hi,
I would suggest trying the following:
* Set a MemoryLow allocation
* Enable the CPU cgroup controller
For the first, it'll make sense to set MemoryLow= on system.slice and
also setting DefaultMemoryLow= or MemoryLow= on sshd.service. Otherwise
things might be somewhat unexpected for now, s
24 matches
Mail list logo
