Hey list, I've built a server with systemd and it really worked out well. Fast booting (that means shorter maintenance times) and most important: Reliable service teardown and auto-restarts of crashed services. And yeah, I love the journal. I'm logging everything there.
But now I want to (and need to) give some users cron-like abilities. I discovered that systemd supports user instances - perfect! So I enabled a session service for one user (actually, that's me): # sudo systemctl enable user@kakra.service But I cannot start it, and the user can neither. Starting it states in the journal: # sudo systemctl start user@kakra.service May 06 23:35:00 vweb002.jugendinfo.de systemd[1]: Starting User Manager for root... -- Subject: Unit user@kakra.service has begun with start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit user@kakra.service has begun starting up. May 06 23:35:00 vweb002.jugendinfo.de systemd[4438]: Failed at step PAM spawning /usr/lib/systemd/systemd: Operation not permitted -- Subject: Process /usr/lib/systemd/systemd could not be executed -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- Documentation: http://www.freedesktop.org/wiki/Software/systemd/catalog/641257651c1b4ec9a8624d7a40a9e1e7 -- -- The process /usr/lib/systemd/systemd could not be executed and failed. -- -- The error number returned while executing this process is 1. May 06 23:35:00 vweb002.xxxxxx.de systemd[1]: Started User Manager for root. -- Subject: Unit user@kakra.service has finished start-up -- Defined-By: systemd -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- Unit user@kakra.service has finished starting up. -- -- The start-up result is done. Why does it say "Starting user manager for root" (and not my username) and why does it fail with pam? If I start "systemd --user &", then I can enable and run the user services defined in .config/systemd. The server is running Gentoo with systemd-201. Here's the systemd unit: kakra@vweb002 ~ $ cat /etc/systemd/system/user\@kakra.service # This file is part of systemd. # # systemd is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published by # the Free Software Foundation; either version 2.1 of the License, or # (at your option) any later version. [Unit] Description=User Manager for %u After=systemd-user-sessions.service [Service] User=%I PAMName=systemd-shared # in order to allow MEM_CG features to work, add "memory:/" here ControlGroup=%R/user/%u/shared cpu:/ ControlGroupModify=yes Type=notify ExecStart=-/usr/lib/systemd/systemd --user Environment=DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/%U/dbus/user_bus_socket [Install] Alias=user@%i.service # as user: # systemctl start user@kakra.service Failed to issue method call: Access denied kakra@vweb002 ~ $ cat /etc/pam.d/system-auth auth required pam_env.so auth required pam_unix.so try_first_pass likeauth nullok auth optional pam_permit.so account required pam_unix.so account optional pam_permit.so password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 password required pam_unix.so try_first_pass use_authtok nullok sha512 shadow password optional pam_permit.so session required pam_limits.so session required pam_env.so session required pam_unix.so session optional pam_permit.so session optional pam_loginuid.so session optional pam_systemd.so Regards, Kai _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
