On Thu, 08.01.15 17:48, Dimitri John Ledkov (dimitri.j.led...@intel.com) wrote:
> On 8 January 2015 at 17:15, Andrei Borzenkov <arvidj...@gmail.com> wrote: > > В Thu, 8 Jan 2015 16:03:43 +0000 > > Dimitri John Ledkov <dimitri.j.led...@intel.com> пишет: > > > >> On 8 January 2015 at 15:37, Simon McVittie > >> <simon.mcvit...@collabora.co.uk> wrote: > >> > On 08/01/15 14:36, Colin Guthrie wrote: > >> >> Lennart Poettering wrote on 08/01/15 13:19: > >> Thus my expectation would be to have a systemd (dbus, etc...) --user > >> per-session/per-seat, rather than per-uid. > >> > > > > How do you manage things that are inherently per-user and not > > per-session (like pulse audio, ssh-/gpg-agents)? > > E.g. ssh-/gpg-agents -> they are upstart jobs, and thus are started > per-session. They use environment variables to point at the active > agent. Are you sure that ssh/gpg agent are happy with being started multiple times per-user? > Even on your desktop, you can spawn two agents and use different > SSH_AUTH_SOCK to talk to one or the other. > > Ideally such variables could be eliminated in favor of using address > namespacing e.g. always talk to unix:abstract=/tmp/agent -> which is Well, the abstract AF_UNIX namespace is subject to network namespaces, which means you'd have to run each user in a network namespace of his own, which however then would mean it would have no network interfaces except the loopback device... Abstract namespace sockets are pretty useless these days, and simply risky due to the namespacing issue. Don't use them. The ssh/gpg sockets should really move to XDG_RUNTIME_DIR, and nowhere else. Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
