On Thu, 30 Nov 2017 13:29:22 +0100 Lennart Poettering <lenn...@poettering.net> wrote:
> On Do, 30.11.17 12:09, Pekka Paalanen (ppaala...@gmail.com) wrote: > > > > Hmm, what is this about? > > > > > > This is racy, as the session ID is not really reliably predictable, > > > and is synthesized in different contexts in different ways, for > > > example depnding on whether audit is enabled in the kernel it might be > > > session-1.scope rather than session-c1.scope. > > > > Hi Lennart, > > > > this is the bit Martyn talked you in person some time ago, maybe Martyn > > could refresh your memory? > > Oh, did we? I don't remember, sorry! Hi Lennart, no worries. I don't remember what I did early this week... > > > Piggy-backing on "login" is a bad idea. "login" is a text tool, and > > > thus the PAM rules for it usually pull in some TTY specific PAM > > > modules. YOu shoudl really use your own PAM fragment here, and > > > configure only the bits you need. > > > > Ok. Is there any guide or example I could point people to, so that they > > can write their own stuff correctly? Any example I could put into > > Weston docs? > > Unfortunately PAM is awful and highly distro-specific. It's not really > possible to write PAM snippets that work generically on all > distros. Sorry. The distros even patch PAM differently, so that > slightly difference constructs are available... That's the feeling I already got. Following Mantas' suggestion and commenting it line by line like I did for the service unit is probably the best we could do then. Thanks, pq
pgp731wB5Aclo.pgp
Description: OpenPGP digital signature
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
