<html>
    <head>
      <base href="https://bugs.freedesktop.org/" />
    </head>
    <body><table border="1" cellspacing="0" cellpadding="8">
        <tr>
          <th>Priority</th>
          <td>medium
          </td>
        </tr>

        <tr>
          <th>Bug ID</th>
          <td><a class="bz_bug_link 
          bz_status_NEW "
   title="NEW --- - libpam-systemd does not change XDG_RUNTIME_DIR when using su - username"
   href="https://bugs.freedesktop.org/show_bug.cgi?id=70810">70810</a>
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>systemd-bugs@lists.freedesktop.org
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>libpam-systemd does not change XDG_RUNTIME_DIR when using su - username
          </td>
        </tr>

        <tr>
          <th>QA Contact</th>
          <td>systemd-bugs@lists.freedesktop.org
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>normal
          </td>
        </tr>

        <tr>
          <th>Classification</th>
          <td>Unclassified
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>All
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>gabisoft@freesurf.ch
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>All
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>NEW
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>unspecified
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>general
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>systemd
          </td>
        </tr></table>
      <p>
        <div>
        <pre>File: /lib/i386-linux-gnu/security/pam_systemd.so
Version: Version: 204-5
Debian-Package: libpam-systemd

After the specification the user runtime directory must be accessible by the
user.

<a href="http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html#variables">http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html#variables</a>

But it seams to be an distribution independent behavior, that the
XDG_RUNTIME_DIR variable is not changed in case of su is switching the context.

# echo $XDG_RUNTIME_DIR
/run/user/0
# su - gabriel
$ echo $XDG_RUNTIME_DIR
/run/user/0

(Which should be "/run/user/1000")

This does result in access deny messages, because a normal user does not have
access to the root runtime directory.

GNOME has started using user runtime dir, which is set by the environment
variable XDG_RUNTIME_DIR.

(gnome-settings-daemon:7139): dconf-CRITICAL **: unable to create 
directory '/run/user/0/dconf': Permission denied. doconf will not work 
properly.

This prevent GNOME to start.

Distribution bug reports:

<a href="https://bugzilla.redhat.com/show_bug.cgi?id=753882">https://bugzilla.redhat.com/show_bug.cgi?id=753882</a>
<a href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724731">http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=724731</a>

In my opinion this is a bug in pam_systemd.so. Of course

su user

should preserve the XDG_RUNTIME_DIR variable, but

su - user

should not.

In case of login direct as user, the XDG_RUNTIME_DIR is set correct.</pre>
        </div>
      </p>
      <hr>
      <span>You are receiving this mail because:</span>
      
      <ul>
          <li>You are the QA Contact for the bug.</li>
          <li>You are the assignee for the bug.</li>
      </ul>
    </body>
</html>