[systemd-devel] Effect of pam_systemd on non-login type applications

Lennart Poettering lennart at poettering.net
Mon Mar 28 13:00:09 PDT 2011


On Tue, 22.03.11 20:53, Andrey Borzenkov (arvidjaar at gmail.com) wrote:

> I'm about to enable pam_systemd globally, but now I am a bit unsure
> where should it go in. I'd rather put it in default system-auth which
> is included by most other modules; but it also includes some modules
> that I am not sure what they do. So could having pam_systemd (in
> default configuration - i.e. no kills) - have any ill effect on
> service?

We have it in the defalt system-auth file. I am not aware of any
problems created by this so far.

> 
> Regarding non-default configuration - is it possible to override
> global configuration in a module? I.e. is this valid:
> 
> system-auth:
> ...
> session require pam_systemd.so
> 
> foo
> ...
> session include system-auth
> session require pam_systemd.so kill-session=1
> 
> ??

I am pretty sure PAM would call into the module twice in this
case. Probably not advisable to do this.

Lennart

-- 
Lennart Poettering - Red Hat, Inc.


More information about the systemd-devel mailing list