[systemd-devel] Help with pam_systemd..

Shawn Ferris shawn.ferris at gmail.com
Sat May 26 08:31:37 PDT 2012 

Hey everyone,

I've got a Buildroot FS and was trying to get 'system --user'
functionality working. I didn't have PAM installed (it wasn't
available in buildroot), but was informed that it was a must, so I
have added it to my system now. Pam seems to be working perfectly as
in I can log into the system with 'auth required pam_unix.so' but it
wont even prompt for a password with 'auth required pam_nologin.so'.

When I added pam_systemd.so, I get locked out of my system. He's my pam entry:

#PAM-1.0
auth       required     pam_unix.so
auth       required     pam_nologin.so
account    required     pam_unix.so
password   required     pam_unix.so
session    required     pam_unix.so
session    required     pam_loginuid.so
-session    required     pam_systemd.so kill-session-processes=1 debug=1

(Per pam_systemd man page with the addition of debug)

When I attempt to log in, I succeed auth and systemd-logind creates a
new session, but immediately removes it and I'm returned to the login
prompt. EG:

/var/log/secure:

2000-01-01T00:16:55+00:00 buildroot login[1678]:
pam_unix(login:session): session opened for user root by LOGIN(uid=0)
2000-01-01T00:16:55+00:00 buildroot login[1678]:
pam_systemd(login:session): Asking logind to create session: uid=0
pid=1678 service=login type=tty seat= vtnr=0 tty=ttyO2 display=
remote=no remote_user= remote_host=
2000-01-01T00:16:55+00:00 buildroot login[1678]:
pam_systemd(login:session): Reply from logind: id=c4
object_path=/org/freedesktop/login1/session/c4
runtime_path=/run/user/root session_fd=6 seat= vtnr=0

jounalctl:

Jan 01 00:16:55 jarvis systemd-logind[1579]: New session c4 of user root.
Jan 01 00:16:55 jarvis systemd-logind[1579]: Removed session c4.
Jan 01 00:16:55 jarvis systemd[1]: serial-getty at ttyO2.service holdoff
time over, scheduling restart.

Ultimately, my goal is to have some unprivileged services started on
my pandaboard when it's booted. I can obviously run them through root
services with the User= option, but --user seemed like a much better
way. (So that I can add services without having to be root) Btw, I
don't plan on running X on this either, but do require dbus.

I don't know what I'm missing.. Any help? I'm pretty new to systemd
and only vaguely familiar with pam.

Thanks!
Shawn

PS: I'm running:

systemd-44
linux-pam-1.1.4
dbus-1.4.16
busybox-1.19.4 (with pam support - I fear this may be my problem perhaps?)

More information about the systemd-devel mailing list