[systemd-devel] The whole su/pkexec session debate
Lennart Poettering
lennart at poettering.net
Tue Dec 10 18:17:14 PST 2013
On Mon, 02.12.13 10:00, Colin Guthrie (gmane at colin.guthr.ie) wrote:
>
> 'Twas brillig, and Martin Pitt at 02/12/13 05:48 did gyre and gimble:
> >> > This way, screen will keep an "active" reference to the session and
> >> > systemd-logind will not mark it as "closing".
> >
> > But that screen process would still be running in the user's logind
> > session cgroup, so logind can see that the session is still active
> > that way? (Unless you configured it to kill all session processes on
> > logout).
>
> The session is still marked as "closing" but because processes still
> exist it never quite dies. And yes, the kill processes option (which is
> a nice thing to enable if possible) would indeed kill the screen.
>
> It would be really nice if screen somehow escaped, but if the pam* calls
> need root then I think some other way would be better (perhaps with
> logind doing some of the setup work... dunno).
I am pretty sure that screen should not get the right to escape here. It
should be a program like any other, and if the admin decides to now
allow people leaving processes around after logging out then screen
should be killed, the same way as any other process.
The kill-on-logout thing really is something that explicitly should
kill screen too, otherwise it would not be so useful.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list