[systemd-devel] Questions regarding dbus started via systemd --user

Colin Guthrie gmane at colin.guthr.ie
Fri Jan 9 01:56:27 PST 2015 

Dimitri John Ledkov wrote on 08/01/15 17:48:
> On 8 January 2015 at 17:15, Andrei Borzenkov <arvidjaar at gmail.com> wrote:
>> В Thu, 8 Jan 2015 16:03:43 +0000
>> Dimitri John Ledkov <dimitri.j.ledkov at intel.com> пишет:
>>
>>> On 8 January 2015 at 15:37, Simon McVittie
>>> <simon.mcvittie at collabora.co.uk> wrote:
>>>> On 08/01/15 14:36, Colin Guthrie wrote:
>>>>> Lennart Poettering wrote on 08/01/15 13:19:
>>> Thus my expectation would be to have a systemd (dbus, etc...) --user
>>> per-session/per-seat, rather than per-uid.
>>>
>>
>> How do you manage things that are inherently per-user and not
>> per-session (like pulse audio, ssh-/gpg-agents)?
> 
> E.g. ssh-/gpg-agents -> they are upstart jobs, and thus are started
> per-session. They use environment variables to point at the active
> agent.
> 
> Even on your desktop, you can spawn two agents and use different
> SSH_AUTH_SOCK to talk to one or the other.
> 
> Ideally such variables could be eliminated in favor of using address
> namespacing e.g. always talk to unix:abstract=/tmp/agent -> which is
> then point at different things in each of the logind sessions, or
> same, or whatever as needed depending on the desired model of
> per-users/per-session/per-user-session of behaviour.

You don't really need to use abstract sockets here, you can use known
socket paths in $XDG_RUNTIME_DIR these days as we can rely on it.

As pam_systemd will set XDG_RUNTIME_DIR to /run/user/$UID/ we can easily
just mandate that ssh agent is always on /run/user/$UID/ssh-agent
socket, and forgo any env vars.

We can also then teach ssh-agent to be socket activatable, and then
simply write ssh-agent.socket and ssh-agent.service systemd units
accordingly and it will be autolaunched by systemd on-demand. Teach it
to exit after a timeout and it'll quit and save resources when not
needed too.

This is likely the way forward IMO. Ditto for gpg-agent.

(this isn't really different to what you say in principle, just a little
detail about the implementation)

:)

Col

-- 

Colin Guthrie
gmane(at)colin.guthr.ie
http://colin.guthr.ie/

Day Job:
  Tribalogic Limited http://www.tribalogic.net/
Open Source:
  Mageia Contributor http://www.mageia.org/
  PulseAudio Hacker http://www.pulseaudio.org/
  Trac Hacker http://trac.edgewall.org/

More information about the systemd-devel mailing list