dbus: Removing pam_console, pam_foreground, /var/run/console support?
Lennart Poettering
mzqohf at 0pointer.de
Mon Jul 3 10:54:59 UTC 2017
On Thu, 29.06.17 17:28, Simon McVittie (smcv at collabora.com) wrote:
> After the /var/run/console protocol is removed, the following protocols
> to get equivalent information for "at_console" policy rules will remain
> available in dbus:
>
> * If enabled, ask systemd-logind via its C API in libsystemd; a user with
> a session on any seat is considered to be at the console
> * If compiled for Solaris, probe the file owner of /dev/console;
> its owner is considered to be at the console
Removing this old cruft definitely has my support. I'd even go further
even, and drop the concept altogether and simply say that all
non-system users as well as root itself are considered at the
"console". I doubt the current users of this concept would be severely
weakened if they'd stop distuingishing between local and remote users
and would instead just grant access to all users that aren't system
users (because ultimately at_console users are just a subset of the
non-system users).
(But I can see how people can disagree with this notion...)
Lennart
--
Lennart Poettering, Red Hat
More information about the dbus
mailing list