[systemd-devel] [lennart at kemper.freedesktop.org: [systemd-commits] src/pam-module.c]
Andrey Borzenkov
arvidjaar at mail.ru
Tue Feb 8 02:31:03 PST 2011
On Tue, Feb 8, 2011 at 1:30 PM, Andrey Borzenkov <arvidjaar at mail.ru> wrote:
> On Tue, Feb 8, 2011 at 1:15 PM, Lennart Poettering
> <lennart at poettering.net> wrote:
>> On Tue, 08.02.11 12:29, Andrey Borzenkov (arvidjaar at mail.ru) wrote:
>>
>>> > The rtkit patch ensures rtkit itself can get RT privs. This systemd
>>> > patch ensures apps (such as PA) started within a systemd session can get
>>> > RT privs. Without neither patch neither side can get RT privs. To work
>>> > properly both sides need to be able to get RT privs.
>>> >
>>>
>>> Do I need this patch to *strart* rtkit?
>>
>> Hmm, yes? The cgroup fix needs to be applied when you start rtkit.
>>
>
> But there is no login session at this point; is PAM involved at all?
> At least "pam" does not appear anywhere in rtkit sources ... and we
> must be able to use systemd with pam_systemd as well, must not we?
*without* pam_systemd that is ...
>
>>>
>>> {pts/0}% sudo systemctl status rtkit-daemon.service
>>> rtkit-daemon.service - RealtimeKit Scheduling Policy Service
>>> Loaded: loaded (/lib/systemd/system/rtkit-daemon.service)
>>> Active: active (running) since Tue, 08 Feb 2011 12:22:30 +0300; 5s ago
>>> Main PID: 13399 (rtkit-daemon)
>>> Status: "Running."
>>> CGroup: name=systemd:/system/rtkit-daemon.service
>>> └ 13399 /usr/lib64/rtkit-daemon
>>>
>>> Feb 8 12:22:30 cooker rtkit-daemon[13399]: Failed to make ourselves
>>> RT: Operation not permitted
>>
>>> {pts/1}% systemctl --no-pager --property=ControlGroups show rtkit-daemon.service
>>> ControlGroups=name=systemd:/system/rtkit-daemon.service cpu:/
>>
>> Uh, oh. Are you suggesting that rtkit does not actually run in the cpu:/
>> cgroup? Can you verify this with "ps xawf -eo pid,args,cgroup"?
>>
>
> {pts/1}% ps xawf -eo pid,args,cgroup | grep rtkit
> 3781 /usr/lib64/rtkit-daemon name=systemd:/system/rtkit-daemon.service
>
> This is 0.9 with your patch on top. systemd patch not yet applied.
>
More information about the systemd-devel
mailing list