[systemd-devel] [lennart at kemper.freedesktop.org: [systemd-commits] src/pam-module.c]

Lennart Poettering lennart at poettering.net
Tue Feb 8 02:36:38 PST 2011

On Tue, 08.02.11 13:30, Andrey Borzenkov (arvidjaar at mail.ru) wrote:

> On Tue, Feb 8, 2011 at 1:15 PM, Lennart Poettering
> <lennart at poettering.net> wrote:
> > On Tue, 08.02.11 12:29, Andrey Borzenkov (arvidjaar at mail.ru) wrote:
> >
> >> > The rtkit patch ensures rtkit itself can get RT privs. This systemd
> >> > patch ensures apps (such as PA) started within a systemd session can get
> >> > RT privs. Without neither patch neither side can get RT privs. To work
> >> > properly both sides need to be able to get RT privs.
> >> >
> >>
> >> Do  I need this patch to *strart* rtkit?
> >
> > Hmm, yes? The cgroup fix needs to be applied when you start rtkit.
> >
> But there is no login session at this point; is PAM involved at all?
> At least "pam" does not appear anywhere in rtkit sources ... and we
> must be able to use systemd with pam_systemd as well, must not we?


The patch to rtkit needs to be applied before rtkit is started. After
applying, building and installing rtkit you need to reload the systemd

The patch to systemd needs to be applied before you login. After
applying, building and installing systemd it should be sufficient to
relogin, since that will already load the updated PAM module.

> >> {pts/1}% systemctl --no-pager --property=ControlGroups show rtkit-daemon.service
> >> ControlGroups=name=systemd:/system/rtkit-daemon.service cpu:/
> >
> > Uh, oh. Are you suggesting that rtkit does not actually run in the cpu:/
> > cgroup? Can you verify this with "ps xawf -eo pid,args,cgroup"?
> >
> {pts/1}% ps xawf -eo pid,args,cgroup | grep rtkit
>  3781 /usr/lib64/rtkit-daemon
>  name=systemd:/system/rtkit-daemon.service

This looks pretty much correct, rtkit is in the root cpu cgroup.


Lennart Poettering - Red Hat, Inc.

More information about the systemd-devel mailing list