[systemd-devel] login/logout hooks in fedora 17?
Lennart Poettering
lennart at poettering.net
Mon Jun 18 10:42:58 PDT 2012
On Mon, 18.06.12 10:04, Fernando Lopez-Lezcano (nando at ccrma.Stanford.EDU) wrote:
> >>Thanks for any advice!
> >
> >Hmm, so there are multiple ways to achieve this, but it really depends
> >on what you are trying to do here. May I ask what kind of script you
> >want to run for a user logging in?
>
> Our workstations have a partition on the hard disk for users to use
> temporarily, mounted under /zap (we've had this for a long long
> time). When a local user (ie: sitting in front of the machine) logs
> out the contents of /zap/ are erased. The partition is usually
> rather big and different from /tmp, /var/tmp, etc (ie: the user
> should see an empty directory when he/she logins).
>
> The script singled out some processes for killing (and log) that
> could spell trouble for subsequent users if they stayed alive
> (namely jack and pd if I remember correctly).
>
> The script also reloads the state of the alsa mixer so that users
> are assured sound will work as expected after they login.
>
> I also used them to track and terminate any user processes that
> linger for a while after the logout, but I believe that can be done
> now through systemd (I think I saw some references to that last
> week, the name of the preference escapes me right now).
Yes, you can do that now with systemd. Just set KillUserProcesses=yes in
/etc/systemd/logind.conf.
> >Also do you want this to run prviliged or unprivieleged?
>
> I would prefer privileged, that would allow me, for example, to
> choose what to erase in /zap (not necessarily only the current
> user's files).
OK, with all this I'd recommend using something like pam-hooks or
pam-scripts. It will run privileged, works for all PAM services, is
not dependant on systemd, and runs synchronously.
> BTW, last Friday I tried to use a small perl program using Net::Dbus
> or something like that (sorry, I don't have the code here right now)
> to try to listen to specific messages from the --system bus but
> while everything seemed to run fine and I got no errors I never saw
> any messages (the messages were seen by the standard utility). Based
> on my searches so far that seemed like a reasonable approach.
Hmm, maybe you forgot to invoke AddMatch on the bus so that you actually
go the messages? Or maybe the bus policy prohibited that these events
got delivered to you?
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the systemd-devel
mailing list