[systemd-devel] login/logout hooks in fedora 17?
Fernando Lopez-Lezcano
nando at ccrma.Stanford.EDU
Wed Jun 20 13:39:27 PDT 2012
On 06/18/2012 10:42 AM, Lennart Poettering wrote:
> On Mon, 18.06.12 10:04, Fernando Lopez-Lezcano (nando at ccrma.Stanford.EDU) wrote:
>
>>>> Thanks for any advice!
>>>
>>> Hmm, so there are multiple ways to achieve this, but it really depends
>>> on what you are trying to do here. May I ask what kind of script you
>>> want to run for a user logging in?
>>
>> Our workstations have a partition on the hard disk for users to use
>> temporarily, mounted under /zap (we've had this for a long long
>> time). When a local user (ie: sitting in front of the machine) logs
>> out the contents of /zap/ are erased. The partition is usually
>> rather big and different from /tmp, /var/tmp, etc (ie: the user
>> should see an empty directory when he/she logins).
>>
>> The script singled out some processes for killing (and log) that
>> could spell trouble for subsequent users if they stayed alive
>> (namely jack and pd if I remember correctly).
>>
>> The script also reloads the state of the alsa mixer so that users
>> are assured sound will work as expected after they login.
>>
>> I also used them to track and terminate any user processes that
>> linger for a while after the logout, but I believe that can be done
>> now through systemd (I think I saw some references to that last
>> week, the name of the preference escapes me right now).
>
> Yes, you can do that now with systemd. Just set KillUserProcesses=yes in
> /etc/systemd/logind.conf.
>
>>> Also do you want this to run prviliged or unprivieleged?
>>
>> I would prefer privileged, that would allow me, for example, to
>> choose what to erase in /zap (not necessarily only the current
>> user's files).
>
> OK, with all this I'd recommend using something like pam-hooks or
> pam-scripts. It will run privileged, works for all PAM services, is
> not dependant on systemd, and runs synchronously.
Thanks for the advice, I'm trying this right now. So far I managed
(using pam_script 1.1.6) to trigger a script on login by adding
pam_script.so to gdm-password, but I have not found where to activate it
for the end of the gdm session. Sigh. Never easy...
-- Fernando
More information about the systemd-devel
mailing list