[systemd-devel] login/logout hooks in fedora 17?

Fernando Lopez-Lezcano nando at ccrma.Stanford.EDU
Wed Jun 20 21:26:07 PDT 2012


On 06/18/2012 10:42 AM, Lennart Poettering wrote:
> On Mon, 18.06.12 10:04, Fernando Lopez-Lezcano (nando at ccrma.Stanford.EDU) wrote:
>>>> Thanks for any advice!
>>>
>>> Hmm, so there are multiple ways to achieve this, but it really depends
>>> on what you are trying to do here. May I ask what kind of script you
>>> want to run for a user logging in?
>>
>> Our workstations have a partition on the hard disk for users to use
>> temporarily, mounted under /zap (we've had this for a long long
>> time). When a local user (ie: sitting in front of the machine) logs
>> out the contents of /zap/ are erased. The partition is usually
>> rather big and different from /tmp, /var/tmp, etc (ie: the user
>> should see an empty directory when he/she logins).
>>
>> The script singled out some processes for killing (and log) that
>> could spell trouble for subsequent users if they stayed alive
>> (namely jack and pd if I remember correctly).
>>
>> The script also reloads the state of the alsa mixer so that users
>> are assured sound will work as expected after they login.
...
>>> Also do you want this to run prviliged or unprivieleged?
>>
>> I would prefer privileged, that would allow me, for example, to
>> choose what to erase in /zap (not necessarily only the current
>> user's files).
>
> OK, with all this I'd recommend using something like pam-hooks or
> pam-scripts. It will run privileged, works for all PAM services, is
> not dependant on systemd, and runs synchronously.

(for some reason a previous response did not make it to the list).

Hi Lennart,

Thanks for the advice, sounds like the right solution[*]. I managed to 
get pam_script going. Right now it is at the end of postlogin in 
/etc/pam.d/ (after several earlier choices) and it works. Half of the 
time. Literally. The open session script triggers with a gdm login into 
a gnome session, but the close session script does not trigger with a 
logout.

But both scripts trigger on ssh logins and logouts. Systemd seems to to 
be happy (at least I see messages in dbus-monitor). But pam, somehow, 
does not get the right push when I logout of a gnome-shell session (this 
is all in fc17).

So, who is missing a message? (or whatever) Pam? Gnome-shell? Systemd? 
Another obscure little piece of the puzzle that I can't yet see?

A simple logout hook is what I need most, of course.
Very very _very_ frustrating.

-- Fernando

[*] I also tested hacking dbus-monitor and I guess that could be made 
into a login/logout detector - but how do you differentiate between 
local and ssh logins? .../login1/Manager messages do not seem to be enough.



More information about the systemd-devel mailing list