[systemd-devel] pam_systemd.so and su
Christian Hesse
list at eworm.de
Wed Mar 28 07:26:21 PDT 2012
Lennart Poettering <lennart at poettering.net> on Tue, 2012/03/27 12:58:
> On Thu, 22.03.12 12:11, Christian Hesse (list at eworm.de) wrote:
>
> > > > Do you have audit enabled in the kernel and are using pam_loginuid?
> > > >
> > > > Normally, when the pam session close hooks are called logind responds
> > > > to this by killing the main process of the session if it still
> > > > exists. This is probably the source of the problem here.
> > >
> > > I have now commited a patch to git that might fix your issue. Please
> > > test:
> > >
> > > http://cgit.freedesktop.org/systemd/systemd/commit/?id=75c8e3cffd7da8eede614cf61384957af2c82a29
> > >
> > > I assume this fixes your problem, but since our kernels actually have
> > > audit enabled I am a bit too lazy trying to reproduce the issue here, so
> > > I'd be very thankful if you could test this!
> >
> > This fixes it for me. Thanks a lot!
> >
> > Though this brings another problem: I have tmux with pam support (don't
> > know the original link but have a copy of the patch on my personal
> > webserver [0]). I used to have an alias
> >
> > alias tmux="tmux attach || tmux"
> >
> > which tries to attach to a session and opens a new one if it fails. I had
> > to change this to
>
> "it fails"? How precisely?
It exits with error code 1, nothing more. No error messages, nothing.
Probably the patch is everything but verbose.
What I have found so far: If I add pam_unix in session directive (just for
logging) in /etc/pam.d/tmux I get logs for the first tmux process only, not
for the failing one.
If I sleep for a moment before starting the second tmux process it works as
expected and I git pam logs from both processes.
> No clue what tmux is though (some screen reimplementation?).
Basically, yes.
--
Best regards,
Chris
O< ascii ribbon campaign
stop html mail - www.asciiribbon.org
More information about the systemd-devel
mailing list