[systemd-devel] [PATCH] cgroups: chown user slices

Lennart Poettering lennart at poettering.net
Thu Jul 11 15:35:56 PDT 2013


On Thu, 11.07.13 23:56, Oleksii Shevchuk (alxchk at gmail.com) wrote:

> 
> > pam_gnome_keyring needs to be in the pam stack for "systemd-shared" of
> > course.
> 
> pam_gnome_keyring needs authinfo to unlock login keychain. Will that be
> passed to new systemd instance? 

Well, hmm, I am not sure how pam_gnome_keyring works exactly, but it
shoudln#t be too hard for it to store the auth token somewhere so that
it is accessible for all sessions of the same user. I'd recommend using
the kernel keyring for these things btw.

> > Which environment would that be? 
> 
> When systemd fully runs session, than that will be full profile
> environment + environment setted by login manager.
> 
> For example, DM should setup DISPLAY variable.

The X11 display is passed into the PAM session as parameter. logind
knows that, and will managed a symlink in $XDG_RUNTIME_DIR to the
display. What's missing though is that libx11 can actually deal with that.

> > Can you elaborate? Where exactly does it hang?
> 
> Some kind of debugging environment should be setted up before that. With
> shared user instance user at .service hangs alot. Sometimes session scopes
> rests in timeouts, when user session terminated without systemctl --user
> exit. Looks like logind/pam_systemd doesn't kill something.  

Hmm, Can you enable "debug-shell.service", and then check from there
what exactly is hanging, i.e. what the output of "systemctl list-jobs" is?

> I have some units in user session with KillMode=process. Maybe that matters

So, my suspicion is that it might be bash that is hanging. It ignores
SIGTERM and only dies on SIGHUP which the current scope code doesn't
send.

Lennart

-- 
Lennart Poettering - Red Hat, Inc.


More information about the systemd-devel mailing list