[systemd-devel] Random session bus availability with systemd
Lennart Poettering
lennart at poettering.net
Mon Aug 11 11:18:38 PDT 2014
On Mon, 11.08.14 19:48, tomw (tomw at ubilix.com) wrote:
>
> > This looks weird. You first become user "xyzuser", then you run sudo
> > again, to become "xyzuser"? What's that supposed to do? Why involve
> > "sudo" here at all? You could also use PAMName= directly...?
>
> Thanks for your helpful comments. This setup is intended to boot
> directly into an application w/o any user interaction and to run the
> application w/o root privileges. You're right, either setting User or
> using sudo is redundant. Using PAMName would request a password which
> isn't suitable in this case.
No. PAMName= has the effect of opening a PAM session, nothing more. It
will not go through the password logic of PAM.
PAMName= is the right thing to do here, so that the normal PAM session
hooks are used.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list