[systemd-devel] logind, su - sessions and initscripts compatibility
Dale R. Worley
worley at alum.mit.edu
Sun Dec 21 17:13:41 PST 2014
Andrei Borzenkov <arvidjaar at gmail.com> writes:
> There is not a single word about "login session" in su man page.
> It says it starts "login shell" - but "login session" is not created by
> shell so I do not see where you draw this conclusion from.
> The primary reason to use "su -" in this cases is a) get a clean
> environment and b) make started shell read usual startup files to
> ensure some known state for running programs. Actually the only
> difference between "login" and "non login" shells is which startup
> files are processed.
I'm no expert in this, but as far as I know, there's no solid
documentation or specification regarding "login sessions" as a concept.
But as you say, "the only difference between "login" and "non login"
shells is which startup files are processed." And I take that to mean
that when the "login" startup files are processed, the intention is to
"create a login session", to initialize everything as if the named user
was logging in. Whereas what the "non login" startup files are
processed, the intention is that this is *not* a "new login", but rather
an attempt to create a shell subprocess running under the new UID which
is *not* disconnected from the environment of its parent process. And
when an initscript does an "su" to get ready to run a daemon, it really
ought to use the latter method, not the former. (I have written
initscripts, so I know something about that.)
I would expect the architects on the systemd project have thought about
these problems more than I have.
More information about the systemd-devel