[systemd-devel] logind, su - sessions and initscripts compatibility

Dale R. Worley worley at alum.mit.edu
Sun Dec 21 17:13:41 PST 2014


Andrei Borzenkov <arvidjaar at gmail.com> writes:
> There is not a single word about "login session" in su man page.
> It says it starts "login shell" - but "login session" is not created by
> shell so I do not see where you draw this conclusion from.
>
> The primary reason to use "su -" in this cases is a) get a clean
> environment and b) make started shell read usual startup files to
> ensure some known state for running programs. Actually the only
> difference between "login" and "non login" shells is which startup
> files are processed.

I'm no expert in this, but as far as I know, there's no solid
documentation or specification regarding "login sessions" as a concept.

But as you say, "the only difference between "login" and "non login"
shells is which startup files are processed."  And I take that to mean
that when the "login" startup files are processed, the intention is to
"create a login session", to initialize everything as if the named user
was logging in.  Whereas what the "non login" startup files are
processed, the intention is that this is *not* a "new login", but rather
an attempt to create a shell subprocess running under the new UID which
is *not* disconnected from the environment of its parent process.  And
when an initscript does an "su" to get ready to run a daemon, it really
ought to use the latter method, not the former.  (I have written
initscripts, so I know something about that.)

I would expect the architects on the systemd project have thought about
these problems more than I have.

Dale


More information about the systemd-devel mailing list