[systemd-devel] Upgrade 232 -> 233: user at XXX.service: Failed at step PAM spawning...
Vlad
vovan at vovan.nl
Sun Apr 30 13:07:03 UTC 2017
I'd like to summarize all the thought about this issue. The systemd
behavior regarding PAM stack has been changed:
1. systemd-232: if PAM stack fails service unit is still started, so PAM
errors are ignored.
2. systemd-233: if PAM stack fails service unit fails as well.
The second is IMO the right logic, please correct me it's not the case.
However the first one is just wrong, isn't it?
Regards,
Vlad.
On 29/04/17 18:19, Lennart Poettering wrote:
> On Sat, 29.04.17 16:59, Vlad (vovan at vovan.nl) wrote:
>
>> Thanks for the answer. I'd then rephrase my original question: I'd like
>> to know what has been changed in the systemd (pam_systemd?) version 233,
>> that now it fails to start user at xxx.service? If I downgrade to the
>> version 232, then systemd gives the same error, but still starts
>> user at xxx.service successfully (pam configuration is exactly the same for
>> both systemd versions).
> Here's an educated guess: maybe it's not pam_systemd that fails but
> pam_keyring, due to the recent keyring changes? (every service know
> gets its own fresh keyring set up, maybe the way you invoke
> pam_keyring clashes with that?)
>
> Anyway, please figure out which PAM module precisely fails, using PAM
> debugging. For that stuff please consult the PAM community or
> documentation.
>
> Thanks,
>
> Lennart
>
More information about the systemd-devel
mailing list