[systemd-devel] [PATCH weston] doc/systemd: system service example
Lennart Poettering
lennart at poettering.net
Wed Nov 29 18:05:07 UTC 2017
On Di, 28.11.17 12:14, Pekka Paalanen (ppaalanen at gmail.com) wrote:
> +
> +[Unit]
> +Description=Weston, a Wayland compositor, as a system service
> +Documentation=man:weston(1) man:weston.ini(5)
> +Documentation=http://wayland.freedesktop.org/
> +
> +# Make sure we are started after logins are permitted.
> +After=systemd-user-sessions.service
> +
> +# If Plymouth is used, we want to start when it is on its way out.
> +After=plymouth-quit-wait.service
> +
> +# D-Bus is necessary for contacting logind. Logind is required.
> +Wants=dbus.socket
> +After=dbus.socket
> +
> +# This scope is created by pam_systemd when logging in as the user.
> +# This directive is a workaround to a systemd bug, where the setup of the
> +# user session by PAM has some race condition, possibly leading to a failure.
> +# See README for more details.
> +After=session-c1.scope
Hmm, what is this about?
This is racy, as the session ID is not really reliably predictable,
and is synthesized in different contexts in different ways, for
example depnding on whether audit is enabled in the kernel it might be
session-1.scope rather than session-c1.scope.
> +# Set up a full user session for the user, required by Weston.
> +PAMName=login
Piggy-backing on "login" is a bad idea. "login" is a text tool, and
thus the PAM rules for it usually pull in some TTY specific PAM
modules. YOu shoudl really use your own PAM fragment here, and
configure only the bits you need.
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list