[systemd-devel] specialized user sessions for running large processes
Lennart Poettering
lennart at poettering.net
Tue Oct 2 14:17:14 UTC 2018
On Di, 02.10.18 15:32, Thomas Blume (Thomas.Blume at suse.com) wrote:
> Hi,
>
> there is some large software like SAP or Oracle out there that need to
> be started/stopped via special users.
>
> At system boot, they get started via a user session and inherit the
> restrictions from the user slice.
> That is not really appropriate for such large processes as they usually
> need higher resource limits than normal users.
> Hence, they should get rather attached below the system slice (or a
> dedicated custom slice below -.slice) Also, those specialized users, don't
> need a full blown user session but
> only that much environment which is necessary for doing their management
> tasks.
> Unfortunately, pam_systemd enforces all users to get attached below the
> user.slice at login.
>
> So, what I need would be the possibility to put a user outside the user
> slice and/or start a customized session instead of a normal user
> session.
>
> I'm looking for the best approach to get this.
> Would a patch to pam_systemd, that allows the setup of such specialized
> user sessions be acceptable?
> If not, are there any other ideas to get this?
Not sure I follow. System users should have a UID below 1000 (or
whatever your OS defines as boundary between system and regular
users). Moreover system services should really be started as system
servers, and not from login sessions...
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list