[systemd-devel] run0 and run0 versus machinectl shell
Lennart Poettering
lennart at poettering.net
Thu Oct 17 12:33:50 UTC 2024
On Do, 17.10.24 09:58, Dominick Grift (dominick.grift at defensec.nl) wrote:
>
> I am encountering three issues with run0:
>
> 1. not upstream related but Debian (currently) does not install
> systemd-run0 pamname
Not sure what "pamname" means? Do you mean the PAM stack configuration
file for run0?
> 2. the man page is incorrect in stating that everything goes through
> systemd-run0 pam stack because if you omit --user= then run0 will not go
> through pam (you can verify that by looking at the ownership of the
> created pty. pty ownership is not reset to root.)
Hmm? I does work fine here? not sure what pty ownership has to do with
PAM? And which pty precsiely?
> 3. the way run0 is implemented differs from the way machinectl shell
> implements this functionality. I am not sure so bear with me but with
> machinectl shell, the shell gets executed by the systemd --user instance
> whereas with run0 the shell gets executed by systemd --system
> instance. This inconsistency potentially causes issues with pam because
> systemd --user is not -/bin/bash. Ipersonally prefer the way machinectl
> shell does it but I will be honest that this seems not perfect
> either.
I don#t follow? What do you mean by "systemd --user" is not
"-/bin/bash"?
Lennart
--
Lennart Poettering, Berlin
More information about the systemd-devel
mailing list