'Re: [PATCH] login-utils: import environment from user manager on systemd systems'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       util-linux-ng
Subject:    Re: [PATCH] login-utils: import environment from user manager on systemd systems
From:       Karel Zak <kzak () redhat ! com>
Date:       2016-12-08 11:24:41
Message-ID: 20161208112441.5kckrt7cofh2opbz () ws ! net ! home
[Download RAW message or body]

On Wed, Dec 07, 2016 at 09:04:35PM +0100, Ruediger Meier wrote:
> On Wednesday 07 December 2016, Ray Strode wrote:
> > Hi Karel,
> >
> > On Tue, Oct 25, 2016 at 4:34 PM, Ray Strode <halfline@gmail.com> 
> wrote:
> > > From: Ray Strode <rstrode@redhat.com>
> > >
> > > If the user is using a systemd system, then its useful to grab the
> > > environment from the systemd user manager process.
> > >
> > > This allows administrators to initialize the environment of the
> > > sessions via systemd configuration.
> >
> > Any news on this?
> 
> I really don't like this as already discussed.

I had discussion about it with Ray on IRC, the conclusion has
been that the ideal solution would be to extend PAM to support 
another stack of modules. This stack will be executed on open PAM
session after switch from root to non-root user (after setuid()).

We had positive feedback about it from Red Hat PAM maintainer, but it
would be probably better to discuss it with PAM upstream. This change
will require a new stuff in PAM API.

The question is what to do *now* before the PAM will be extended. The
most simple solution will be to temporary merge Ray's patch for only
util-linux v2.30 (= for year 2017) to provide guys time to found a better
solution. 

It's important to say that v2.30 is expected in March/April, it's a long 
time to do a change in PAM...


Note, the issue is not about "bad boys from systemd camp". The
motivation for the change is wayland. The systemd has been selected as
a place where is possible to solve the problem.

Although I'm not sure why we need systemd as mediator, would be
possible to read the environment setting directly by login(1)? Or it's
expected that something (e.g. script) will be executed to get the session
initialized?

    Karel

-- 
 Karel Zak  <kzak@redhat.com>
 http://karelzak.blogspot.com
--
To unsubscribe from this list: send the line "unsubscribe util-linux" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic