On Wed, Feb 29, 2012 at 11:25:42PM +0100, Michael Biebl wrote: > please consider enabling pam_loginuid by default. > consolekit relies on that information to setup a correct > login-session-id property and a correct context in case the X session is > started via startx.
DESCRIPTION
The pam_loginuid module sets the loginuid process attribute for the
process that was authenticated. This is necessary for applications to
be correctly audited. This PAM module should only be used for entry
point applications like: login, sshd, gdm, vsftpd, crond and atd.
This appears to make it inappropriate to include by default via
libpam-runtime. Some of these services are interactive, some are
noninteractive; there are both interactive and noninteractive services that
don't count as initial login services.
> Note the broken login-session-id property.
> If you want to use ConsoleKit via startx, setting up pam_loginuid is a
> prerequisite, otherwise the session won't be marked as active.
> For that it needs to be loaded *before* pam_ck_connector. [1]
Why in the world does a login session ID have anything to do with a session
being "active"? That seems like a buggy definition to me.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slanga...@ubuntu.com vor...@debian.org
signature.asc
Description: Digital signature
