On Sun, 01.12.13 21:25, Hristo Venev ([email protected]) wrote: > User is given permissions to their user@*.service cgroup so that user mode > systemd can run. session-*.scope cgroup permissions are required for > session mode.
Passing ownership to the cgroup tree is explicitly something that we should be very careful with. Delegation may happen (as mentioned elsewhere) between systemd instances, but we should keep it at a minimum, as the kernel support for delegating to users might eventually go away entirely. This is why the delegation is currently hidden between that PAM session check: we only want it for [email protected], but nothing else. Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
