Summary: | sys-apps/systemd: CONFIG_AUDITSYSCALL=y really required for pam_systemd.so thesedays? time to reverify. | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Ulenrich <ulenrich> |
Component: | [OLD] Core system | Assignee: | Gentoo systemd Team <systemd> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | alexander |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Ulenrich
2014-04-01 08:26:29 UTC
well, CONFIG_AUDITSYSCALL=y is required for /proc/<pid>/sessionid, and sessionid is used by the pam_systemd.so module when not using display manager, ie. for tracking user from text login -> to console -> to startx -> to X11 this dependency is inherited from sys-auth/consolekit, which uses same thing for pam_ck_connector.so so, unless pam_systemd.so has evolved in a way sessionid is no longer required in /proc, it is still required last time I brought this up with systemd upstream maintainer, he said he considers it optional because it's only used by logind, and only when not using "proper" display manager, and even then there was some cases it works (can't remember how) i guess it's easy to test and verify, if user is seen as 'active user' by logind, even without audit support in kernel, when using text login & startx, ... #gentoo-systemd from today, 09:55 < grawity> though latest logind releases do not require that anymore (Arch turned off CONFIG_AUDIT completely a month ago); it gets all information from cgroups of the process So it seems CONFIG_AUDITSYSCALL check should be removed from at least >=sys-apps/systemd-213 and this bug be closed with it That also means that some arches that have USE="pam" *use.masked in their profiles because of missing CONFIG_AUDITSYSCALL, can now be unmasked: arch/mips/package.use.mask:sys-apps/systemd pam arch/alpha/package.use.mask:sys-apps/systemd pam Those entries can be removed then too + 11 Jun 2014; Mike Gilbert <floppym@gentoo.org> systemd-213.ebuild, + systemd-9999.ebuild: + Drop CONFIG_AUDITSYSCALL check, bug 506418. |