On Sat, 03 Jun 2017 at 22:50:58 +0200, Christian Mueller wrote:
> (separate temp mount points for
> each user) which, apart from the incredible clutter in the list of mounted
> file systems, breaks my workflows (I need a single /tmp for all users).

systemd-logind mounts a small tmpfs at /run/user/$uid for each concurrent
user, as its way to implement XDG_RUNTIME_DIR without letting users cause
denial of service by filling up /run. /tmp remains visible to all users.

> Just having a version of policykit-1 compiled without systemd
> dependencies would solve all our issues and it's a tiny little change in the
> rules file.

The change is tiny, but the support burden is not.

To be able to implement the policies that it provides, polkit needs a
way to determine which users are logged-in, which of those logged-in
users are local (getty, xdm etc. but not ssh), and which of those local
users are on the active VT. Historically, that was implemented by
ConsoleKit, which no longer has upstream maintainers[1], and does not
appear to have Debian maintainers either. On Linux systems (with
either systemd, sysvinit + systemd-shim or Upstart + systemd-shim)
the replacement is systemd-logind.


[1] https://www.freedesktop.org/wiki/Software/ConsoleKit/

Reply via email to