On 08.03.2012 20:40, Steve Langasek wrote: > The sshd process that supervises the user's session is not part of the pam > session. It *must* sit outside of it, to ensure proper teardown. And this > process should persist across restarts of the sshd service. So killing all > processes in the ssh service's cgroup, and relying on PAM to let user > sessions survive, would be the wrong answer.
As has been mentioned already, the way to address this is to use KillMode=process in sshd's service file (the default is cgroup). This way, systemd only kills the main process on stop/restart which is the behavaiour we want for sshd. No mandatory PAM support in sshd is required for that. -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature