> Why is 'sudo -i' an own service at all? Why isn't this covered by the 'sudo'
> service?
There are situations where you want some PAM modules to run only for
'interactive' sessions. On Debian, /etc/pam.d/sudo contains
"@common-session-noninteractive".
To see what practical difference this makes, run 'diff -u
/etc/pam.d/common-session{,-noninteractive}'. On my system I see that pam_sss,
pam_systemd and pam_mkhomedir are missing from noninteractive sessions, other
systems may vary.
--
Sam Morris <https://robots.org.uk/>
PGP: rsa4096/CAAA AA1A CA69 A83A 892B 1855 D20B 4202 5CDA 27B9
_______________________________________________
FreeIPA-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/[email protected]
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
