Bug#868359: libpam-systemd should maybe not fire on non-login users

[Don Armstrong]

Package: libpam-systemd
Version: 232-25
Severity: minor

It seems reasonable that non-login users should not have per-user
sessions by default. Using pam_succeed_if to skip creation for users
with /bin/false or /usr/sbin/nologin shells seems reasonable.

IE, the following (currently untested):

Name: Register user sessions in the systemd control group hierarchy
Default: yes
Priority: 0
Session-Interactive-Only: yes
Session-Type: Additional
Session:
[success=2 default=ignore] pam_succeed_if quiet shell = /bin/false
[success=1 default=ignore] pam_succeed_if quiet shell = 
/usr/sbin/nologin
optionalpam_systemd.so


Alternatively, documenting this workaround in README.Debian might be
good enough.

-- 
Don Armstrong  https://www.donarmstrong.com

Love is... a complex sequence of neurochemical reactions that makes
people behave like idiots. It's similar to intoxication, but the
hangover's even worse.
 -- J. Jacques _Questionable Content_ #1039
http://www.questionablecontent.net/view.php?comic=1039

___
Pkg-systemd-maintainers mailing list
Pkg-systemd-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-systemd-maintainers

Bug#845480: /bin/ps depends on /usr/lib/... which makes the system unbootable

[Don Armstrong]

On Wed, 30 Nov 2016, Klaus Ethgen wrote:
> No, it worked well for decades and it was exactly why you have small
> root and resizable /usr on other medias.

It worked because of extraordinary effort by DDs to continuously migrate
libraries from /usr to / any time a binary or library in /bin, /sbin, or
/lib grew a new feature.

And that's not why it existed in the first place, either. See:
http://lists.busybox.net/pipermail/busybox/2010-December/074114.html

And you can still have them split; you just need an initrd. You can even
use something tiny, like: https://github.com/chris-se/tiny-initramfs

> It start getting broken when systemd start taking over the world.

Correlation is not causation. It has been broken multiple times over the
past two decades. Debian has just stopped supporting it after the switch
to systemd.

> Well, why should it have too many changes? It works great. And it is
> that well-hung that there is simply not to much to change.

If that's the case, you'd think that someone who actually wanted SysV to
be supported going forward would step up and maintain it. But no one
has. So either it's not such a small amount of work, no one who can do
the work is interested in maintaining SysV any longer, or no one knows
that they should be doing the work.

This is Debian. If you want SysV maintained, you should do the work.

-- 
Don Armstrong  https://www.donarmstrong.com

2: There is no out. There is only in.
  -- "The Prisoner (2009 Miniseries)"

___
Pkg-systemd-maintainers mailing list
Pkg-systemd-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-systemd-maintainers

Bug#771561: Bug:#771561: systemd: please remove /etc/fstab from bug report

[Don Armstrong]

On Mon, 01 Dec 2014, Nils Dagsson Moskopp wrote:
> Thank you for that. I did report this using an older version of
> systemd (204-8) that still had the bug and was not aware that any
> process would attach files that I did not notice in the editor when
> not asked about.
> 
> Can I disable auto-attaching files for reportbug globally so this can
> not happen again?

I think you can set something like:

max_attachment_size 0;

in /etc/reportbug.conf, and that might disallow all attachments. [It
might cause other problems too, though, because that's not what that
option was designed for.]

> Is there some other policy I can set regarding files?

Dunno. This might be a valid feature request for reportbug to have a
mode which prompts for each file attached to make sure it's OK to
attach.

If you you could write up such a feature request and file it against the
reportbug package using reportbug, it might get addressed.

-- 
Don Armstrong  http://www.donarmstrong.com

You could say she lived on the edge... Well, maybe not exactly on the edge,
just close enough to watch other people fall off.
  -- hugh macleod http://www.gapingvoid.com/Moveable_Type/archives/000309.html

___
Pkg-systemd-maintainers mailing list
Pkg-systemd-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-systemd-maintainers

Bug#771561: Bug:#771561: systemd: please remove /etc/fstab from bug report

[Don Armstrong]

I have deleted the contents of /etc/fstab from this bug report. From the
bug log it seems that the bug script actually does ask before attaching
it. It would probably be better to ask specifically for each of the
files that is attached after showing it, but I'm not going to mandate
that.

On Sun, 30 Nov 2014, Niels Thykier wrote:
> Nils (CC'ed) have requested the removal of an attached file from bug
> report, see below (#771561, BCC'ed to avoid duplicate requests to you).
> 
> The file is attached to #771561, comment #5.

OK. I'll go ahead and replace this file with a dummy fstab file, but
anything in there should be considered exposed to the world.

-- 
Don Armstrong  http://www.donarmstrong.com

Once, our bodies were bells:
Simply moving in the wind
We tolled our names.
 -- Phillis Levin "Poetry in Motion" p55

___
Pkg-systemd-maintainers mailing list
Pkg-systemd-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-systemd-maintainers

Bug#769747: [PATCH] debian/control: switch order of systemd-sysv|systemd-shim dependencies for libpam-systemd. (Closes: #769747)

[Don Armstrong]

On November 16, 2014 10:29:21 PM PST, Martin Pitt  wrote:
>Hey Don,
>
>Don Armstrong [2014-11-16 14:14 -0800]:
>> Control: tag -1 patch
>
>whoops, I'm afraid I saw your patch too late, I alraedy committed
>http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?id=26a8a43
>when going through my Debian mailbox this morning. But it's
>essentially the same (obvious) thing with just a different changelog.


Cool! Thanks for taking care of that. No worries about the patch; I just wanted 
to make sure one was present.
-- 
This is not a signature.

___
Pkg-systemd-maintainers mailing list
Pkg-systemd-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-systemd-maintainers

Bug#769747: [PATCH] debian/control: switch order of systemd-sysv|systemd-shim dependencies for libpam-systemd. (Closes: #769747)

[Don Armstrong]

Control: tag -1 patch

---
 debian/changelog | 4 
 debian/control   | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/debian/changelog b/debian/changelog
index cf3c3af..6fc4716 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -27,6 +27,10 @@ systemd (215-6) UNRELEASED; urgency=medium
   * debian/ifup@.service: add a ConditionPath on /run/network, to avoid
 failing the unit if /etc/init.d/networking is disabled. (Closes: #769528)
 
+  [ Don Armstrong ]
+  * debian/control: switch order of systemd-sysv|systemd-shim dependencies
+for libpam-systemd. (Closes: #769747)
+
  -- Martin Pitt   Sun, 12 Oct 2014 17:29:00 +0200
 
 systemd (215-5) unstable; urgency=medium
diff --git a/debian/control b/debian/control
index 75986c1..cbd2d6a 100644
--- a/debian/control
+++ b/debian/control
@@ -112,7 +112,7 @@ Depends: ${shlibs:Depends},
  systemd (= ${binary:Version}),
  libpam-runtime (>= 1.0.1-6),
  dbus,
- systemd-sysv | systemd-shim (>= 8-2)
+ systemd-shim (>= 8-2) | systemd-sysv
 Description: system and service manager - PAM module
  systemd is a replacement for sysvinit.  It is dependency-based and
  able to read the LSB init script headers in addition to parsing rcN.d
-- 
2.1.0

-- 
Don Armstrong  http://www.donarmstrong.com

The attackers hadn't simply robbed the bank. They had carried off
everything portable, including the security cameras, the carpets, the
chairs, and the light and plumbing fixtures. The conspirators had
deliberately punished the bank, for reasons best known to themselves,
or to their unknown controllers. They had superglued doors and
shattered windows, severed power and communications cables, poured
stinking toxins into the wallspaces, and concreted all of the sinks
and drains. In eight minutes, sixty people had ruined the building so
thoroughly that it had to be condemned and later demolished.
 -- Bruce Sterling, _Distraction_ p4

___
Pkg-systemd-maintainers mailing list
Pkg-systemd-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-systemd-maintainers