Hi systemd-devel, I'm on Debian Jessie running the default systemd-215. I have a daemon (running as root, controlled by systemd), whose job it is to launch on-demand VNC servers for other users. Currently, this daemon uses a shell command like the following to launch the vnc server for a given $USER:
sudo -i -u $USER /bin/sh -l -c 'cd \$HOME && /path/to/vncserver $ARGS The issue I'm having is that the user VNC sessions being created all share the same systemd login session as my daemon. I can see this by running systemd-cgls. The users of these VNC sessions would like to be able to use "systemd-run --user --scope -p MemoryLimit=X COMMAND" to launch a command with cgroup-based resource limiting. However without a user session, this results in "Failed to create bus connection: Connection refused". There's too many users to create static systemd unit files, and it doesn't seem like I can create and load .service files on the fly. The "machinectl shell" command (https://github.com/systemd/systemd/pull/1022) looks promising, but unfortunately it's not in my systemd yet. I've tried searching through this mailing list's history, but the results all were dead ends. It seems like there's a lot of pieces needed to make this work (dbus, XDG env vars, systemd --user), and all of the recommendations say to go through pam_systemd.so. I'm not afraid of interacting with PAM, but I don't really understand what's needed, and I can't actually authenticate as the user because I don't know their password (currently this daemon is root so it doesn't need a password to switch user). If there is some kind of shell pipeline, or a wrapper script I can write to automate the necessary steps please let me know. Thank you very much! -Mike Gulick _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel
