Am 19.09.18 um 18:02 schrieb Laurent Bigonville: > I'm wondering if the cron PAM service shouldn't call the pam_systemd > module as well. > > Looking at RHEL7 it seems that they are doing it. > > The rational is that if the user wants to run some scripts using the > XDG_RUNTIME_DIR directory or D-Bus, we are sure that the directory is > present or the broker is started. > > Not doing this might create difference between the case where the user > is logged-in and the case where the user is not.
I'm not convinced that we should do that. This starts (and stops) a systemd --user instance on each cron invocation. If you have say a cron job that runs every minute, your journal will be flooded with messages like this: > Sep 19 18:33:01 pluto systemd[1]: Started /run/user/0 mount wrapper. > Sep 19 18:33:01 pluto systemd[1]: Created slice User Slice of UID 0. > Sep 19 18:33:01 pluto systemd[1]: Starting User Manager for UID 0... > Sep 19 18:33:01 pluto systemd[1]: Started Session 83 of user root. > Sep 19 18:33:01 pluto systemd[15913]: pam_unix(systemd-user:session): session > opened for user root by (uid=0) > Sep 19 18:33:01 pluto systemd[15913]: Listening on GnuPG cryptographic agent > (ssh-agent emulation). > Sep 19 18:33:01 pluto systemd[15913]: Reached target Paths. > Sep 19 18:33:01 pluto systemd[15913]: Starting D-Bus User Message Bus Socket. > Sep 19 18:33:01 pluto systemd[15913]: Listening on GnuPG network certificate > management daemon. > Sep 19 18:33:01 pluto systemd[15913]: Reached target Timers. > Sep 19 18:33:01 pluto systemd[15913]: Listening on GnuPG cryptographic agent > and passphrase cache (restricted). > Sep 19 18:33:01 pluto systemd[15913]: Listening on GnuPG cryptographic agent > and passphrase cache. > Sep 19 18:33:01 pluto systemd[15913]: Listening on GnuPG cryptographic agent > and passphrase cache (access for web browsers). > Sep 19 18:33:01 pluto systemd[15913]: Listening on D-Bus User Message Bus > Socket. > Sep 19 18:33:01 pluto systemd[15913]: Reached target Sockets. > Sep 19 18:33:01 pluto systemd[15913]: Reached target Basic System. > Sep 19 18:33:01 pluto systemd[15913]: Reached target Default. > Sep 19 18:33:01 pluto systemd[15913]: Startup finished in 64ms. > Sep 19 18:33:01 pluto systemd[1]: Started User Manager for UID 0. > Sep 19 18:33:01 pluto CRON[15924]: (root) CMD (sleep 30 && date) > Sep 19 18:33:31 pluto CRON[15911]: pam_unix(cron:session): session closed for > user root > Sep 19 18:33:31 pluto systemd[1]: user-runtime-dir@0.service: Unit not needed > anymore. Stopping. > Sep 19 18:33:31 pluto systemd[1]: Stopping User Manager for UID 0... > Sep 19 18:33:31 pluto systemd[15913]: Stopped target Default. > Sep 19 18:33:31 pluto systemd[15913]: Stopped target Basic System. > Sep 19 18:33:31 pluto systemd[15913]: Stopped target Paths. > Sep 19 18:33:31 pluto systemd[15913]: Stopped target Sockets. > Sep 19 18:33:31 pluto systemd[15913]: Closed GnuPG cryptographic agent and > passphrase cache (restricted). > Sep 19 18:33:31 pluto systemd[15913]: Closed GnuPG cryptographic agent > (ssh-agent emulation). > Sep 19 18:33:31 pluto systemd[15913]: Closed GnuPG network certificate > management daemon. > Sep 19 18:33:31 pluto systemd[15913]: Closed D-Bus User Message Bus Socket. > Sep 19 18:33:31 pluto systemd[15913]: Closed GnuPG cryptographic agent and > passphrase cache (access for web browsers). > Sep 19 18:33:31 pluto systemd[15913]: Closed GnuPG cryptographic agent and > passphrase cache. > Sep 19 18:33:31 pluto systemd[15913]: Reached target Shutdown. > Sep 19 18:33:31 pluto systemd[15913]: Starting Exit the Session... > Sep 19 18:33:31 pluto systemd[15913]: Stopped target Timers. > Sep 19 18:33:31 pluto systemd[15914]: pam_unix(systemd-user:session): session > closed for user root > Sep 19 18:33:31 pluto systemd[1]: user@0.service: Killing process 15949 > (systemctl) with signal SIGKILL. > Sep 19 18:33:31 pluto systemd[1]: user-runtime-dir@0.service: Unit not needed > anymore. Stopping. > Sep 19 18:33:31 pluto systemd[1]: Stopped User Manager for UID 0. > Sep 19 18:33:31 pluto systemd[1]: user-runtime-dir@0.service: Unit not needed > anymore. Stopping. > Sep 19 18:33:31 pluto systemd[1]: Removed slice User Slice of UID 0. > Sep 19 18:33:31 pluto systemd[1]: Stopping /run/user/0 mount wrapper... > Sep 19 18:33:31 pluto systemd[1]: Stopped /run/user/0 mount wrapper. This is for one! cron execution. You also have to account for the additional overhead that is caused by starting a full blown systemd --user session to execute a simple command. Aren't cron jobs supposed to work in a more minimal environment? Do they really need a D-Bus user session for example? Michael
