Age | Commit message (Collapse) | Author | |
---|---|---|---|
2011-06-15 | pam-module: add debug= parameter | Michal Schmidt | |
It is customary that pam modules do not log debugging information by default. Usually they offer a 'debug' option. Add a boolean debug= option to pam_systemd.so. This will solve bug https://bugzilla.redhat.com/show_bug.cgi?id=705427 Commit 53d5582fa006b0eb528f5dc3f4ba978abd8ac5a3 was not sufficient to fix it, because in Fedora rsyslog is configured to write even LOG_DEBUG messages to /var/log/secure by default. | |||
2011-05-16 | pam: downgrade a few log msgs | Lennart Poettering | |
2011-04-12 | pam: use /proc/self/sessionid only if CAP_AUDIT_CONTROL is set | Lennart Poettering | |
2011-04-12 | pam: use /proc/self/loginuid only if we have CAP_AUDIT_CONTROL | Lennart Poettering | |
2011-04-01 | general: replace a few uses of /var/run by /run | Lennart Poettering | |
2011-03-14 | pam: determine user cgroup tree from cgroup of PID 1 | Lennart Poettering | |
2011-03-10 | pam: do not leak file descriptor if flock fails | Andrey Borzenkov | |
If flock fails, fd is not returned to caller so it cannot clean up. | |||
2011-02-13 | pam: introduce whitelist and blacklist user list feature | Lennart Poettering | |
This is useful to exclude root from the session logout killings or to limit killing to the selinux guest users. | |||
2011-02-04 | pam: optionally reset cgroup memberships for login sessions | Lennart Poettering | |
2011-01-22 | clang: fix some issues found with clang-analyzersystemd/v17 | Lennart Poettering | |
2011-01-18 | pam: optionally keep processes of root user around | Lennart Poettering | |
2010-12-24 | pam: do not sort user sessions into their own cgroups in the 'cpu' hierarchy ↵ | Lennart Poettering | |
by default While this offers quite a few benefits for normally scheduled processes this breaks RT scheduling for all user processes, since we do not assign an RT share to the cgroups created via this mechanism. If the user cgroups have no RT share assigned no member process can make use of RT functionality. However, software like JACK and PA/rtkit assume that RT is available in some way or another, either via RLIMIT_RTPRIO or via some privileged service. Creating implicit cpu cgroups but not adding RT shares to them hence breaks these applications. There is no sane way to implicitly add RT shares to these groups, since they are pulled from a global, limited pool and it would hence be very hard to make this work without limiting the number of concurrent sessions, or constantly rewriting the cpu share settings of already logged in session cgroups. Most likely this issue needs to be fixed in-kernel because we can enable this feature by default again. | |||
2010-11-17 | pam: duplicate cgroup tree in the cpu hierarchy by default, optionally more | Lennart Poettering | |
2010-11-16 | pam: always rely on loginuid instead of uid to determine cgroup and ↵ | Lennart Poettering | |
XDG_RUNTIME_DIR | |||
2010-11-15 | pam: rename master user cgroup to 'master' | Lennart Poettering | |
2010-11-14 | pam: rename 'no-session' to 'user' cgroup | Lennart Poettering | |
2010-08-14 | emacs: make sure nobody accidently adds tabs to our sources | Lennart Poettering | |
2010-07-21 | pam: remove only sessions we ourselves created in the first place | Lennart Poettering | |
2010-07-12 | pam: remove leftover libcgroup inclusion | Lennart Poettering | |
2010-07-12 | cgroup: reimplement the last bit of libcgroup functionality natively | Lennart Poettering | |
2010-07-11 | cgroup: kill processes, not tasks and other cgroup changes | Lennart Poettering | |
2010-06-24 | pam: make sure we don't assign colliding session ids if we get our session ↵ | Lennart Poettering | |
ids from multiple sources | |||
2010-06-23 | pam: dont use $XDG_SESSION_COOKIE since CK wants that to be secret. Come up ↵ | Lennart Poettering | |
with our own $XDG_SESSION_ID based on /proc/self/sessionid if that is available | |||
2010-06-21 | pam: implement systemd PAM module and generelize cgroup API for that a bit | Lennart Poettering | |