From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Tue, 26 Apr 2016 09:19:10 +0000 (-0400)
Subject: systemd --user: call pam_loginuid when creating user@.service (#3120)
X-Git-Tag: v230~132
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1000522a60ceade446773c67031b47a566d4a70d;p=thirdparty%2Fsystemd.git

systemd --user: call pam_loginuid when creating user@.service (#3120)

This way the user service will have a loginuid, and it will be inherited by
child services. This shouldn't change anything as far as systemd itself is
concerned, but is nice for various services spawned from by systemd --user
that expect a loginuid.

pam_loginuid(8) says that it should be enabled for "..., crond and atd".
user@.service should behave similarly to those two as far as audit is
concerned.

https://bugzilla.redhat.com/show_bug.cgi?id=1328947#c28
---

diff --git a/src/login/systemd-user.m4 b/src/login/systemd-user.m4
index 7933508f2bd..f188a8e548f 100644
--- a/src/login/systemd-user.m4
+++ b/src/login/systemd-user.m4
@@ -8,4 +8,5 @@ m4_ifdef(`HAVE_SELINUX',
 session  required pam_selinux.so close
 session  required pam_selinux.so nottys open
 )m4_dnl
+session  required pam_loginuid.so
 session  include system-auth