Re: upstart: please update to latest upstream version
]] Steve Langasek
> There are also complications to using cgroups, in that suddenly any service
> that needs to be able to spawn long-running processes that outlive the
> service has to start caring about cgroups - both so that they survive the
> service being shut down from the outside, and so that the supervisor knows
> not to count these processes as evidence that the service is still running.
Yes, they need to start a new PAM session. I don't think this is
particularly surprising, but I can well imagine there's code out there
that does not do this. On the other hand, apart from login tools such
as sshd (which already use PAM), I don't think there's many services
where this is something they need. ICBW, though.
> ssh is going to be the first problem in this regard, though I'm sure there
> will be others. Has someone patched openssh to be cgroup-aware?
This is most of what libpam-systemd does. No need to patch sshd itself.
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are