Re: upstart: please update to latest upstream version
]] Russ Allbery
> Tollef Fog Heen <tfheen@err.no> writes:
> > ]] Steve Langasek
>
> >> ssh is going to be the first problem in this regard, though I'm sure
> >> there will be others. Has someone patched openssh to be cgroup-aware?
>
> > This is most of what libpam-systemd does. No need to patch sshd itself.
>
> Er, "UsePAM no"?
That's «changing sshds configuration» which for most people is on a
completely different scale than patching the application itself. UsePAM
yes is also the default nowadays.
> sshd has a bunch of non-PAM authentication mechanisms. It is by no means
> guaranteed that everyone using sshd is using PAM. Now, we can just say
> "that's broken, you're now required to use PAM," but this isn't a trivial
> change. (Of course, as noted elsewhere, it may well be that systemd has
> some way of dealing with this already.)
You can use PAM sessions without using PAM auth, for instance if you're
using key authentication.
--
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are
Reply to: