Re: Gnome / systemd

From: Patrick Erdmann <patrick perdmann de>
To: "Jasper St. Pierre" <jstpierre mecheye net>
Cc: "desktop-devel-list gnome org" <desktop-devel-list gnome org>
Subject: Re: Gnome / systemd
Date: Mon, 12 Jan 2015 18:14:30 +0100

I don't say logind is bad. If logind would be useable withoud systemd it
would be ok for me.

On 12.01.2015 17:46, Jasper St. Pierre wrote:

On Fri, Dec 5, 2014 at 8:58 AM, Patrick Erdmann <patrick perdmann de
<mailto:patrick perdmann de>> wrote:

    (this is just a resend message from devuan list... But i would like
    to get technical answers and no flamewar)

    I would like to know how you, as a GNOME Core member, think about
    systemd -> Gnome and Operating Systems like the BSDs.

    And i already asked this in IRC but what is the result you (The
    Gnome Team) expect. Is the systemd dependency just because of dbus
    and logind?

    The dbus part is the part which i understand. But what is actually
    the benefit of using logind in comparison to pam.


logind and PAM work well together. In fact, they have some tight
integration so logind can do its job correctly:

http://cgit.freedesktop.org/systemd/systemd/tree/src/login/pam_systemd.c

"logind" might be a misnomer, since it doesn't actually do anything
related to authentication or authorization.

What logind does do is track logged in sessions, and help manage that in
a central location. For instance, when gdm tries to log a user in, we
actually double-check with logind and make sure that if they have any
existing sessions, that we switch to that. But it's smart enough to not
do that switch if you are logged in via a VT or ssh, etc.

When a user tries to shut down, we first make sure that there are no
other users logged in, and we query logind for that information.

In the new Wayland world, we actually use logind to keep track of which
sessions are on which VTs so we know which VT to switch to when the user
hits a keybinding, and use it to hand us device nodes for the display
and input systems, which we can't directly open due to permissions.

It's better to do all of this user session tracking in a central
component. This used to be done inside a module called "ConsoleKit", but
we ran into deep fundamental issues when it wasn't integrated tightly
with the init system. That's why it's now part of systemd.

Some people haven't liked this approach, and have forked ConsoleKit to
make "ConsoleKit2". GNOME doesn't officially support the ConsoleKit APIs
anymore, but these community members also have patches to add it back
in, based on our old ConsoleKit implementation.

What PAM handles is the authentication part of logging in. It allows
people to make "pluggable authentication modules" so people can prove
who they are who they say they are, through passwords, remote lookup,
two-factor authentication, or even a game of rock paper scissors (
https://github.com/nalind/pam_rps ).


    -- 
    Mit freundlichen Grüßen

    Patrick Erdmann

    XMPP/Mail: patrick perdmann de <mailto:patrick perdmann de>
    _________________________________________________
    desktop-devel-list mailing list
    desktop-devel-list gnome org <mailto:desktop-devel-list gnome org>
    https://mail.gnome.org/__mailman/listinfo/desktop-__devel-list
    <https://mail.gnome.org/mailman/listinfo/desktop-devel-list>




-- 
  Jasper



-- 
Mit freundlichen Grüßen

Patrick Erdmann

XMPP/Mail: patrick perdmann de

Follow-Ups:
- Re: Gnome / systemd
  - From: Simon McVittie

References:
- Re: Gnome / systemd
  - From: Jasper St. Pierre

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]