elogind --user: call pam_loginuid when creating user@.service (#3120)

This way the user service will have a loginuid, and it will be inherited by
child services. This shouldn't change anything as far as elogind itself is
concerned, but is nice for various services spawned from by elogind --user
that expect a loginuid.

pam_loginuid(8) says that it should be enabled for "..., crond and atd".
user@.service should behave similarly to those two as far as audit is
concerned.

https://bugzilla.redhat.com/show_bug.cgi?id=1328947#c28

diff --git a/src/login/elogind-user.m4 b/src/login/elogind-user.m4
index 7933508f2bd33d8d3951209cc66a00dc39571208..f188a8e548fb8926e89ed037137b50c098eb39d8 100644 (file)
--- a/src/login/elogind-user.m4
+++ b/src/login/elogind-user.m4
@@ -8,4 +8,5 @@ m4_ifdef(`HAVE_SELINUX',
 session  required pam_selinux.so close
 session  required pam_selinux.so nottys open
 )m4_dnl
+session  required pam_loginuid.so
 session  include system-auth