From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Tue, 26 Apr 2016 09:19:10 +0000 (-0400)
Subject: elogind --user: call pam_loginuid when creating user@.service (#3120)
X-Git-Tag: v231.3~175
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=b51b5b411eb849a0dca4f62f1eed23ed438aea44;hp=c315b86eedc43ed8fc7423d48142fa967bfbd917

elogind --user: call pam_loginuid when creating user@.service (#3120)

This way the user service will have a loginuid, and it will be inherited by
child services. This shouldn't change anything as far as elogind itself is
concerned, but is nice for various services spawned from by elogind --user
that expect a loginuid.

pam_loginuid(8) says that it should be enabled for "..., crond and atd".
user@.service should behave similarly to those two as far as audit is
concerned.

https://bugzilla.redhat.com/show_bug.cgi?id=1328947#c28
---

diff --git a/src/login/elogind-user.m4 b/src/login/elogind-user.m4
index 7933508f2..f188a8e54 100644
--- a/src/login/elogind-user.m4
+++ b/src/login/elogind-user.m4
@@ -8,4 +8,5 @@ m4_ifdef(`HAVE_SELINUX',
 session  required pam_selinux.so close
 session  required pam_selinux.so nottys open
 )m4_dnl
+session  required pam_loginuid.so
 session  include system-auth