The sssd folks would like to place the kerberos credential cache in
XDG_RUNTIME_DIR, but need to do that in the PAM auth hooks, before
pam_systemd is run as part of the PAM session setup. Hence, in order to
make this easy for them: avoid usage of usernames, and use user IDs
instead thus making an additional NSS lookup unnecessary in the kerberos
bits, but still have the directory well-defined so that the kerberos
bits can determine it before pam_systemd is run.
}
if (!u->runtime_path) {
- p = strappend("/run/user/", u->name);
-
- if (!p) {
+ if (asprintf(&p, "/run/user/%lu", (unsigned long) u->uid) < 0) {
log_error("Out of memory");
return -ENOMEM;
}