walters added a new comment to an issue you are following: `` The previous discussion on this was https://lists.projectatomic.io/projectatomic-archives/atomic-devel/2016-April/msg00020.html which I didn't reply to. Okay, so you said: ``` The file /etc/motdgen.d/02-updateinfo.sh does nothing but cat the content of /var/run/updateinfo.txt if available. ``` which, looking at https://kojipkgs.fedoraproject.org//packages/fedora-motd/0.1.2/2.fc25/noarch/fedora-motd-0.1.2-2.fc25.noarch.rpm isn't true, since I see this code: ``` cat etc/motdgen.d/02-updateinfo.sh ... if [ ! -f "$firstrun" ]; then touch $firstrun nohup /usr/bin/motdgen-cache-updateinfo & fi # cat usr/bin/motdgen-cache-updateinfo #!/bin/sh if [ -f /run/ostree-booted ]; then rpm-ostree upgrade --check --preview > /var/run/rpmostree_updateinfo.out ... ``` We're hence starting a potentially long running process out of the PAM stack, which is really not a good idea. Invoking rpm-ostree like this will also block other clients as I said (And that's also true of yum/dnf) - which is again very problematic if the "login" is actually Ansible where you're trying to do things like configure a proxy or mirror. Deleting the first run bit would deal with the biggest of my objections, but then we'd still have the cron job (which itself is problematic because we *just* got rid of cron - this should be a systemd timer) An architecture which is event driven and would implement the "only check automatically if explicitly invoked at least once" is to patch rpm-ostree to do something like `systemctl start --no-block system-motdgen.service` after it's completed a transaction. Then the motd code could call back with the DBus API for `GetCachedUpdateDetails`. `` To reply, visit the link below or just reply to this email https://pagure.io/atomic-wg/issue/160 _______________________________________________ cloud mailing list -- cloud@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to cloud-leave@xxxxxxxxxxxxxxxxxxxxxxx
