On Sat, Jul 9, 2016 at 7:48 PM, Stephen John Smoogen <smooge@xxxxxxxxx> wrote: > On 9 July 2016 at 19:40, Nico Kadel-Garcia <nkadel@xxxxxxxxx> wrote: >> On Sat, Jul 9, 2016 at 4:46 PM, Zbigniew Jędrzejewski-Szmek >> <zbyszek@xxxxxxxxx> wrote: > s. >> >>> But if you have this kind of setup in place, then >>> simply set KillUserProcesses=no and carry on. >> >> Please don't burn the cycles of admins who have better work to do by >> braking the expectations and experience of their multi user >> environment by introducing what acts a lot like malware. >> -- >> devel mailing list >> devel@xxxxxxxxxxxxxxxxxxxxxxx >> https://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx > > The change is proposed. It will not get decided in this mailing list > discussion no matter how many emails everyone puts one way or another. > Bring it up with FESCO and get it decided there. If the goal of the OS > is to break things quickly and often and move on then this change will > be tried and if it doesn't work in F25 then it will be changed to > something else afterwords. If the goal of the OS is to be more > grognard friendly then the change will be worked on in a way that > makes it easier to deal with before being implemented (or not). > > In either case it will be up to FESCO to decide and set guidelines on > implementation and for us grognards to either deal with the change or > go find an OS we can be happier in. It looks to me like the critical change to even consider activating this dangerous policy is to *log* the killing of userland processed. Date, euid, guid, and pid are a minimum: the name of the process would be even better, and the contents of the process invocation command line would be even more useful. Can systemd even gracefully poll for that information at the time of killing these processes? Or would systemd developers feel a need to re-invent "ps" from scratch to report this? -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
