On 28/01/2019 15.14, Brent Busby wrote: > Jacek Konieczny <jajcus@xxxxxxxxxx> writes: > >> When using systemd to start the service, use systemd directives to set >> the limits. systemd won't start PAM session for this service, so >> /etc/security/limits.conf is not used. > > Which kind of defeats the purpose of PAM being a central configuration > for all your machine's security policies, doesn't it? PAM is not a central configuration for machine's security polices. It has never been. PAM is just used for setting up user login sessions. PAM has no relations to processes running with user credentials outside of a login session and Jack server is not a service which necessarily needs to be bound to a used session. Especially in an embedded scenario, like a Raspberry Pi-based system. Setting up a user-session via PAM is an overkill for a system-wide daemon (and jack becomes such in this use case) and setting process limits for such a daemon in through the init process is the best place to do it. > Someday soon, if Red Hat keeps taking Linux in this direction, every > config file in /etc will be like this, vestigial remains of a time when > Linux machines were setup similar to other UNIX systems, now no longer > used by any facility on your machine. Hail, systemd! Although some systemd based setups had problems with PAMs settings being ignored in a user session, this is not the case. Starting jackd from /etc/systemd/system unit is like starting it from /etc/init.d script. PAM wouldn't be used there (unless someone forces it through 'su -') even long time before systemd was a thing. Jacek _______________________________________________ Linux-audio-user mailing list Linux-audio-user@xxxxxxxxxxxxxxxxxxxx https://lists.linuxaudio.org/listinfo/linux-audio-user
