Re: how to prevent systemd-logind from moving process to other cgroups when executing su command

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Di, 25.05.21 22:23, 吾为男子 (csrenren@xxxxxx) wrote:

> Systemd provides pam_systemd.so for PAM module and for many
> commands, such as su command, pam_systemd.so will be called and the
> process will be moved to the cgroup that systemd managed.
>
> Generally, if we move the bash process from its related session
> cgroup created by systemd under /sys/fs/cgroup/systemd/user.slice to
> some other cgroup, then systemd will move the new bash process into
> a new group named as session-cxxxx.scope under
> /sys/fs/cgroup/systemd/user.slice after executing su command.
>
> We would like to manage the cgroups for a set of processes created
> by ourselves, how to prevent systemd to do such routines, without
> disabling pam_systemd in PAM module.

This is simply not supported by systemd. If you use systemd then it is
systemd that manages the cgroup tree for you. You may request a
delegated subtree you can manage your own stuff in, but the top-level
of the tree is always owned and controlled by systemd and if you
interfere with it, you get to keep the pieces.

This is explained here:

https://systemd.io/CGROUP_DELEGATION

Sorry if this is disappointing,

Lennart

--
Lennart Poettering, Berlin
_______________________________________________
systemd-devel mailing list
systemd-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux