Join GitHub today
Change default value of RemoveIPC in logind.conf #2039
We received bug reports that default of
Well, it's configurable, because it can break stuff.
But I am pretty sure the usecase you describe is borked... The cleanup stuff already excludes system users, i.e. all daemon users. As it appears the customer created a non-system account for this stuff, and that's what should be fixed.
Sorry, but this is nothing to fix upstream... Please ask the customer to disable RemoveIPC= locally, or fix his users to become proper system users.
referenced this issue
Jan 13, 2016
Overall this seems like a helpful change. From a sysadmin PoV I'd really like to know more about what the behaviour is expected to be though.
What does systemd consider a "system user" for this purpose? The thread there discusses a hardcoded uid, but reached no clear conclusion. There's no "system user" flag in the traditional password database. Are you using a uid threshold from
Where's the system user specific part of this behaviour documented? I found a note in
but it doesn't describe the system uesr behaviour. Similarly, in
it mentions system users, but doesn't define what systemd considers to be a "system user", how to make a user a system user, what consequences or other behaviour differences are experienced by system users, etc.
Is the system-user-ness of a user tied to
Is there any wrapper command that allows a user to spawn a daemon that survives their session for where legacy behaviour is needed? Or a systemd API a wrapper (or something like
For sites that manage deployed service users via LDAP, etc, is there any way they can safely create "system users" in their directory that won't suffer from uid collisions vs local users?
This is useful enough that I don't think most sites will want to just turn it off, but they're going to have to unless there's enough information to actually use it correctly.
The default of this option should be off.
It has cost me literally many days to track down PostgreSQL instability to this (a collegue found this).
Your arrogance is breathtaking.
For others coming along, Oracle Linux has configured away this misfeature by default: https://docs.oracle.com/cd/E52668_01/E67200/html/section-t51_kcn_f5.html
They call it a feature "intended for laptops";)
What about situations such as ...
I think systemd should check whether the user has any processes running, not just whether they have any active login sessions.