Skip to content
Snippets Groups Projects
New look: Off

user services are started for the "gdm" user under systemd

    • Closed Imported Issue created by Administrator @root

    I think we want to use systemctl enable --global for enabling user services automatically in package post-install scripts, however something about the gdm user or ?? causes systemd to start these user services for that user too. For example, after logging in, there are two instances of pipewire started (when using !5142 (merged)): one for the user that just logged in, and one under gdm user. The gdm user should be a system user, so this needs to be debugged

    The gdm user is created by Alpine's gdm package, and it seems to be a system user.. uid=32. So why does systemd start user services for this?

    Edited
    To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information

    Child items 0

    • No child items are currently assigned. Use child items to break down this issue into smaller parts.

    Activity

    • Administrator changed milestone to %initial systemd support · Imported

      changed milestone to %initial systemd support

    • Administrator added help wanted label · Imported

      added help wanted label

    • Administrator changed the description · Imported

      changed the description

      By clayton craft on 2024-06-06T16:18:30

      • Administrator
        Administrator @root · Imported
        Author Owner

        So why does systemd start user services for this?

        systemd user sessions are created for users that have pam_systemd invoked.

        By Arnav Singh on 2024-06-06T17:35:02

        Edited by Ghost User
      • Administrator
        Administrator @root · Imported
        Author Owner

        Thanks for helping to clear that up! I don't know how pam_systemd works, but I guess the next step is to figure out if that's the case for the gdm user? If that's being done, then is it correct if it causes user services to be executed? (doesn't seem so, but I'm getting too far ahead)

        By clayton craft on 2024-06-06T17:35:02

      • Administrator
        Administrator @root · Imported
        Author Owner

        AFAICT, gdm having an interactive session is intentional behavior, so it is expected that its PAM policy will include common-session. And I assume systemd-enabled pmOS's pam's common-session has session optional pam_systemd.so (just like non-systemd pmOS has session optional pam_elogind.so instead). So it seems to me the behavior you're seeing is expected. I've never used gdm on other systemd distros so I don't know what the behavior there is.

        By Arnav Singh on 2024-06-06T18:30:04

      • Administrator
        Administrator @root · Imported
        Author Owner

        Does systemd start stuff like pipewire, pulse, etc for the gdm user on other distros (Arch, Fedora, Debian)?

        ...

        On June 6, 2024 11:30:06 AM PDT, "Arnav Singh (@Arnavion)" gitlab@mg.gitlab.com wrote:

        Arnav Singh commented on a discussion: #2870 (comment 1939627255)

        AFAICT, gdm having an interactive session is intentional behavior, so it is expected that its PAM policy will include common-session. And I assume systemd-enabled pmOS's pam's common-session has session optional pam_systemd.so (just like non-systemd pmOS has session optional pam_elogind.so instead). So it seems to me the behavior you're seeing is expected. I've never used gdm on other systemd distros so I don't know what the behavior there is.

        -- Reply to this email directly or view it on GitLab: #2870 (comment 1939627255) You're receiving this email because of your account on gitlab.com.

        By clayton craft on 2024-06-06T19:55:43

      • Administrator
        Administrator @root · Imported
        Author Owner

        I don't have first-hand experience with gdm, as I said, but here's someone experiencing the same thing on Arch two years ago.

        By Arnav Singh on 2024-06-07T07:18:14

      • Administrator
        Administrator @root · Imported
        Author Owner

        Thanks for finding that. For some things maybe it does make sense... like pipewire/audio on gdm for accessibility reasons(just guessing?). We probably don't want all user services to run for the gdm user though... like calls/sms daemons, etc

        By clayton craft on 2024-06-07T22:40:10

      • Administrator
        Administrator @root · Imported
        Author Owner

        Yes, maybe you should reconsider doing enable --global for every service. FWIW OpenSUSE has:

        Click here 
        $ grep -Hn '' /usr/lib/systemd/user-preset/*.preset

/usr/lib/systemd/user-preset/90-systemd.preset:1:#  SPDX-License-Identifier: LGPL-2.1-or-later
/usr/lib/systemd/user-preset/90-systemd.preset:2:#
/usr/lib/systemd/user-preset/90-systemd.preset:3:#  This file is part of systemd.
/usr/lib/systemd/user-preset/90-systemd.preset:4:#
/usr/lib/systemd/user-preset/90-systemd.preset:5:#  systemd is free software; you can redistribute it and/or modify it
/usr/lib/systemd/user-preset/90-systemd.preset:6:#  under the terms of the GNU Lesser General Public License as published by
/usr/lib/systemd/user-preset/90-systemd.preset:7:#  the Free Software Foundation; either version 2.1 of the License, or
/usr/lib/systemd/user-preset/90-systemd.preset:8:#  (at your option) any later version.
/usr/lib/systemd/user-preset/90-systemd.preset:9:
/usr/lib/systemd/user-preset/90-systemd.preset:10:# Settings for systemd units distributed with systemd itself. These should be
/usr/lib/systemd/user-preset/90-systemd.preset:11:# enabled by default, even if the distribution follows a general default-off
/usr/lib/systemd/user-preset/90-systemd.preset:12:# policy.
/usr/lib/systemd/user-preset/90-systemd.preset:13:
/usr/lib/systemd/user-preset/90-systemd.preset:14:enable systemd-tmpfiles-setup.service
/usr/lib/systemd/user-preset/90-systemd.preset:15:enable systemd-tmpfiles-clean.timer

/usr/lib/systemd/user-preset/95-default-SUSE.preset:1:enable pulseaudio.socket
/usr/lib/systemd/user-preset/95-default-SUSE.preset:2:enable pipewire.socket
/usr/lib/systemd/user-preset/95-default-SUSE.preset:3:enable pipewire-pulse.socket
/usr/lib/systemd/user-preset/95-default-SUSE.preset:4:enable wireplumber.service
/usr/lib/systemd/user-preset/95-default-SUSE.preset:5:enable drkonqi-coredump-launcher.socket
/usr/lib/systemd/user-preset/95-default-SUSE.preset:6:enable spice-vdagent.service
/usr/lib/systemd/user-preset/95-default-SUSE.preset:7:enable xdg-user-dirs.service

/usr/lib/systemd/user-preset/99-default.preset:1:disable *

        By Arnav Singh on 2024-06-07T22:52:35

      • Administrator
        Administrator @root · Imported
        Author Owner

        well... if I don't use enable --global then we have to figure out which user is the "real" user on the system so that we can enable user services only for them (might not be "user" and might not have uid 10000). And there might(?) be more than one "real" user

        By clayton craft on 2024-06-07T22:55:38

      • Please register or sign in to reply
    • Administrator mentioned in issue #2937 (closed) · Imported

      mentioned in issue #2937 (closed)

      By clayton craft on 2024-06-25T23:05:19

    • Administrator
      Administrator @root · Imported
      Author Owner

      I don't think this is a bug anymore, gnome-session seems to be running under the gdm user too and it's starting a bunch of stuff.. presumably to help with the login process

      By clayton craft on 2024-09-04T00:03:38

    • Administrator closed · Imported

      closed

    Please register or sign in to reply