[Popcon-developers] Bug#764369: Bug#764369: popularity-contest: Please use runuser instead of su to change user

[Laurent Bigonville]

Le Tue, 7 Oct 2014 20:46:06 +0200,
Bill Allombert <ballombe at debian.org> a écrit :

> On Tue, Oct 07, 2014 at 06:10:41PM +0200, Laurent Bigonville wrote:
> > Package: popularity-contest
> > Version: 1.61
> > Severity: normal
> > 
> > Hi,

Hello,

> > 
> > With util-linux 2.25, a runuser command has been added which is more
> > suitable to change users when running from cronjobs.
> 
> Hello Laurent, 
>
> Thanks for your report!
>  
> > runuser is not calling the pam_systemd pam module and thus not
> > creating a logind session like with su.
> 
> Could you elaborate on this ? What is wrong with su ?

su pam service file is including "common-session" which is by default
(well when the module is installed) calling pam_systemd module which is
starting a logind user session.

Non-interactive process shouldn't call "common-session" but should call
"common-session-noninteractive" (which is not including pam_systemd) but
this is not possible with su.

runuser is not using "common-session" and seems more fit to change user
when run by non interactive process, the manpage state:

"runuser allows to run commands with substitute user and group ID."

While su manpage explicitly mentions a login session:

"The su command is used to become another user during a login session."

> 
> > Could you please adjust /etc/cron.daily/popularity-contest to call
> > this new command? You'll probably have to add a dependency against
> > the new util-linux package.
> 
> util-linux is essential: yes so this is not a big deal.

Well I guess it's needed to have a versioned dependency to be sure that
the util-linux package is containing runuser command which is not part
of the current stable release.

Cheers,

> 
> Cheers,
> Bill.