[arch-general] Systemd inside LXC: user sessions are not automatically removed on logout

Leonid Isaev lisaev at umail.iu.edu
Mon Aug 19 12:48:27 EDT 2013 

Hi,
	
I have been experimenting with archlinux guests inside LXC containers, and
noticed that when a user logs out, systemd-logind won't remove the session.
This is reproducible on all (archlinux x86_64) host-guest, testing-stable
combinations.

Here is an example (fserv1 is a container hostname). The only way to login
is through ssh (sshd.service is enabled and running inside the container).

fserv1-~ >>> loginctl list-sessions
   SESSION        UID USER             SEAT            
         5          0 root                             
        16       2001 fserv1user                       
        18       2001 fserv1user                       
        19       2001 fserv1user                       
        34       2001 fserv1user
fserv1-~ >>> w
 16:28:27 up 22:08,  1 user,  load average: 0.00, 0.01, 0.05
USER     TTY        LOGIN@   IDLE   JCPU   PCPU WHAT
fserv1us pts/0     16:06    3.00s  0.11s  0.00s w
fserv1-~ >>> id
uid=2001(fserv1user) gid=100(users) groups=100(users),190(systemd-journal)
fserv1-~ >>> loginctl list-users
       UID USER            
         0 root            
      2001 fserv1user      

2 users listed.
fserv1-~ >>> ps -u root -U root | grep -i sh
   18 ?        00:00:00 sshd
 1506 ?        00:00:00 sshd

As root:
[root at fserv1 ~]# loginctl session-status 16
16 - fserv1user (2001)
           Since: Mon 2013-08-19 03:59:13 UTC; 12h ago
          Leader: 748
          Remote: hermes.skynet
         Service: sshd; type tty; class user
           State: closing
          CGroup: systemd:/system/lxc_fserv1.service/user/2001.user/16.session
[root at fserv1 ~]# loginctl session-status 5
5 - root (0)
           Since: Sun 2013-08-18 19:48:16 UTC; 20h ago
          Leader: 141
          Remote: hermes.skynet
         Service: sshd; type tty; class user
           State: closing
          CGroup: systemd:/system/lxc_fserv1.service/user/0.user/5.session
[root at fserv1 ~]# loginctl kill-session 16
Failed to issue method call: No such process
[root at fserv1 ~]# loginctl kill-session 5
Failed to issue method call: No such process

However, sshd works correctly, e.g.
Aug 18 19:48:16 fserv1 sshd[141]: Accepted password for root from 10.0.0.154
port 39596 ssh2
Aug 18 19:48:16 fserv1 sshd[141]: pam_unix(sshd:session): session opened for
user root by (uid=0)
Aug 18 19:48:16 fserv1 systemd-logind[22]: New session 5 of user root.
Aug 18 19:51:27 fserv1 sshd[141]: Received disconnect from 10.0.0.154: 11:
disconnected by user
Aug 18 19:51:27 fserv1 sshd[141]: pam_unix(sshd:session): session closed for
user root

The containers are vanilla (all systemd-related configuration is default)
archlinux installs created with lxc-archlinux template from community/lxc.
There are no errors/warnings reported by journalctl. The only systemd units
masked inside the guests are: systemd-udevd-control.socket,
systemd-udevd-kernel.socket, systemd-udevd.service, and
proc-sys-fs-binfmt_misc.automount.

Is this my mistake somewhere or a systemd issue?

Thanks,
Leonid.

-- 
Leonid Isaev
GnuPG key: 0x164B5A6D
Fingerprint: C0DF 20D0 C075 C3F1 E1BE  775A A7AE F6CB 164B 5A6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20130819/fc463858/attachment.asc>

More information about the arch-general mailing list