From 9eb484fa40856a5f4d17b1c7dfe414a727758a89 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 29 Dec 2016 10:55:27 +0100 Subject: [PATCH] man: add brief documentation for the (sd-pam) processes created due to PAMName= (#4967) A follow-up for #4942, adding a brief but more correct explanation of the processes. --- man/systemd.exec.xml | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index 812e615530..2dd8107684 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -859,14 +859,17 @@ PAMName= - Sets the PAM service name to set up a session - as. If set, the executed process will be registered as a PAM - session under the specified service name. This is only useful - in conjunction with the User= setting. If - not set, no PAM session will be opened for the executed - processes. See - pam8 - for details. + Sets the PAM service name to set up a session as. If set, the executed process will be + registered as a PAM session under the specified service name. This is only useful in conjunction with the + User= setting, and is otherwise ignored. If not set, no PAM session will be opened for the + executed processes. See pam8 for + details. + + Note that for each unit making use of this option a PAM session handler process will be maintained as + part of the unit and stays around as long as the unit is active, to ensure that appropriate actions can be + taken when the unit and hence the PAM session terminates. This process is named (sd-pam) and + is an immediate child process of the unit's main process.