systemd-logind未能为ssh创建每个用户实例

Question

我有一个Ubuntu20.04系统，它无法在通过ssh登录时创建systemd的每个用户实例。/var/log/auth.log

Jan 26 21:36:15 hostname sshd[4181]: pam_systemd(sshd:session): Failed to create session: No such process

systemctl显示了一个错误：

systemctl --user
Failed to connect to bus: No such file or directory

我试着监视dbus，看看发生了什么：

method call time=1611694572.932842 sender=:1.3 -> destination=org.freedesktop.DBus serial=223 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=GetConnectionUnixUser
   string ":1.54"
method return time=1611694572.932854 sender=org.freedesktop.DBus -> destination=:1.3 serial=42 reply_serial=223
   uint32 0
method call time=1611694572.932959 sender=:1.3 -> destination=org.freedesktop.DBus serial=224 path=/org/freedesktop/DBus; interface=org.freedesktop.DBus; member=GetConnectionUnixProcessID
   string ":1.54"
method return time=1611694572.932971 sender=org.freedesktop.DBus -> destination=:1.3 serial=43 reply_serial=224
   uint32 4373
error time=1611694572.933461 sender=:1.3 -> destination=:1.54 error_name=System.Error.EAGAIN reply_serial=2
   string "Resource temporarily unavailable"

sshd配置为使用pam：

sshd -T| grep pam
usepam yes

和/etc/amam.d/公共会话有相关的pam_systemd.so条目：

grep systemd common-session
session optional        pam_systemd.so

关于如何进一步诊断这一点，有什么想法吗？

Answer 1

问题似乎是在预期位置中找不到dbus套接字。让我们看看它试图连接到什么地方：

strace -fy -e connect systemctl --user >/dev/null

connect(3, {sa_family=AF_UNIX, sun_path="/run/user/0/systemd/private"}, 29) = 0

获取用户id (例如，使用id命令)。您应该在/run/user/ $id /systemd/private上有一个对应于用户id ($id )的文件。根用户的strace输出中为0。

下面是创建该套接字文件的systemd代码：

int bus_init_private(Manager *m) {
        _cleanup_close_ int fd = -1;
        union sockaddr_union sa = {
                .un.sun_family = AF_UNIX
        };
        sd_event_source *s;
        socklen_t salen;
        int r;

        assert(m);

        if (m->private_listen_fd >= 0)
                return 0;

        if (MANAGER_IS_SYSTEM(m)) {

                /* We want the private bus only when running as init */
                if (getpid_cached() != 1)
                        return 0;

                strcpy(sa.un.sun_path, "/run/systemd/private");
                salen = SOCKADDR_UN_LEN(sa.un);
        } else {
                size_t left = sizeof(sa.un.sun_path);
                char *p = sa.un.sun_path;
                const char *e;

                e = secure_getenv("XDG_RUNTIME_DIR");
                if (!e) {
                        log_error("Failed to determine XDG_RUNTIME_DIR");
                        return -EHOSTDOWN;
                }

                left = strpcpy(&p, left, e);
                left = strpcpy(&p, left, "/systemd/private");

                salen = sizeof(sa.un) - left;
        }

        (void) mkdir_parents_label(sa.un.sun_path, 0755);
        (void) unlink(sa.un.sun_path);

        fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
        if (fd < 0)
                return log_error_errno(errno, "Failed to allocate private socket: %m");

        r = bind(fd, &sa.sa, salen);
        if (r < 0)
                return log_error_errno(errno, "Failed to bind private socket: %m");

        r = listen(fd, SOMAXCONN);
        if (r < 0)
                return log_error_errno(errno, "Failed to make private socket listening: %m");

        /* Generate an inotify event in case somebody waits for this socket to appear using inotify() */
        (void) touch(sa.un.sun_path);

        r = sd_event_add_io(m->event, &s, fd, EPOLLIN, bus_on_connection, m);
        if (r < 0)
                return log_error_errno(r, "Failed to allocate event source: %m");

        (void) sd_event_source_set_description(s, "bus-connection");

        m->private_listen_fd = fd;
        m->private_listen_event_source = s;
        fd = -1;

        log_debug("Successfully created private D-Bus server.");

        return 0;
}

查看您的日志，看看是否有上面列出的错误。尝试确定为什么那个套接字不存在。如果不清楚发生了什么，也许可以为systemd启用调试日志记录。