mirror of
https://github.com/systemd/systemd.git
synced 2024-11-01 09:21:26 +03:00
2841493927
This removes the UserTasksMax= setting in logind.conf. Instead, the generic TasksMax= setting on the slice should be used. Instead of a transient unit we use a drop-in to tweak the default definition of a .slice. It's better to use the normal unit mechanisms instead of creating units on the fly. This will also make it easier to start user@.service independently of logind, or set additional settings like MemoryMax= for user slices. The setting in logind is removed, because otherwise we would have two sources of "truth": the slice on disk and the logind config. Instead of trying to coordinate those two sources of configuration (and maintainer overrides to both), let's just convert to the new one fully. Right now now automatic transition mechanism is provided. logind will emit a hint when it encounters the setting, but otherwise it will be ignored. Fixes #2556.
352 lines
17 KiB
XML
352 lines
17 KiB
XML
<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
|
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
|
|
<!ENTITY % entities SYSTEM "custom-entities.ent" >
|
|
%entities;
|
|
]>
|
|
|
|
<!--
|
|
SPDX-License-Identifier: LGPL-2.1+
|
|
|
|
This file is part of systemd.
|
|
|
|
Copyright 2010 Lennart Poettering
|
|
-->
|
|
|
|
<refentry id="logind.conf" conditional='ENABLE_LOGIND'
|
|
xmlns:xi="http://www.w3.org/2001/XInclude">
|
|
<refentryinfo>
|
|
<title>logind.conf</title>
|
|
<productname>systemd</productname>
|
|
|
|
<authorgroup>
|
|
<author>
|
|
<contrib>Developer</contrib>
|
|
<firstname>Lennart</firstname>
|
|
<surname>Poettering</surname>
|
|
<email>lennart@poettering.net</email>
|
|
</author>
|
|
</authorgroup>
|
|
</refentryinfo>
|
|
|
|
<refmeta>
|
|
<refentrytitle>logind.conf</refentrytitle>
|
|
<manvolnum>5</manvolnum>
|
|
</refmeta>
|
|
|
|
<refnamediv>
|
|
<refname>logind.conf</refname>
|
|
<refname>logind.conf.d</refname>
|
|
<refpurpose>Login manager configuration files</refpurpose>
|
|
</refnamediv>
|
|
|
|
<refsynopsisdiv>
|
|
<para><filename>/etc/systemd/logind.conf</filename></para>
|
|
<para><filename>/etc/systemd/logind.conf.d/*.conf</filename></para>
|
|
<para><filename>/run/systemd/logind.conf.d/*.conf</filename></para>
|
|
<para><filename>/usr/lib/systemd/logind.conf.d/*.conf</filename></para>
|
|
</refsynopsisdiv>
|
|
|
|
<refsect1>
|
|
<title>Description</title>
|
|
|
|
<para>These files configure various parameters of the systemd login manager,
|
|
<citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. See
|
|
<citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
|
for a general description of the syntax.</para>
|
|
</refsect1>
|
|
|
|
<xi:include href="standard-conf.xml" xpointer="main-conf" />
|
|
|
|
<refsect1>
|
|
<title>Options</title>
|
|
|
|
<para>All options are configured in the
|
|
<literal>[Login]</literal> section:</para>
|
|
|
|
<variablelist>
|
|
|
|
<varlistentry>
|
|
<term><varname>NAutoVTs=</varname></term>
|
|
|
|
<listitem><para>Takes a positive integer. Configures how many
|
|
virtual terminals (VTs) to allocate by default that, when
|
|
switched to and are previously unused,
|
|
<literal>autovt</literal> services are automatically spawned
|
|
on. These services are instantiated from the template unit
|
|
<filename>autovt@.service</filename> for the respective VT TTY
|
|
name, for example, <filename>autovt@tty4.service</filename>.
|
|
By default, <filename>autovt@.service</filename> is linked to
|
|
<filename>getty@.service</filename>. In other words, login
|
|
prompts are started dynamically as the user switches to unused
|
|
virtual terminals. Hence, this parameter controls how many
|
|
login <literal>gettys</literal> are available on the VTs. If a
|
|
VT is already used by some other subsystem (for example, a
|
|
graphical login), this kind of activation will not be
|
|
attempted. Note that the VT configured in
|
|
<varname>ReserveVT=</varname> is always subject to this kind
|
|
of activation, even if it is not one of the VTs configured
|
|
with the <varname>NAutoVTs=</varname> directive. Defaults to
|
|
6. When set to 0, automatic spawning of
|
|
<literal>autovt</literal> services is
|
|
disabled.</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>ReserveVT=</varname></term>
|
|
|
|
<listitem><para>Takes a positive integer. Identifies one
|
|
virtual terminal that shall unconditionally be reserved for
|
|
<filename>autovt@.service</filename> activation (see above).
|
|
The VT selected with this option will be marked busy
|
|
unconditionally, so that no other subsystem will allocate it.
|
|
This functionality is useful to ensure that, regardless of how
|
|
many VTs are allocated by other subsystems, one login
|
|
<literal>getty</literal> is always available. Defaults to 6
|
|
(in other words, there will always be a
|
|
<literal>getty</literal> available on Alt-F6.). When set to 0,
|
|
VT reservation is disabled.</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>KillUserProcesses=</varname></term>
|
|
|
|
<listitem><para>Takes a boolean argument. Configures whether the processes of a
|
|
user should be killed when the user logs out. If true, the scope unit
|
|
corresponding to the session and all processes inside that scope will be
|
|
terminated. If false, the scope is "abandoned", see
|
|
<citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
|
and processes are not killed. Defaults to <literal>&KILL_USER_PROCESSES;</literal>,
|
|
but see the options <varname>KillOnlyUsers=</varname> and
|
|
<varname>KillExcludeUsers=</varname> below.</para>
|
|
|
|
<para>In addition to session processes, user process may run under the user
|
|
manager unit <filename>user@.service</filename>. Depending on the linger
|
|
settings, this may allow users to run processes independent of their login
|
|
sessions. See the description of <command>enable-linger</command> in
|
|
<citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
|
|
</para>
|
|
|
|
<para>Note that setting <varname>KillUserProcesses=yes</varname>
|
|
will break tools like
|
|
<citerefentry project='die-net'><refentrytitle>screen</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
|
and
|
|
<citerefentry project='die-net'><refentrytitle>tmux</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
|
unless they are moved out of the session scope. See example in
|
|
<citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>KillOnlyUsers=</varname></term>
|
|
<term><varname>KillExcludeUsers=</varname></term>
|
|
|
|
<listitem><para>These settings take space-separated lists of usernames that override
|
|
the <varname>KillUserProcesses=</varname> setting. A user name may be added to
|
|
<varname>KillExcludeUsers=</varname> to exclude the processes in the session scopes of
|
|
that user from being killed even if <varname>KillUserProcesses=yes</varname> is set. If
|
|
<varname>KillExcludeUsers=</varname> is not set, the <literal>root</literal> user is
|
|
excluded by default. <varname>KillExcludeUsers=</varname> may be set to an empty value
|
|
to override this default. If a user is not excluded, <varname>KillOnlyUsers=</varname>
|
|
is checked next. If this setting is specified, only the session scopes of those users
|
|
will be killed. Otherwise, users are subject to the
|
|
<varname>KillUserProcesses=yes</varname> setting.</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>IdleAction=</varname></term>
|
|
|
|
<listitem><para>Configures the action to take when the system
|
|
is idle. Takes one of
|
|
<literal>ignore</literal>,
|
|
<literal>poweroff</literal>,
|
|
<literal>reboot</literal>,
|
|
<literal>halt</literal>,
|
|
<literal>kexec</literal>,
|
|
<literal>suspend</literal>,
|
|
<literal>hibernate</literal>,
|
|
<literal>hybrid-sleep</literal>,
|
|
<literal>suspend-then-hibernate</literal>, and
|
|
<literal>lock</literal>.
|
|
Defaults to <literal>ignore</literal>.</para>
|
|
|
|
<para>Note that this requires that user sessions correctly
|
|
report the idle status to the system. The system will execute
|
|
the action after all sessions report that they are idle, no
|
|
idle inhibitor lock is active, and subsequently, the time
|
|
configured with <varname>IdleActionSec=</varname> (see below)
|
|
has expired.</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>IdleActionSec=</varname></term>
|
|
|
|
<listitem><para>Configures the delay after which the action
|
|
configured in <varname>IdleAction=</varname> (see above) is
|
|
taken after the system is idle.</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>InhibitDelayMaxSec=</varname></term>
|
|
|
|
<listitem><para>Specifies the maximum time a system shutdown
|
|
or sleep request is delayed due to an inhibitor lock of type
|
|
<literal>delay</literal> being active before the inhibitor is
|
|
ignored and the operation executes anyway. Defaults to
|
|
5.</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>HandlePowerKey=</varname></term>
|
|
<term><varname>HandleSuspendKey=</varname></term>
|
|
<term><varname>HandleHibernateKey=</varname></term>
|
|
<term><varname>HandleLidSwitch=</varname></term>
|
|
<term><varname>HandleLidSwitchExternalPower=</varname></term>
|
|
<term><varname>HandleLidSwitchDocked=</varname></term>
|
|
|
|
<listitem><para>Controls how logind shall handle the
|
|
system power and sleep keys and the lid switch to trigger
|
|
actions such as system power-off or suspend. Can be one of
|
|
<literal>ignore</literal>,
|
|
<literal>poweroff</literal>,
|
|
<literal>reboot</literal>,
|
|
<literal>halt</literal>,
|
|
<literal>kexec</literal>,
|
|
<literal>suspend</literal>,
|
|
<literal>hibernate</literal>,
|
|
<literal>hybrid-sleep</literal>,
|
|
<literal>suspend-then-hibernate</literal>, and
|
|
<literal>lock</literal>.
|
|
If <literal>ignore</literal>, logind will never handle these
|
|
keys. If <literal>lock</literal>, all running sessions will be
|
|
screen-locked; otherwise, the specified action will be taken
|
|
in the respective event. Only input devices with the
|
|
<literal>power-switch</literal> udev tag will be watched for
|
|
key/lid switch events. <varname>HandlePowerKey=</varname>
|
|
defaults to <literal>poweroff</literal>.
|
|
<varname>HandleSuspendKey=</varname> and
|
|
<varname>HandleLidSwitch=</varname> default to
|
|
<literal>suspend</literal>.
|
|
<varname>HandleLidSwitchExternalPower=</varname> is completely
|
|
ignored by default (for backwards compatibility) — an explicit
|
|
value must be set before it will be used to determine
|
|
behaviour. <varname>HandleLidSwitchDocked=</varname> defaults
|
|
to <literal>ignore</literal>.
|
|
<varname>HandleHibernateKey=</varname> defaults to
|
|
<literal>hibernate</literal>. If the system is inserted in a
|
|
docking station, or if more than one display is connected, the
|
|
action specified by <varname>HandleLidSwitchDocked=</varname>
|
|
occurs; if the system is on external power the action (if any)
|
|
specified by <varname>HandleLidSwitchExternalPower=</varname>
|
|
occurs; otherwise the <varname>HandleLidSwitch=</varname>
|
|
action occurs.</para>
|
|
|
|
<para>A different application may disable logind's handling of system power and
|
|
sleep keys and the lid switch by taking a low-level inhibitor lock
|
|
(<literal>handle-power-key</literal>, <literal>handle-suspend-key</literal>,
|
|
<literal>handle-hibernate-key</literal>, <literal>handle-lid-switch</literal>).
|
|
This is most commonly used by graphical desktop environments
|
|
to take over suspend and hibernation handling, and to use their own configuration
|
|
mechanisms. If a low-level inhibitor lock is taken, logind will not take any
|
|
action when that key or switch is triggered and the <varname>Handle*=</varname>
|
|
settings are irrelevant.</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>PowerKeyIgnoreInhibited=</varname></term>
|
|
<term><varname>SuspendKeyIgnoreInhibited=</varname></term>
|
|
<term><varname>HibernateKeyIgnoreInhibited=</varname></term>
|
|
<term><varname>LidSwitchIgnoreInhibited=</varname></term>
|
|
|
|
<listitem><para>Controls whether actions that <command>systemd-logind</command>
|
|
takes when the power and sleep keys and the lid switch are triggered are subject
|
|
to high-level inhibitor locks ("shutdown", "sleep", "idle"). Low level inhibitor
|
|
locks (<literal>handle-power-key</literal>, <literal>handle-suspend-key</literal>,
|
|
<literal>handle-hibernate-key</literal>, <literal>handle-lid-switch</literal>),
|
|
are always honored, irrespective of this setting.</para>
|
|
|
|
<para>These settings take boolean arguments. If <literal>no</literal>, the
|
|
inhibitor locks taken by applications are respected. If <literal>yes</literal>,
|
|
"shutdown", "sleep", and "idle" inhibitor locks are ignored.
|
|
<varname>PowerKeyIgnoreInhibited=</varname>,
|
|
<varname>SuspendKeyIgnoreInhibited=</varname>, and
|
|
<varname>HibernateKeyIgnoreInhibited=</varname> default to <literal>no</literal>.
|
|
<varname>LidSwitchIgnoreInhibited=</varname> defaults to <literal>yes</literal>.
|
|
This means that when <command>systemd-logind</command> is handling events by
|
|
itself (no low level inhibitor locks are taken by another application), the lid
|
|
switch does not respect suspend blockers by default, but the power and sleep keys
|
|
do.</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>HoldoffTimeoutSec=</varname></term>
|
|
|
|
<listitem><para>Specifies the timeout after system startup or
|
|
system resume in which systemd will hold off on reacting to
|
|
lid events. This is required for the system to properly
|
|
detect any hotplugged devices so systemd can ignore lid events
|
|
if external monitors, or docks, are connected. If set to 0,
|
|
systemd will always react immediately, possibly before the
|
|
kernel fully probed all hotplugged devices. This is safe, as
|
|
long as you do not care for systemd to account for devices
|
|
that have been plugged or unplugged while the system was off.
|
|
Defaults to 30s.</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>RuntimeDirectorySize=</varname></term>
|
|
|
|
<listitem><para>Sets the size limit on the
|
|
<varname>$XDG_RUNTIME_DIR</varname> runtime directory for each
|
|
user who logs in. Takes a size in bytes, optionally suffixed
|
|
with the usual K, G, M, and T suffixes, to the base 1024
|
|
(IEC). Alternatively, a numerical percentage suffixed by
|
|
<literal>%</literal> may be specified, which sets the size
|
|
limit relative to the amount of physical RAM. Defaults to 10%.
|
|
Note that this size is a safety limit only. As each runtime
|
|
directory is a tmpfs file system, it will only consume as much
|
|
memory as is needed.</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>InhibitorsMax=</varname></term>
|
|
|
|
<listitem><para>Controls the maximum number of concurrent inhibitors to permit. Defaults to 8192
|
|
(8K).</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>SessionsMax=</varname></term>
|
|
|
|
<listitem><para>Controls the maximum number of concurrent user sessions to manage. Defaults to 8192
|
|
(8K). Depending on how the <filename>pam_systemd.so</filename> module is included in the PAM stack
|
|
configuration, further login sessions will either be refused, or permitted but not tracked by
|
|
<filename>systemd-logind</filename>.</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><varname>RemoveIPC=</varname></term>
|
|
|
|
<listitem><para>Controls whether System V and POSIX IPC objects belonging to the user shall be removed when the
|
|
user fully logs out. Takes a boolean argument. If enabled, the user may not consume IPC resources after the
|
|
last of the user's sessions terminated. This covers System V semaphores, shared memory and message queues, as
|
|
well as POSIX shared memory and message queues. Note that IPC objects of the root user and other system users
|
|
are excluded from the effect of this setting. Defaults to <literal>yes</literal>.</para></listitem>
|
|
</varlistentry>
|
|
|
|
</variablelist>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>See Also</title>
|
|
<para>
|
|
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
|
</para>
|
|
</refsect1>
|
|
|
|
</refentry>
|