[thirdparty/systemd.git] / man / logind.conf.xml

<?xml version='1.0'?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
<!ENTITY % entities SYSTEM "custom-entities.ent" >
%entities;
]>
<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->

<refentry id="logind.conf" conditional='ENABLE_LOGIND'
    xmlns:xi="http://www.w3.org/2001/XInclude">
  <refentryinfo>
    <title>logind.conf</title>
    <productname>systemd</productname>
  </refentryinfo>

  <refmeta>
    <refentrytitle>logind.conf</refentrytitle>
    <manvolnum>5</manvolnum>
  </refmeta>

  <refnamediv>
    <refname>logind.conf</refname>
    <refname>logind.conf.d</refname>
    <refpurpose>Login manager configuration files</refpurpose>
  </refnamediv>

  <refsynopsisdiv>
    <para><filename>/etc/systemd/logind.conf</filename></para>
    <para><filename>/etc/systemd/logind.conf.d/*.conf</filename></para>
    <para><filename>/run/systemd/logind.conf.d/*.conf</filename></para>
    <para><filename>/usr/lib/systemd/logind.conf.d/*.conf</filename></para>
  </refsynopsisdiv>

  <refsect1>
    <title>Description</title>

    <para>These files configure various parameters of the systemd login manager,
    <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. See
    <citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>7</manvolnum></citerefentry>
    for a general description of the syntax.</para>
  </refsect1>

  <xi:include href="standard-conf.xml" xpointer="main-conf" />

  <refsect1>
    <title>Options</title>

    <para>All options are configured in the
    [Login] section:</para>

    <variablelist class='config-directives'>

      <varlistentry>
        <term><varname>NAutoVTs=</varname></term>

        <listitem><para>Takes a positive integer. Configures how many
        virtual terminals (VTs) to allocate by default that, when
        switched to and are previously unused,
        <literal>autovt</literal> services are automatically spawned
        on. These services are instantiated from the template unit
        <filename>autovt@.service</filename> for the respective VT TTY
        name, for example, <filename>autovt@tty4.service</filename>.
        By default, <filename>autovt@.service</filename> is linked to
        <filename>getty@.service</filename>. In other words, login
        prompts are started dynamically as the user switches to unused
        virtual terminals. Hence, this parameter controls how many
        login <literal>gettys</literal> are available on the VTs. If a
        VT is already used by some other subsystem (for example, a
        graphical login), this kind of activation will not be
        attempted. Note that the VT configured in
        <varname>ReserveVT=</varname> is always subject to this kind
        of activation, even if it is not one of the VTs configured
        with the <varname>NAutoVTs=</varname> directive. Defaults to
        6. When set to 0, automatic spawning of
        <literal>autovt</literal> services is
        disabled.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>ReserveVT=</varname></term>

        <listitem><para>Takes a positive integer. Identifies one
        virtual terminal that shall unconditionally be reserved for
        <filename>autovt@.service</filename> activation (see above).
        The VT selected with this option will be marked busy
        unconditionally, so that no other subsystem will allocate it.
        This functionality is useful to ensure that, regardless of how
        many VTs are allocated by other subsystems, one login
        <literal>getty</literal> is always available. Defaults to 6
        (in other words, there will always be a
        <literal>getty</literal> available on Alt-F6.). When set to 0,
        VT reservation is disabled.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>KillUserProcesses=</varname></term>

        <listitem><para>Takes a boolean argument. Configures whether the processes of a
        user should be killed when the user logs out. If true, the scope unit
        corresponding to the session and all processes inside that scope will be
        terminated. If false, the scope is "abandoned", see
        <citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
        and processes are not killed. Defaults to <literal>&KILL_USER_PROCESSES;</literal>,
        but see the options <varname>KillOnlyUsers=</varname> and
        <varname>KillExcludeUsers=</varname> below.</para>

        <para>In addition to session processes, user process may run under the user
        manager unit <filename>user@.service</filename>. Depending on the linger
        settings, this may allow users to run processes independent of their login
        sessions. See the description of <command>enable-linger</command> in
        <citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
        </para>

        <para>Note that setting <varname>KillUserProcesses=yes</varname>
        will break tools like
        <citerefentry project='die-net'><refentrytitle>screen</refentrytitle><manvolnum>1</manvolnum></citerefentry>
        and
        <citerefentry project='die-net'><refentrytitle>tmux</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
        unless they are moved out of the session scope. See example in
        <citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
        </para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>KillOnlyUsers=</varname></term>
        <term><varname>KillExcludeUsers=</varname></term>

        <listitem><para>These settings take space-separated lists of usernames that override the
        <varname>KillUserProcesses=</varname> setting. A user name may be added to
        <varname>KillExcludeUsers=</varname> to exclude the processes in the session scopes of that user from
        being killed even if <varname>KillUserProcesses=yes</varname> is set. If
        <varname>KillExcludeUsers=</varname> is not set, the <literal>root</literal> user is excluded by
        default. <varname>KillExcludeUsers=</varname> may be set to an empty value to override this
        default. If a user is not excluded, <varname>KillOnlyUsers=</varname> is checked next. If this
        setting is specified, only the processes in the session scopes of those users will be
        killed. Otherwise, users are subject to the <varname>KillUserProcesses=yes</varname> setting.
        </para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>IdleAction=</varname></term>

        <listitem><para>Configures the action to take when the system
        is idle. Takes one of
        <literal>ignore</literal>,
        <literal>poweroff</literal>,
        <literal>reboot</literal>,
        <literal>halt</literal>,
        <literal>kexec</literal>,
        <literal>suspend</literal>,
        <literal>hibernate</literal>,
        <literal>hybrid-sleep</literal>,
        <literal>suspend-then-hibernate</literal>, and
        <literal>lock</literal>.
        Defaults to <literal>ignore</literal>.</para>

        <para>Note that this requires that user sessions correctly
        report the idle status to the system. The system will execute
        the action after all sessions report that they are idle, no
        idle inhibitor lock is active, and subsequently, the time
        configured with <varname>IdleActionSec=</varname> (see below)
        has expired.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>IdleActionSec=</varname></term>

        <listitem><para>Configures the delay after which the action
        configured in <varname>IdleAction=</varname> (see above) is
        taken after the system is idle.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>InhibitDelayMaxSec=</varname></term>

        <listitem><para>Specifies the maximum time a system shutdown
        or sleep request is delayed due to an inhibitor lock of type
        <literal>delay</literal> being active before the inhibitor is
        ignored and the operation executes anyway. Defaults to
        5.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>UserStopDelaySec=</varname></term>

        <listitem><para>Specifies how long to keep the user record and per-user service
        <filename>user@.service</filename> around for a user after they logged out fully. If set to zero, the per-user
        service is terminated immediately when the last session of the user has ended. If this option is configured to
        non-zero rapid logout/login cycles are sped up, as the user's service manager is not constantly restarted. If
        set to <literal>infinity</literal> the per-user service for a user is never terminated again after first login,
        and continues to run until system shutdown. Defaults to 10s.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>HandlePowerKey=</varname></term>
        <term><varname>HandleSuspendKey=</varname></term>
        <term><varname>HandleHibernateKey=</varname></term>
        <term><varname>HandleLidSwitch=</varname></term>
        <term><varname>HandleLidSwitchExternalPower=</varname></term>
        <term><varname>HandleLidSwitchDocked=</varname></term>
        <term><varname>HandleRebootKey=</varname></term>

        <listitem><para>Controls how logind shall handle the
        system power, reboot and sleep keys and the lid switch to trigger
        actions such as system power-off, reboot or suspend. Can be one of
        <literal>ignore</literal>,
        <literal>poweroff</literal>,
        <literal>reboot</literal>,
        <literal>halt</literal>,
        <literal>kexec</literal>,
        <literal>suspend</literal>,
        <literal>hibernate</literal>,
        <literal>hybrid-sleep</literal>,
        <literal>suspend-then-hibernate</literal>, and
        <literal>lock</literal>.
        If <literal>ignore</literal>, logind will never handle these
        keys. If <literal>lock</literal>, all running sessions will be
        screen-locked; otherwise, the specified action will be taken
        in the respective event. Only input devices with the
        <literal>power-switch</literal> udev tag will be watched for
        key/lid switch events. <varname>HandlePowerKey=</varname>
        defaults to <literal>poweroff</literal>, <varname>HandleRebootKey=</varname>
        defaults to <literal>reboot</literal>.
        <varname>HandleSuspendKey=</varname> and
        <varname>HandleLidSwitch=</varname> default to
        <literal>suspend</literal>.
        <varname>HandleLidSwitchExternalPower=</varname> is completely
        ignored by default (for backwards compatibility) — an explicit
        value must be set before it will be used to determine
        behaviour. <varname>HandleLidSwitchDocked=</varname> defaults
        to <literal>ignore</literal>.
        <varname>HandleHibernateKey=</varname> defaults to
        <literal>hibernate</literal>. If the system is inserted in a
        docking station, or if more than one display is connected, the
        action specified by <varname>HandleLidSwitchDocked=</varname>
        occurs; if the system is on external power the action (if any)
        specified by <varname>HandleLidSwitchExternalPower=</varname>
        occurs; otherwise the <varname>HandleLidSwitch=</varname>
        action occurs.</para>

        <para>A different application may disable logind's handling of system power and
        sleep keys and the lid switch by taking a low-level inhibitor lock
        (<literal>handle-power-key</literal>, <literal>handle-suspend-key</literal>,
        <literal>handle-hibernate-key</literal>, <literal>handle-lid-switch</literal>,
        <literal>handle-reboot-switch</literal>).
        This is most commonly used by graphical desktop environments
        to take over suspend and hibernation handling, and to use their own configuration
        mechanisms. If a low-level inhibitor lock is taken, logind will not take any
        action when that key or switch is triggered and the <varname>Handle*=</varname>
        settings are irrelevant.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>PowerKeyIgnoreInhibited=</varname></term>
        <term><varname>SuspendKeyIgnoreInhibited=</varname></term>
        <term><varname>HibernateKeyIgnoreInhibited=</varname></term>
        <term><varname>LidSwitchIgnoreInhibited=</varname></term>
        <term><varname>RebootKeyIgnoreInhibited=</varname></term>

        <listitem><para>Controls whether actions that <command>systemd-logind</command>
        takes when the power, reboot and sleep keys and the lid switch are triggered are subject
        to high-level inhibitor locks ("shutdown", "reboot", "sleep", "idle"). Low level inhibitor
        locks (<literal>handle-power-key</literal>, <literal>handle-suspend-key</literal>,
        <literal>handle-hibernate-key</literal>, <literal>handle-lid-switch</literal>,
        <literal>handle-reboot-key</literal>),
        are always honored, irrespective of this setting.</para>

        <para>These settings take boolean arguments. If <literal>no</literal>, the
        inhibitor locks taken by applications are respected. If <literal>yes</literal>,
        "shutdown", "reboot" "sleep", and "idle" inhibitor locks are ignored.
        <varname>PowerKeyIgnoreInhibited=</varname>,
        <varname>SuspendKeyIgnoreInhibited=</varname>,
        <varname>HibernateKeyIgnoreInhibited=</varname> and
        <varname>RebootKeyIgnoreInhibited=</varname> default to <literal>no</literal>.
        <varname>LidSwitchIgnoreInhibited=</varname> defaults to <literal>yes</literal>.
        This means that when <command>systemd-logind</command> is handling events by
        itself (no low level inhibitor locks are taken by another application), the lid
        switch does not respect suspend blockers by default, but the power and sleep keys
        do.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>HoldoffTimeoutSec=</varname></term>

        <listitem><para>Specifies a period of time after system startup or
        system resume in which systemd will hold off on reacting to
        lid events. This is required for the system to properly
        detect any hotplugged devices so systemd can ignore lid events
        if external monitors, or docks, are connected. If set to 0,
        systemd will always react immediately, possibly before the
        kernel fully probed all hotplugged devices. This is safe, as
        long as you do not care for systemd to account for devices
        that have been plugged or unplugged while the system was off.
        Defaults to 30s.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>RuntimeDirectorySize=</varname></term>

        <listitem><para>Sets the size limit on the
        <varname>$XDG_RUNTIME_DIR</varname> runtime directory for each
        user who logs in. Takes a size in bytes, optionally suffixed
        with the usual K, G, M, and T suffixes, to the base 1024
        (IEC). Alternatively, a numerical percentage suffixed by
        <literal>%</literal> may be specified, which sets the size
        limit relative to the amount of physical RAM. Defaults to 10%.
        Note that this size is a safety limit only. As each runtime
        directory is a tmpfs file system, it will only consume as much
        memory as is needed.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>RuntimeDirectoryInodesMax=</varname></term>

        <listitem><para>Sets the limit on number of inodes for the
        <varname>$XDG_RUNTIME_DIR</varname> runtime directory for each
        user who logs in. Takes a number, optionally suffixed with the
        usual K, G, M, and T suffixes, to the base 1024 (IEC).
        Defaults to <varname>RuntimeDirectorySize=</varname> divided
        by 4096. Note that this size is a safety limit only.
        As each runtime directory is a tmpfs file system, it will
        only consume as much memory as is needed.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>InhibitorsMax=</varname></term>

        <listitem><para>Controls the maximum number of concurrent inhibitors to permit. Defaults to 8192
        (8K).</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>SessionsMax=</varname></term>

        <listitem><para>Controls the maximum number of concurrent user sessions to manage. Defaults to 8192
        (8K). Depending on how the <filename>pam_systemd.so</filename> module is included in the PAM stack
        configuration, further login sessions will either be refused, or permitted but not tracked by
        <filename>systemd-logind</filename>.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><varname>RemoveIPC=</varname></term>

        <listitem><para>Controls whether System V and POSIX IPC objects belonging to the user shall be removed when the
        user fully logs out. Takes a boolean argument. If enabled, the user may not consume IPC resources after the
        last of the user's sessions terminated. This covers System V semaphores, shared memory and message queues, as
        well as POSIX shared memory and message queues. Note that IPC objects of the root user and other system users
        are excluded from the effect of this setting. Defaults to <literal>yes</literal>.</para></listitem>
      </varlistentry>

    </variablelist>
  </refsect1>

  <refsect1>
      <title>See Also</title>
      <para>
        <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
        <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
        <citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
        <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
      </para>
  </refsect1>

</refentry>
Commit	Line	Data
514094f9	1	<?xml version='1.0'?>
3a54a157	2	<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
c7f7e859 MK	3	"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
	4	<!ENTITY % entities SYSTEM "custom-entities.ent" >
	5	%entities;
	6	]>
db9ecf05	7	<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
8fa365e5	8
d3fae78f	9	<refentry id="logind.conf" conditional='ENABLE_LOGIND'
798d3a52 ZJS	10	xmlns:xi="http://www.w3.org/2001/XInclude">
	11	<refentryinfo>
	12	<title>logind.conf</title>
	13	<productname>systemd</productname>
798d3a52 ZJS	14	</refentryinfo>
	15
	16	<refmeta>
	17	<refentrytitle>logind.conf</refentrytitle>
	18	<manvolnum>5</manvolnum>
	19	</refmeta>
	20
	21	<refnamediv>
	22	<refname>logind.conf</refname>
	23	<refname>logind.conf.d</refname>
	24	<refpurpose>Login manager configuration files</refpurpose>
	25	</refnamediv>
	26
	27	<refsynopsisdiv>
12b42c76 TG	28	<para><filename>/etc/systemd/logind.conf</filename></para>
12b42c76 TG	29	<para><filename>/etc/systemd/logind.conf.d/*.conf</filename></para>
798d3a52	30	<para><filename>/run/systemd/logind.conf.d/*.conf</filename></para>
12b42c76	31	<para><filename>/usr/lib/systemd/logind.conf.d/*.conf</filename></para>
798d3a52 ZJS	32	</refsynopsisdiv>
	33
	34	<refsect1>
	35	<title>Description</title>
	36
0f943ae4 ZJS	37	<para>These files configure various parameters of the systemd login manager,
0f943ae4 ZJS	38	<citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. See
675fa6ea	39	<citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>7</manvolnum></citerefentry>
0f943ae4	40	for a general description of the syntax.</para>
798d3a52 ZJS	41	</refsect1>
798d3a52 ZJS	42
e93549ef	43	<xi:include href="standard-conf.xml" xpointer="main-conf" />
798d3a52 ZJS	44
	45	<refsect1>
	46	<title>Options</title>
	47
	48	<para>All options are configured in the
bdac5608	49	[Login] section:</para>
798d3a52	50
d2acdcc6	51	<variablelist class='config-directives'>
798d3a52 ZJS	52
	53	<varlistentry>
	54	<term><varname>NAutoVTs=</varname></term>
	55
	56	<listitem><para>Takes a positive integer. Configures how many
	57	virtual terminals (VTs) to allocate by default that, when
	58	switched to and are previously unused,
	59	<literal>autovt</literal> services are automatically spawned
	60	on. These services are instantiated from the template unit
	61	<filename>autovt@.service</filename> for the respective VT TTY
	62	name, for example, <filename>autovt@tty4.service</filename>.
	63	By default, <filename>autovt@.service</filename> is linked to
	64	<filename>getty@.service</filename>. In other words, login
	65	prompts are started dynamically as the user switches to unused
	66	virtual terminals. Hence, this parameter controls how many
	67	login <literal>gettys</literal> are available on the VTs. If a
	68	VT is already used by some other subsystem (for example, a
	69	graphical login), this kind of activation will not be
	70	attempted. Note that the VT configured in
	71	<varname>ReserveVT=</varname> is always subject to this kind
	72	of activation, even if it is not one of the VTs configured
	73	with the <varname>NAutoVTs=</varname> directive. Defaults to
	74	6. When set to 0, automatic spawning of
	75	<literal>autovt</literal> services is
	76	disabled.</para></listitem>
	77	</varlistentry>
	78
	79	<varlistentry>
	80	<term><varname>ReserveVT=</varname></term>
	81
	82	<listitem><para>Takes a positive integer. Identifies one
	83	virtual terminal that shall unconditionally be reserved for
	84	<filename>autovt@.service</filename> activation (see above).
	85	The VT selected with this option will be marked busy
	86	unconditionally, so that no other subsystem will allocate it.
	87	This functionality is useful to ensure that, regardless of how
	88	many VTs are allocated by other subsystems, one login
	89	<literal>getty</literal> is always available. Defaults to 6
	90	(in other words, there will always be a
	91	<literal>getty</literal> available on Alt-F6.). When set to 0,
	92	VT reservation is disabled.</para></listitem>
	93	</varlistentry>
	94
	95	<varlistentry>
	96	<term><varname>KillUserProcesses=</varname></term>
	97
65eb37f8 ZJS	98	<listitem><para>Takes a boolean argument. Configures whether the processes of a
	99	user should be killed when the user logs out. If true, the scope unit
	100	corresponding to the session and all processes inside that scope will be
4f25723c	101	terminated. If false, the scope is "abandoned", see
65eb37f8	102	<citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
c7f7e859	103	and processes are not killed. Defaults to <literal>&KILL_USER_PROCESSES;</literal>,
921f831d ZJS	104	but see the options <varname>KillOnlyUsers=</varname> and
921f831d ZJS	105	<varname>KillExcludeUsers=</varname> below.</para>
65eb37f8 ZJS	106
	107	<para>In addition to session processes, user process may run under the user
	108	manager unit <filename>user@.service</filename>. Depending on the linger
	109	settings, this may allow users to run processes independent of their login
	110	sessions. See the description of <command>enable-linger</command> in
	111	<citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
	112	</para>
	113
	114	<para>Note that setting <varname>KillUserProcesses=yes</varname>
798d3a52	115	will break tools like
65eb37f8 ZJS	116	<citerefentry project='die-net'><refentrytitle>screen</refentrytitle><manvolnum>1</manvolnum></citerefentry>
	117	and
	118	<citerefentry project='die-net'><refentrytitle>tmux</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
	119	unless they are moved out of the session scope. See example in
	120	<citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
	121	</para></listitem>
798d3a52 ZJS	122	</varlistentry>
	123
	124	<varlistentry>
	125	<term><varname>KillOnlyUsers=</varname></term>
	126	<term><varname>KillExcludeUsers=</varname></term>
	127
41b6ae4d ZJS	128	<listitem><para>These settings take space-separated lists of usernames that override the
	129	<varname>KillUserProcesses=</varname> setting. A user name may be added to
	130	<varname>KillExcludeUsers=</varname> to exclude the processes in the session scopes of that user from
	131	being killed even if <varname>KillUserProcesses=yes</varname> is set. If
	132	<varname>KillExcludeUsers=</varname> is not set, the <literal>root</literal> user is excluded by
	133	default. <varname>KillExcludeUsers=</varname> may be set to an empty value to override this
	134	default. If a user is not excluded, <varname>KillOnlyUsers=</varname> is checked next. If this
	135	setting is specified, only the processes in the session scopes of those users will be
	136	killed. Otherwise, users are subject to the <varname>KillUserProcesses=yes</varname> setting.
	137	</para></listitem>
798d3a52 ZJS	138	</varlistentry>
	139
	140	<varlistentry>
	141	<term><varname>IdleAction=</varname></term>
	142
	143	<listitem><para>Configures the action to take when the system
	144	is idle. Takes one of
	145	<literal>ignore</literal>,
	146	<literal>poweroff</literal>,
	147	<literal>reboot</literal>,
	148	<literal>halt</literal>,
	149	<literal>kexec</literal>,
	150	<literal>suspend</literal>,
	151	<literal>hibernate</literal>,
c58493c0	152	<literal>hybrid-sleep</literal>,
e68c79db	153	<literal>suspend-then-hibernate</literal>, and
798d3a52 ZJS	154	<literal>lock</literal>.
	155	Defaults to <literal>ignore</literal>.</para>
	156
	157	<para>Note that this requires that user sessions correctly
	158	report the idle status to the system. The system will execute
	159	the action after all sessions report that they are idle, no
	160	idle inhibitor lock is active, and subsequently, the time
	161	configured with <varname>IdleActionSec=</varname> (see below)
	162	has expired.</para>
	163	</listitem>
	164	</varlistentry>
	165
	166	<varlistentry>
	167	<term><varname>IdleActionSec=</varname></term>
	168
	169	<listitem><para>Configures the delay after which the action
	170	configured in <varname>IdleAction=</varname> (see above) is
	171	taken after the system is idle.</para></listitem>
	172	</varlistentry>
	173
	174	<varlistentry>
	175	<term><varname>InhibitDelayMaxSec=</varname></term>
	176
	177	<listitem><para>Specifies the maximum time a system shutdown
	178	or sleep request is delayed due to an inhibitor lock of type
	179	<literal>delay</literal> being active before the inhibitor is
	180	ignored and the operation executes anyway. Defaults to
	181	5.</para></listitem>
	182	</varlistentry>
	183
9afe9efb LP	184	<varlistentry>
	185	<term><varname>UserStopDelaySec=</varname></term>
	186
	187	<listitem><para>Specifies how long to keep the user record and per-user service
	188	<filename>user@.service</filename> around for a user after they logged out fully. If set to zero, the per-user
	189	service is terminated immediately when the last session of the user has ended. If this option is configured to
	190	non-zero rapid logout/login cycles are sped up, as the user's service manager is not constantly restarted. If
	191	set to <literal>infinity</literal> the per-user service for a user is never terminated again after first login,
	192	and continues to run until system shutdown. Defaults to 10s.</para></listitem>
	193	</varlistentry>
	194
798d3a52 ZJS	195	<varlistentry>
	196	<term><varname>HandlePowerKey=</varname></term>
	197	<term><varname>HandleSuspendKey=</varname></term>
	198	<term><varname>HandleHibernateKey=</varname></term>
	199	<term><varname>HandleLidSwitch=</varname></term>
e25937a3	200	<term><varname>HandleLidSwitchExternalPower=</varname></term>
798d3a52	201	<term><varname>HandleLidSwitchDocked=</varname></term>
adbb2b6a	202	<term><varname>HandleRebootKey=</varname></term>
798d3a52	203
05b2a8fd	204	<listitem><para>Controls how logind shall handle the
adbb2b6a RM	205	system power, reboot and sleep keys and the lid switch to trigger
adbb2b6a RM	206	actions such as system power-off, reboot or suspend. Can be one of
798d3a52 ZJS	207	<literal>ignore</literal>,
	208	<literal>poweroff</literal>,
	209	<literal>reboot</literal>,
	210	<literal>halt</literal>,
	211	<literal>kexec</literal>,
	212	<literal>suspend</literal>,
	213	<literal>hibernate</literal>,
c58493c0	214	<literal>hybrid-sleep</literal>,
e68c79db	215	<literal>suspend-then-hibernate</literal>, and
798d3a52 ZJS	216	<literal>lock</literal>.
	217	If <literal>ignore</literal>, logind will never handle these
	218	keys. If <literal>lock</literal>, all running sessions will be
	219	screen-locked; otherwise, the specified action will be taken
	220	in the respective event. Only input devices with the
	221	<literal>power-switch</literal> udev tag will be watched for
	222	key/lid switch events. <varname>HandlePowerKey=</varname>
adbb2b6a RM	223	defaults to <literal>poweroff</literal>, <varname>HandleRebootKey=</varname>
adbb2b6a RM	224	defaults to <literal>reboot</literal>.
798d3a52 ZJS	225	<varname>HandleSuspendKey=</varname> and
	226	<varname>HandleLidSwitch=</varname> default to
	227	<literal>suspend</literal>.
e25937a3	228	<varname>HandleLidSwitchExternalPower=</varname> is completely
c8fad2e7	229	ignored by default (for backwards compatibility) — an explicit
e25937a3	230	value must be set before it will be used to determine
c8fad2e7	231	behaviour. <varname>HandleLidSwitchDocked=</varname> defaults
e25937a3	232	to <literal>ignore</literal>.
798d3a52 ZJS	233	<varname>HandleHibernateKey=</varname> defaults to
	234	<literal>hibernate</literal>. If the system is inserted in a
	235	docking station, or if more than one display is connected, the
	236	action specified by <varname>HandleLidSwitchDocked=</varname>
e25937a3 SF	237	occurs; if the system is on external power the action (if any)
e25937a3 SF	238	specified by <varname>HandleLidSwitchExternalPower=</varname>
798d3a52	239	occurs; otherwise the <varname>HandleLidSwitch=</varname>
05b2a8fd ZJS	240	action occurs.</para>
	241
	242	<para>A different application may disable logind's handling of system power and
	243	sleep keys and the lid switch by taking a low-level inhibitor lock
3daffa82	244	(<literal>handle-power-key</literal>, <literal>handle-suspend-key</literal>,
adbb2b6a RM	245	<literal>handle-hibernate-key</literal>, <literal>handle-lid-switch</literal>,
adbb2b6a RM	246	<literal>handle-reboot-switch</literal>).
3daffa82	247	This is most commonly used by graphical desktop environments
05b2a8fd ZJS	248	to take over suspend and hibernation handling, and to use their own configuration
	249	mechanisms. If a low-level inhibitor lock is taken, logind will not take any
	250	action when that key or switch is triggered and the <varname>Handle*=</varname>
	251	settings are irrelevant.</para></listitem>
798d3a52 ZJS	252	</varlistentry>
	253
	254	<varlistentry>
	255	<term><varname>PowerKeyIgnoreInhibited=</varname></term>
	256	<term><varname>SuspendKeyIgnoreInhibited=</varname></term>
	257	<term><varname>HibernateKeyIgnoreInhibited=</varname></term>
	258	<term><varname>LidSwitchIgnoreInhibited=</varname></term>
adbb2b6a	259	<term><varname>RebootKeyIgnoreInhibited=</varname></term>
798d3a52	260
05b2a8fd	261	<listitem><para>Controls whether actions that <command>systemd-logind</command>
adbb2b6a RM	262	takes when the power, reboot and sleep keys and the lid switch are triggered are subject
adbb2b6a RM	263	to high-level inhibitor locks ("shutdown", "reboot", "sleep", "idle"). Low level inhibitor
3daffa82	264	locks (<literal>handle-power-key</literal>, <literal>handle-suspend-key</literal>,
adbb2b6a RM	265	<literal>handle-hibernate-key</literal>, <literal>handle-lid-switch</literal>,
adbb2b6a RM	266	<literal>handle-reboot-key</literal>),
3daffa82	267	are always honored, irrespective of this setting.</para>
05b2a8fd ZJS	268
	269	<para>These settings take boolean arguments. If <literal>no</literal>, the
	270	inhibitor locks taken by applications are respected. If <literal>yes</literal>,
adbb2b6a	271	"shutdown", "reboot" "sleep", and "idle" inhibitor locks are ignored.
798d3a52	272	<varname>PowerKeyIgnoreInhibited=</varname>,
adbb2b6a RM	273	<varname>SuspendKeyIgnoreInhibited=</varname>,
	274	<varname>HibernateKeyIgnoreInhibited=</varname> and
	275	<varname>RebootKeyIgnoreInhibited=</varname> default to <literal>no</literal>.
05b2a8fd ZJS	276	<varname>LidSwitchIgnoreInhibited=</varname> defaults to <literal>yes</literal>.
	277	This means that when <command>systemd-logind</command> is handling events by
	278	itself (no low level inhibitor locks are taken by another application), the lid
	279	switch does not respect suspend blockers by default, but the power and sleep keys
	280	do.</para></listitem>
798d3a52 ZJS	281	</varlistentry>
798d3a52 ZJS	282
9d10cbee DH	283	<varlistentry>
	284	<term><varname>HoldoffTimeoutSec=</varname></term>
	285
e9dd6984	286	<listitem><para>Specifies a period of time after system startup or
9d10cbee	287	system resume in which systemd will hold off on reacting to
a8eaaee7 JE	288	lid events. This is required for the system to properly
a8eaaee7 JE	289	detect any hotplugged devices so systemd can ignore lid events
9d10cbee DH	290	if external monitors, or docks, are connected. If set to 0,
	291	systemd will always react immediately, possibly before the
	292	kernel fully probed all hotplugged devices. This is safe, as
	293	long as you do not care for systemd to account for devices
	294	that have been plugged or unplugged while the system was off.
	295	Defaults to 30s.</para></listitem>
	296	</varlistentry>
	297
798d3a52 ZJS	298	<varlistentry>
	299	<term><varname>RuntimeDirectorySize=</varname></term>
	300
	301	<listitem><para>Sets the size limit on the
	302	<varname>$XDG_RUNTIME_DIR</varname> runtime directory for each
	303	user who logs in. Takes a size in bytes, optionally suffixed
	304	with the usual K, G, M, and T suffixes, to the base 1024
	305	(IEC). Alternatively, a numerical percentage suffixed by
	306	<literal>%</literal> may be specified, which sets the size
	307	limit relative to the amount of physical RAM. Defaults to 10%.
	308	Note that this size is a safety limit only. As each runtime
	309	directory is a tmpfs file system, it will only consume as much
90558f31 LP	310	memory as is needed.</para></listitem>
	311	</varlistentry>
	312
cc1c85fb TM	313	<varlistentry>
	314	<term><varname>RuntimeDirectoryInodesMax=</varname></term>
	315
	316	<listitem><para>Sets the limit on number of inodes for the
	317	<varname>$XDG_RUNTIME_DIR</varname> runtime directory for each
	318	user who logs in. Takes a number, optionally suffixed with the
	319	usual K, G, M, and T suffixes, to the base 1024 (IEC).
	320	Defaults to <varname>RuntimeDirectorySize=</varname> divided
	321	by 4096. Note that this size is a safety limit only.
	322	As each runtime directory is a tmpfs file system, it will
	323	only consume as much memory as is needed.</para></listitem>
	324	</varlistentry>
	325
c5a11ae2 LP	326	<varlistentry>
	327	<term><varname>InhibitorsMax=</varname></term>
	328
	329	<listitem><para>Controls the maximum number of concurrent inhibitors to permit. Defaults to 8192
	330	(8K).</para></listitem>
	331	</varlistentry>
	332
183e0738 LP	333	<varlistentry>
	334	<term><varname>SessionsMax=</varname></term>
	335
	336	<listitem><para>Controls the maximum number of concurrent user sessions to manage. Defaults to 8192
	337	(8K). Depending on how the <filename>pam_systemd.so</filename> module is included in the PAM stack
	338	configuration, further login sessions will either be refused, or permitted but not tracked by
	339	<filename>systemd-logind</filename>.</para></listitem>
	340	</varlistentry>
	341
798d3a52 ZJS	342	<varlistentry>
	343	<term><varname>RemoveIPC=</varname></term>
	344
f59d94bc LP	345	<listitem><para>Controls whether System V and POSIX IPC objects belonging to the user shall be removed when the
	346	user fully logs out. Takes a boolean argument. If enabled, the user may not consume IPC resources after the
	347	last of the user's sessions terminated. This covers System V semaphores, shared memory and message queues, as
	348	well as POSIX shared memory and message queues. Note that IPC objects of the root user and other system users
	349	are excluded from the effect of this setting. Defaults to <literal>yes</literal>.</para></listitem>
798d3a52 ZJS	350	</varlistentry>
	351
	352	</variablelist>
	353	</refsect1>
	354
	355	<refsect1>
	356	<title>See Also</title>
	357	<para>
	358	<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
	359	<citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
	360	<citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
	361	<citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
	362	</para>
	363	</refsect1>
8fa365e5 LP	364
8fa365e5 LP	365	</refentry>