]>
Commit | Line | Data |
---|---|---|
514094f9 | 1 | <?xml version='1.0'?> |
8fa365e5 | 2 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" |
c7f7e859 MK |
3 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ |
4 | <!ENTITY % entities SYSTEM "custom-entities.ent" > | |
5 | %entities; | |
6 | ]> | |
8fa365e5 LP |
7 | |
8 | <!-- | |
572eb058 | 9 | SPDX-License-Identifier: LGPL-2.1+ |
8fa365e5 LP |
10 | --> |
11 | ||
d3fae78f | 12 | <refentry id="logind.conf" conditional='ENABLE_LOGIND' |
798d3a52 ZJS |
13 | xmlns:xi="http://www.w3.org/2001/XInclude"> |
14 | <refentryinfo> | |
15 | <title>logind.conf</title> | |
16 | <productname>systemd</productname> | |
798d3a52 ZJS |
17 | </refentryinfo> |
18 | ||
19 | <refmeta> | |
20 | <refentrytitle>logind.conf</refentrytitle> | |
21 | <manvolnum>5</manvolnum> | |
22 | </refmeta> | |
23 | ||
24 | <refnamediv> | |
25 | <refname>logind.conf</refname> | |
26 | <refname>logind.conf.d</refname> | |
27 | <refpurpose>Login manager configuration files</refpurpose> | |
28 | </refnamediv> | |
29 | ||
30 | <refsynopsisdiv> | |
12b42c76 TG |
31 | <para><filename>/etc/systemd/logind.conf</filename></para> |
32 | <para><filename>/etc/systemd/logind.conf.d/*.conf</filename></para> | |
798d3a52 | 33 | <para><filename>/run/systemd/logind.conf.d/*.conf</filename></para> |
12b42c76 | 34 | <para><filename>/usr/lib/systemd/logind.conf.d/*.conf</filename></para> |
798d3a52 ZJS |
35 | </refsynopsisdiv> |
36 | ||
37 | <refsect1> | |
38 | <title>Description</title> | |
39 | ||
0f943ae4 ZJS |
40 | <para>These files configure various parameters of the systemd login manager, |
41 | <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. See | |
42 | <citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
43 | for a general description of the syntax.</para> | |
798d3a52 ZJS |
44 | </refsect1> |
45 | ||
e93549ef | 46 | <xi:include href="standard-conf.xml" xpointer="main-conf" /> |
798d3a52 ZJS |
47 | |
48 | <refsect1> | |
49 | <title>Options</title> | |
50 | ||
51 | <para>All options are configured in the | |
52 | <literal>[Login]</literal> section:</para> | |
53 | ||
54 | <variablelist> | |
55 | ||
56 | <varlistentry> | |
57 | <term><varname>NAutoVTs=</varname></term> | |
58 | ||
59 | <listitem><para>Takes a positive integer. Configures how many | |
60 | virtual terminals (VTs) to allocate by default that, when | |
61 | switched to and are previously unused, | |
62 | <literal>autovt</literal> services are automatically spawned | |
63 | on. These services are instantiated from the template unit | |
64 | <filename>autovt@.service</filename> for the respective VT TTY | |
65 | name, for example, <filename>autovt@tty4.service</filename>. | |
66 | By default, <filename>autovt@.service</filename> is linked to | |
67 | <filename>getty@.service</filename>. In other words, login | |
68 | prompts are started dynamically as the user switches to unused | |
69 | virtual terminals. Hence, this parameter controls how many | |
70 | login <literal>gettys</literal> are available on the VTs. If a | |
71 | VT is already used by some other subsystem (for example, a | |
72 | graphical login), this kind of activation will not be | |
73 | attempted. Note that the VT configured in | |
74 | <varname>ReserveVT=</varname> is always subject to this kind | |
75 | of activation, even if it is not one of the VTs configured | |
76 | with the <varname>NAutoVTs=</varname> directive. Defaults to | |
77 | 6. When set to 0, automatic spawning of | |
78 | <literal>autovt</literal> services is | |
79 | disabled.</para></listitem> | |
80 | </varlistentry> | |
81 | ||
82 | <varlistentry> | |
83 | <term><varname>ReserveVT=</varname></term> | |
84 | ||
85 | <listitem><para>Takes a positive integer. Identifies one | |
86 | virtual terminal that shall unconditionally be reserved for | |
87 | <filename>autovt@.service</filename> activation (see above). | |
88 | The VT selected with this option will be marked busy | |
89 | unconditionally, so that no other subsystem will allocate it. | |
90 | This functionality is useful to ensure that, regardless of how | |
91 | many VTs are allocated by other subsystems, one login | |
92 | <literal>getty</literal> is always available. Defaults to 6 | |
93 | (in other words, there will always be a | |
94 | <literal>getty</literal> available on Alt-F6.). When set to 0, | |
95 | VT reservation is disabled.</para></listitem> | |
96 | </varlistentry> | |
97 | ||
98 | <varlistentry> | |
99 | <term><varname>KillUserProcesses=</varname></term> | |
100 | ||
65eb37f8 ZJS |
101 | <listitem><para>Takes a boolean argument. Configures whether the processes of a |
102 | user should be killed when the user logs out. If true, the scope unit | |
103 | corresponding to the session and all processes inside that scope will be | |
4f25723c | 104 | terminated. If false, the scope is "abandoned", see |
65eb37f8 | 105 | <citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>, |
c7f7e859 | 106 | and processes are not killed. Defaults to <literal>&KILL_USER_PROCESSES;</literal>, |
921f831d ZJS |
107 | but see the options <varname>KillOnlyUsers=</varname> and |
108 | <varname>KillExcludeUsers=</varname> below.</para> | |
65eb37f8 ZJS |
109 | |
110 | <para>In addition to session processes, user process may run under the user | |
111 | manager unit <filename>user@.service</filename>. Depending on the linger | |
112 | settings, this may allow users to run processes independent of their login | |
113 | sessions. See the description of <command>enable-linger</command> in | |
114 | <citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>. | |
115 | </para> | |
116 | ||
117 | <para>Note that setting <varname>KillUserProcesses=yes</varname> | |
798d3a52 | 118 | will break tools like |
65eb37f8 ZJS |
119 | <citerefentry project='die-net'><refentrytitle>screen</refentrytitle><manvolnum>1</manvolnum></citerefentry> |
120 | and | |
121 | <citerefentry project='die-net'><refentrytitle>tmux</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
122 | unless they are moved out of the session scope. See example in | |
123 | <citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>. | |
124 | </para></listitem> | |
798d3a52 ZJS |
125 | </varlistentry> |
126 | ||
127 | <varlistentry> | |
128 | <term><varname>KillOnlyUsers=</varname></term> | |
129 | <term><varname>KillExcludeUsers=</varname></term> | |
130 | ||
921f831d ZJS |
131 | <listitem><para>These settings take space-separated lists of usernames that override |
132 | the <varname>KillUserProcesses=</varname> setting. A user name may be added to | |
133 | <varname>KillExcludeUsers=</varname> to exclude the processes in the session scopes of | |
134 | that user from being killed even if <varname>KillUserProcesses=yes</varname> is set. If | |
135 | <varname>KillExcludeUsers=</varname> is not set, the <literal>root</literal> user is | |
136 | excluded by default. <varname>KillExcludeUsers=</varname> may be set to an empty value | |
137 | to override this default. If a user is not excluded, <varname>KillOnlyUsers=</varname> | |
138 | is checked next. If this setting is specified, only the session scopes of those users | |
139 | will be killed. Otherwise, users are subject to the | |
140 | <varname>KillUserProcesses=yes</varname> setting.</para></listitem> | |
798d3a52 ZJS |
141 | </varlistentry> |
142 | ||
143 | <varlistentry> | |
144 | <term><varname>IdleAction=</varname></term> | |
145 | ||
146 | <listitem><para>Configures the action to take when the system | |
147 | is idle. Takes one of | |
148 | <literal>ignore</literal>, | |
149 | <literal>poweroff</literal>, | |
150 | <literal>reboot</literal>, | |
151 | <literal>halt</literal>, | |
152 | <literal>kexec</literal>, | |
153 | <literal>suspend</literal>, | |
154 | <literal>hibernate</literal>, | |
c58493c0 | 155 | <literal>hybrid-sleep</literal>, |
e68c79db | 156 | <literal>suspend-then-hibernate</literal>, and |
798d3a52 ZJS |
157 | <literal>lock</literal>. |
158 | Defaults to <literal>ignore</literal>.</para> | |
159 | ||
160 | <para>Note that this requires that user sessions correctly | |
161 | report the idle status to the system. The system will execute | |
162 | the action after all sessions report that they are idle, no | |
163 | idle inhibitor lock is active, and subsequently, the time | |
164 | configured with <varname>IdleActionSec=</varname> (see below) | |
165 | has expired.</para> | |
166 | </listitem> | |
167 | </varlistentry> | |
168 | ||
169 | <varlistentry> | |
170 | <term><varname>IdleActionSec=</varname></term> | |
171 | ||
172 | <listitem><para>Configures the delay after which the action | |
173 | configured in <varname>IdleAction=</varname> (see above) is | |
174 | taken after the system is idle.</para></listitem> | |
175 | </varlistentry> | |
176 | ||
177 | <varlistentry> | |
178 | <term><varname>InhibitDelayMaxSec=</varname></term> | |
179 | ||
180 | <listitem><para>Specifies the maximum time a system shutdown | |
181 | or sleep request is delayed due to an inhibitor lock of type | |
182 | <literal>delay</literal> being active before the inhibitor is | |
183 | ignored and the operation executes anyway. Defaults to | |
184 | 5.</para></listitem> | |
185 | </varlistentry> | |
186 | ||
9afe9efb LP |
187 | <varlistentry> |
188 | <term><varname>UserStopDelaySec=</varname></term> | |
189 | ||
190 | <listitem><para>Specifies how long to keep the user record and per-user service | |
191 | <filename>user@.service</filename> around for a user after they logged out fully. If set to zero, the per-user | |
192 | service is terminated immediately when the last session of the user has ended. If this option is configured to | |
193 | non-zero rapid logout/login cycles are sped up, as the user's service manager is not constantly restarted. If | |
194 | set to <literal>infinity</literal> the per-user service for a user is never terminated again after first login, | |
195 | and continues to run until system shutdown. Defaults to 10s.</para></listitem> | |
196 | </varlistentry> | |
197 | ||
798d3a52 ZJS |
198 | <varlistentry> |
199 | <term><varname>HandlePowerKey=</varname></term> | |
200 | <term><varname>HandleSuspendKey=</varname></term> | |
201 | <term><varname>HandleHibernateKey=</varname></term> | |
202 | <term><varname>HandleLidSwitch=</varname></term> | |
e25937a3 | 203 | <term><varname>HandleLidSwitchExternalPower=</varname></term> |
798d3a52 ZJS |
204 | <term><varname>HandleLidSwitchDocked=</varname></term> |
205 | ||
05b2a8fd | 206 | <listitem><para>Controls how logind shall handle the |
798d3a52 ZJS |
207 | system power and sleep keys and the lid switch to trigger |
208 | actions such as system power-off or suspend. Can be one of | |
209 | <literal>ignore</literal>, | |
210 | <literal>poweroff</literal>, | |
211 | <literal>reboot</literal>, | |
212 | <literal>halt</literal>, | |
213 | <literal>kexec</literal>, | |
214 | <literal>suspend</literal>, | |
215 | <literal>hibernate</literal>, | |
c58493c0 | 216 | <literal>hybrid-sleep</literal>, |
e68c79db | 217 | <literal>suspend-then-hibernate</literal>, and |
798d3a52 ZJS |
218 | <literal>lock</literal>. |
219 | If <literal>ignore</literal>, logind will never handle these | |
220 | keys. If <literal>lock</literal>, all running sessions will be | |
221 | screen-locked; otherwise, the specified action will be taken | |
222 | in the respective event. Only input devices with the | |
223 | <literal>power-switch</literal> udev tag will be watched for | |
224 | key/lid switch events. <varname>HandlePowerKey=</varname> | |
225 | defaults to <literal>poweroff</literal>. | |
226 | <varname>HandleSuspendKey=</varname> and | |
227 | <varname>HandleLidSwitch=</varname> default to | |
228 | <literal>suspend</literal>. | |
e25937a3 | 229 | <varname>HandleLidSwitchExternalPower=</varname> is completely |
c8fad2e7 | 230 | ignored by default (for backwards compatibility) — an explicit |
e25937a3 | 231 | value must be set before it will be used to determine |
c8fad2e7 | 232 | behaviour. <varname>HandleLidSwitchDocked=</varname> defaults |
e25937a3 | 233 | to <literal>ignore</literal>. |
798d3a52 ZJS |
234 | <varname>HandleHibernateKey=</varname> defaults to |
235 | <literal>hibernate</literal>. If the system is inserted in a | |
236 | docking station, or if more than one display is connected, the | |
237 | action specified by <varname>HandleLidSwitchDocked=</varname> | |
e25937a3 SF |
238 | occurs; if the system is on external power the action (if any) |
239 | specified by <varname>HandleLidSwitchExternalPower=</varname> | |
798d3a52 | 240 | occurs; otherwise the <varname>HandleLidSwitch=</varname> |
05b2a8fd ZJS |
241 | action occurs.</para> |
242 | ||
243 | <para>A different application may disable logind's handling of system power and | |
244 | sleep keys and the lid switch by taking a low-level inhibitor lock | |
3daffa82 MB |
245 | (<literal>handle-power-key</literal>, <literal>handle-suspend-key</literal>, |
246 | <literal>handle-hibernate-key</literal>, <literal>handle-lid-switch</literal>). | |
247 | This is most commonly used by graphical desktop environments | |
05b2a8fd ZJS |
248 | to take over suspend and hibernation handling, and to use their own configuration |
249 | mechanisms. If a low-level inhibitor lock is taken, logind will not take any | |
250 | action when that key or switch is triggered and the <varname>Handle*=</varname> | |
251 | settings are irrelevant.</para></listitem> | |
798d3a52 ZJS |
252 | </varlistentry> |
253 | ||
254 | <varlistentry> | |
255 | <term><varname>PowerKeyIgnoreInhibited=</varname></term> | |
256 | <term><varname>SuspendKeyIgnoreInhibited=</varname></term> | |
257 | <term><varname>HibernateKeyIgnoreInhibited=</varname></term> | |
258 | <term><varname>LidSwitchIgnoreInhibited=</varname></term> | |
259 | ||
05b2a8fd ZJS |
260 | <listitem><para>Controls whether actions that <command>systemd-logind</command> |
261 | takes when the power and sleep keys and the lid switch are triggered are subject | |
262 | to high-level inhibitor locks ("shutdown", "sleep", "idle"). Low level inhibitor | |
3daffa82 MB |
263 | locks (<literal>handle-power-key</literal>, <literal>handle-suspend-key</literal>, |
264 | <literal>handle-hibernate-key</literal>, <literal>handle-lid-switch</literal>), | |
265 | are always honored, irrespective of this setting.</para> | |
05b2a8fd ZJS |
266 | |
267 | <para>These settings take boolean arguments. If <literal>no</literal>, the | |
268 | inhibitor locks taken by applications are respected. If <literal>yes</literal>, | |
269 | "shutdown", "sleep", and "idle" inhibitor locks are ignored. | |
798d3a52 | 270 | <varname>PowerKeyIgnoreInhibited=</varname>, |
05b2a8fd ZJS |
271 | <varname>SuspendKeyIgnoreInhibited=</varname>, and |
272 | <varname>HibernateKeyIgnoreInhibited=</varname> default to <literal>no</literal>. | |
273 | <varname>LidSwitchIgnoreInhibited=</varname> defaults to <literal>yes</literal>. | |
274 | This means that when <command>systemd-logind</command> is handling events by | |
275 | itself (no low level inhibitor locks are taken by another application), the lid | |
276 | switch does not respect suspend blockers by default, but the power and sleep keys | |
277 | do.</para></listitem> | |
798d3a52 ZJS |
278 | </varlistentry> |
279 | ||
9d10cbee DH |
280 | <varlistentry> |
281 | <term><varname>HoldoffTimeoutSec=</varname></term> | |
282 | ||
283 | <listitem><para>Specifies the timeout after system startup or | |
284 | system resume in which systemd will hold off on reacting to | |
a8eaaee7 JE |
285 | lid events. This is required for the system to properly |
286 | detect any hotplugged devices so systemd can ignore lid events | |
9d10cbee DH |
287 | if external monitors, or docks, are connected. If set to 0, |
288 | systemd will always react immediately, possibly before the | |
289 | kernel fully probed all hotplugged devices. This is safe, as | |
290 | long as you do not care for systemd to account for devices | |
291 | that have been plugged or unplugged while the system was off. | |
292 | Defaults to 30s.</para></listitem> | |
293 | </varlistentry> | |
294 | ||
798d3a52 ZJS |
295 | <varlistentry> |
296 | <term><varname>RuntimeDirectorySize=</varname></term> | |
297 | ||
298 | <listitem><para>Sets the size limit on the | |
299 | <varname>$XDG_RUNTIME_DIR</varname> runtime directory for each | |
300 | user who logs in. Takes a size in bytes, optionally suffixed | |
301 | with the usual K, G, M, and T suffixes, to the base 1024 | |
302 | (IEC). Alternatively, a numerical percentage suffixed by | |
303 | <literal>%</literal> may be specified, which sets the size | |
304 | limit relative to the amount of physical RAM. Defaults to 10%. | |
305 | Note that this size is a safety limit only. As each runtime | |
306 | directory is a tmpfs file system, it will only consume as much | |
90558f31 LP |
307 | memory as is needed.</para></listitem> |
308 | </varlistentry> | |
309 | ||
c5a11ae2 LP |
310 | <varlistentry> |
311 | <term><varname>InhibitorsMax=</varname></term> | |
312 | ||
313 | <listitem><para>Controls the maximum number of concurrent inhibitors to permit. Defaults to 8192 | |
314 | (8K).</para></listitem> | |
315 | </varlistentry> | |
316 | ||
183e0738 LP |
317 | <varlistentry> |
318 | <term><varname>SessionsMax=</varname></term> | |
319 | ||
320 | <listitem><para>Controls the maximum number of concurrent user sessions to manage. Defaults to 8192 | |
321 | (8K). Depending on how the <filename>pam_systemd.so</filename> module is included in the PAM stack | |
322 | configuration, further login sessions will either be refused, or permitted but not tracked by | |
323 | <filename>systemd-logind</filename>.</para></listitem> | |
324 | </varlistentry> | |
325 | ||
798d3a52 ZJS |
326 | <varlistentry> |
327 | <term><varname>RemoveIPC=</varname></term> | |
328 | ||
f59d94bc LP |
329 | <listitem><para>Controls whether System V and POSIX IPC objects belonging to the user shall be removed when the |
330 | user fully logs out. Takes a boolean argument. If enabled, the user may not consume IPC resources after the | |
331 | last of the user's sessions terminated. This covers System V semaphores, shared memory and message queues, as | |
332 | well as POSIX shared memory and message queues. Note that IPC objects of the root user and other system users | |
333 | are excluded from the effect of this setting. Defaults to <literal>yes</literal>.</para></listitem> | |
798d3a52 ZJS |
334 | </varlistentry> |
335 | ||
336 | </variablelist> | |
337 | </refsect1> | |
338 | ||
339 | <refsect1> | |
340 | <title>See Also</title> | |
341 | <para> | |
342 | <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
343 | <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, | |
344 | <citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
345 | <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
346 | </para> | |
347 | </refsect1> | |
8fa365e5 LP |
348 | |
349 | </refentry> |