]>
Commit | Line | Data |
---|---|---|
1 | <?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*--> | |
2 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" | |
3 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> | |
4 | ||
5 | <!-- | |
6 | SPDX-License-Identifier: LGPL-2.1+ | |
7 | ||
8 | This file is part of systemd. | |
9 | ||
10 | Copyright 2010 Lennart Poettering | |
11 | ||
12 | systemd is free software; you can redistribute it and/or modify it | |
13 | under the terms of the GNU Lesser General Public License as published by | |
14 | the Free Software Foundation; either version 2.1 of the License, or | |
15 | (at your option) any later version. | |
16 | ||
17 | systemd is distributed in the hope that it will be useful, but | |
18 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
19 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
20 | Lesser General Public License for more details. | |
21 | ||
22 | You should have received a copy of the GNU Lesser General Public License | |
23 | along with systemd; If not, see <http://www.gnu.org/licenses/>. | |
24 | --> | |
25 | ||
26 | <refentry id="logind.conf" conditional='ENABLE_LOGIND' | |
27 | xmlns:xi="http://www.w3.org/2001/XInclude"> | |
28 | <refentryinfo> | |
29 | <title>logind.conf</title> | |
30 | <productname>systemd</productname> | |
31 | ||
32 | <authorgroup> | |
33 | <author> | |
34 | <contrib>Developer</contrib> | |
35 | <firstname>Lennart</firstname> | |
36 | <surname>Poettering</surname> | |
37 | <email>lennart@poettering.net</email> | |
38 | </author> | |
39 | </authorgroup> | |
40 | </refentryinfo> | |
41 | ||
42 | <refmeta> | |
43 | <refentrytitle>logind.conf</refentrytitle> | |
44 | <manvolnum>5</manvolnum> | |
45 | </refmeta> | |
46 | ||
47 | <refnamediv> | |
48 | <refname>logind.conf</refname> | |
49 | <refname>logind.conf.d</refname> | |
50 | <refpurpose>Login manager configuration files</refpurpose> | |
51 | </refnamediv> | |
52 | ||
53 | <refsynopsisdiv> | |
54 | <para><filename>/etc/systemd/logind.conf</filename></para> | |
55 | <para><filename>/etc/systemd/logind.conf.d/*.conf</filename></para> | |
56 | <para><filename>/run/systemd/logind.conf.d/*.conf</filename></para> | |
57 | <para><filename>/usr/lib/systemd/logind.conf.d/*.conf</filename></para> | |
58 | </refsynopsisdiv> | |
59 | ||
60 | <refsect1> | |
61 | <title>Description</title> | |
62 | ||
63 | <para>These files configure various parameters of the systemd | |
64 | login manager, | |
65 | <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. | |
66 | </para> | |
67 | </refsect1> | |
68 | ||
69 | <xi:include href="standard-conf.xml" xpointer="main-conf" /> | |
70 | ||
71 | <refsect1> | |
72 | <title>Options</title> | |
73 | ||
74 | <para>All options are configured in the | |
75 | <literal>[Login]</literal> section:</para> | |
76 | ||
77 | <variablelist> | |
78 | ||
79 | <varlistentry> | |
80 | <term><varname>NAutoVTs=</varname></term> | |
81 | ||
82 | <listitem><para>Takes a positive integer. Configures how many | |
83 | virtual terminals (VTs) to allocate by default that, when | |
84 | switched to and are previously unused, | |
85 | <literal>autovt</literal> services are automatically spawned | |
86 | on. These services are instantiated from the template unit | |
87 | <filename>autovt@.service</filename> for the respective VT TTY | |
88 | name, for example, <filename>autovt@tty4.service</filename>. | |
89 | By default, <filename>autovt@.service</filename> is linked to | |
90 | <filename>getty@.service</filename>. In other words, login | |
91 | prompts are started dynamically as the user switches to unused | |
92 | virtual terminals. Hence, this parameter controls how many | |
93 | login <literal>gettys</literal> are available on the VTs. If a | |
94 | VT is already used by some other subsystem (for example, a | |
95 | graphical login), this kind of activation will not be | |
96 | attempted. Note that the VT configured in | |
97 | <varname>ReserveVT=</varname> is always subject to this kind | |
98 | of activation, even if it is not one of the VTs configured | |
99 | with the <varname>NAutoVTs=</varname> directive. Defaults to | |
100 | 6. When set to 0, automatic spawning of | |
101 | <literal>autovt</literal> services is | |
102 | disabled.</para></listitem> | |
103 | </varlistentry> | |
104 | ||
105 | <varlistentry> | |
106 | <term><varname>ReserveVT=</varname></term> | |
107 | ||
108 | <listitem><para>Takes a positive integer. Identifies one | |
109 | virtual terminal that shall unconditionally be reserved for | |
110 | <filename>autovt@.service</filename> activation (see above). | |
111 | The VT selected with this option will be marked busy | |
112 | unconditionally, so that no other subsystem will allocate it. | |
113 | This functionality is useful to ensure that, regardless of how | |
114 | many VTs are allocated by other subsystems, one login | |
115 | <literal>getty</literal> is always available. Defaults to 6 | |
116 | (in other words, there will always be a | |
117 | <literal>getty</literal> available on Alt-F6.). When set to 0, | |
118 | VT reservation is disabled.</para></listitem> | |
119 | </varlistentry> | |
120 | ||
121 | <varlistentry> | |
122 | <term><varname>KillUserProcesses=</varname></term> | |
123 | ||
124 | <listitem><para>Takes a boolean argument. Configures whether the processes of a | |
125 | user should be killed when the user logs out. If true, the scope unit | |
126 | corresponding to the session and all processes inside that scope will be | |
127 | terminated. If false, the scope is "abandoned", see | |
128 | <citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
129 | and processes are not killed. Defaults to <literal>yes</literal>, | |
130 | but see the options <varname>KillOnlyUsers=</varname> and | |
131 | <varname>KillExcludeUsers=</varname> below.</para> | |
132 | ||
133 | <para>In addition to session processes, user process may run under the user | |
134 | manager unit <filename>user@.service</filename>. Depending on the linger | |
135 | settings, this may allow users to run processes independent of their login | |
136 | sessions. See the description of <command>enable-linger</command> in | |
137 | <citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>. | |
138 | </para> | |
139 | ||
140 | <para>Note that setting <varname>KillUserProcesses=yes</varname> | |
141 | will break tools like | |
142 | <citerefentry project='die-net'><refentrytitle>screen</refentrytitle><manvolnum>1</manvolnum></citerefentry> | |
143 | and | |
144 | <citerefentry project='die-net'><refentrytitle>tmux</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
145 | unless they are moved out of the session scope. See example in | |
146 | <citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>. | |
147 | </para></listitem> | |
148 | </varlistentry> | |
149 | ||
150 | <varlistentry> | |
151 | <term><varname>KillOnlyUsers=</varname></term> | |
152 | <term><varname>KillExcludeUsers=</varname></term> | |
153 | ||
154 | <listitem><para>These settings take space-separated lists of usernames that override | |
155 | the <varname>KillUserProcesses=</varname> setting. A user name may be added to | |
156 | <varname>KillExcludeUsers=</varname> to exclude the processes in the session scopes of | |
157 | that user from being killed even if <varname>KillUserProcesses=yes</varname> is set. If | |
158 | <varname>KillExcludeUsers=</varname> is not set, the <literal>root</literal> user is | |
159 | excluded by default. <varname>KillExcludeUsers=</varname> may be set to an empty value | |
160 | to override this default. If a user is not excluded, <varname>KillOnlyUsers=</varname> | |
161 | is checked next. If this setting is specified, only the session scopes of those users | |
162 | will be killed. Otherwise, users are subject to the | |
163 | <varname>KillUserProcesses=yes</varname> setting.</para></listitem> | |
164 | </varlistentry> | |
165 | ||
166 | <varlistentry> | |
167 | <term><varname>IdleAction=</varname></term> | |
168 | ||
169 | <listitem><para>Configures the action to take when the system | |
170 | is idle. Takes one of | |
171 | <literal>ignore</literal>, | |
172 | <literal>poweroff</literal>, | |
173 | <literal>reboot</literal>, | |
174 | <literal>halt</literal>, | |
175 | <literal>kexec</literal>, | |
176 | <literal>suspend</literal>, | |
177 | <literal>hibernate</literal>, | |
178 | <literal>hybrid-sleep</literal>, and | |
179 | <literal>lock</literal>. | |
180 | Defaults to <literal>ignore</literal>.</para> | |
181 | ||
182 | <para>Note that this requires that user sessions correctly | |
183 | report the idle status to the system. The system will execute | |
184 | the action after all sessions report that they are idle, no | |
185 | idle inhibitor lock is active, and subsequently, the time | |
186 | configured with <varname>IdleActionSec=</varname> (see below) | |
187 | has expired.</para> | |
188 | </listitem> | |
189 | </varlistentry> | |
190 | ||
191 | <varlistentry> | |
192 | <term><varname>IdleActionSec=</varname></term> | |
193 | ||
194 | <listitem><para>Configures the delay after which the action | |
195 | configured in <varname>IdleAction=</varname> (see above) is | |
196 | taken after the system is idle.</para></listitem> | |
197 | </varlistentry> | |
198 | ||
199 | <varlistentry> | |
200 | <term><varname>InhibitDelayMaxSec=</varname></term> | |
201 | ||
202 | <listitem><para>Specifies the maximum time a system shutdown | |
203 | or sleep request is delayed due to an inhibitor lock of type | |
204 | <literal>delay</literal> being active before the inhibitor is | |
205 | ignored and the operation executes anyway. Defaults to | |
206 | 5.</para></listitem> | |
207 | </varlistentry> | |
208 | ||
209 | <varlistentry> | |
210 | <term><varname>HandlePowerKey=</varname></term> | |
211 | <term><varname>HandleSuspendKey=</varname></term> | |
212 | <term><varname>HandleHibernateKey=</varname></term> | |
213 | <term><varname>HandleLidSwitch=</varname></term> | |
214 | <term><varname>HandleLidSwitchExternalPower=</varname></term> | |
215 | <term><varname>HandleLidSwitchDocked=</varname></term> | |
216 | ||
217 | <listitem><para>Controls how logind shall handle the | |
218 | system power and sleep keys and the lid switch to trigger | |
219 | actions such as system power-off or suspend. Can be one of | |
220 | <literal>ignore</literal>, | |
221 | <literal>poweroff</literal>, | |
222 | <literal>reboot</literal>, | |
223 | <literal>halt</literal>, | |
224 | <literal>kexec</literal>, | |
225 | <literal>suspend</literal>, | |
226 | <literal>hibernate</literal>, | |
227 | <literal>hybrid-sleep</literal>, and | |
228 | <literal>lock</literal>. | |
229 | If <literal>ignore</literal>, logind will never handle these | |
230 | keys. If <literal>lock</literal>, all running sessions will be | |
231 | screen-locked; otherwise, the specified action will be taken | |
232 | in the respective event. Only input devices with the | |
233 | <literal>power-switch</literal> udev tag will be watched for | |
234 | key/lid switch events. <varname>HandlePowerKey=</varname> | |
235 | defaults to <literal>poweroff</literal>. | |
236 | <varname>HandleSuspendKey=</varname> and | |
237 | <varname>HandleLidSwitch=</varname> default to | |
238 | <literal>suspend</literal>. | |
239 | <varname>HandleLidSwitchExternalPower=</varname> is completely | |
240 | ignored by default (for backwards compatibility) — an explicit | |
241 | value must be set before it will be used to determine | |
242 | behaviour. <varname>HandleLidSwitchDocked=</varname> defaults | |
243 | to <literal>ignore</literal>. | |
244 | <varname>HandleHibernateKey=</varname> defaults to | |
245 | <literal>hibernate</literal>. If the system is inserted in a | |
246 | docking station, or if more than one display is connected, the | |
247 | action specified by <varname>HandleLidSwitchDocked=</varname> | |
248 | occurs; if the system is on external power the action (if any) | |
249 | specified by <varname>HandleLidSwitchExternalPower=</varname> | |
250 | occurs; otherwise the <varname>HandleLidSwitch=</varname> | |
251 | action occurs.</para> | |
252 | ||
253 | <para>A different application may disable logind's handling of system power and | |
254 | sleep keys and the lid switch by taking a low-level inhibitor lock | |
255 | (<literal>handle-power-key</literal>, <literal>handle-suspend-key</literal>, | |
256 | <literal>handle-hibernate-key</literal>, <literal>handle-lid-switch</literal>). | |
257 | This is most commonly used by graphical desktop environments | |
258 | to take over suspend and hibernation handling, and to use their own configuration | |
259 | mechanisms. If a low-level inhibitor lock is taken, logind will not take any | |
260 | action when that key or switch is triggered and the <varname>Handle*=</varname> | |
261 | settings are irrelevant.</para></listitem> | |
262 | </varlistentry> | |
263 | ||
264 | <varlistentry> | |
265 | <term><varname>PowerKeyIgnoreInhibited=</varname></term> | |
266 | <term><varname>SuspendKeyIgnoreInhibited=</varname></term> | |
267 | <term><varname>HibernateKeyIgnoreInhibited=</varname></term> | |
268 | <term><varname>LidSwitchIgnoreInhibited=</varname></term> | |
269 | ||
270 | <listitem><para>Controls whether actions that <command>systemd-logind</command> | |
271 | takes when the power and sleep keys and the lid switch are triggered are subject | |
272 | to high-level inhibitor locks ("shutdown", "sleep", "idle"). Low level inhibitor | |
273 | locks (<literal>handle-power-key</literal>, <literal>handle-suspend-key</literal>, | |
274 | <literal>handle-hibernate-key</literal>, <literal>handle-lid-switch</literal>), | |
275 | are always honored, irrespective of this setting.</para> | |
276 | ||
277 | <para>These settings take boolean arguments. If <literal>no</literal>, the | |
278 | inhibitor locks taken by applications are respected. If <literal>yes</literal>, | |
279 | "shutdown", "sleep", and "idle" inhibitor locks are ignored. | |
280 | <varname>PowerKeyIgnoreInhibited=</varname>, | |
281 | <varname>SuspendKeyIgnoreInhibited=</varname>, and | |
282 | <varname>HibernateKeyIgnoreInhibited=</varname> default to <literal>no</literal>. | |
283 | <varname>LidSwitchIgnoreInhibited=</varname> defaults to <literal>yes</literal>. | |
284 | This means that when <command>systemd-logind</command> is handling events by | |
285 | itself (no low level inhibitor locks are taken by another application), the lid | |
286 | switch does not respect suspend blockers by default, but the power and sleep keys | |
287 | do.</para></listitem> | |
288 | </varlistentry> | |
289 | ||
290 | <varlistentry> | |
291 | <term><varname>HoldoffTimeoutSec=</varname></term> | |
292 | ||
293 | <listitem><para>Specifies the timeout after system startup or | |
294 | system resume in which systemd will hold off on reacting to | |
295 | lid events. This is required for the system to properly | |
296 | detect any hotplugged devices so systemd can ignore lid events | |
297 | if external monitors, or docks, are connected. If set to 0, | |
298 | systemd will always react immediately, possibly before the | |
299 | kernel fully probed all hotplugged devices. This is safe, as | |
300 | long as you do not care for systemd to account for devices | |
301 | that have been plugged or unplugged while the system was off. | |
302 | Defaults to 30s.</para></listitem> | |
303 | </varlistentry> | |
304 | ||
305 | <varlistentry> | |
306 | <term><varname>RuntimeDirectorySize=</varname></term> | |
307 | ||
308 | <listitem><para>Sets the size limit on the | |
309 | <varname>$XDG_RUNTIME_DIR</varname> runtime directory for each | |
310 | user who logs in. Takes a size in bytes, optionally suffixed | |
311 | with the usual K, G, M, and T suffixes, to the base 1024 | |
312 | (IEC). Alternatively, a numerical percentage suffixed by | |
313 | <literal>%</literal> may be specified, which sets the size | |
314 | limit relative to the amount of physical RAM. Defaults to 10%. | |
315 | Note that this size is a safety limit only. As each runtime | |
316 | directory is a tmpfs file system, it will only consume as much | |
317 | memory as is needed.</para></listitem> | |
318 | </varlistentry> | |
319 | ||
320 | <varlistentry> | |
321 | <term><varname>InhibitorsMax=</varname></term> | |
322 | ||
323 | <listitem><para>Controls the maximum number of concurrent inhibitors to permit. Defaults to 8192 | |
324 | (8K).</para></listitem> | |
325 | </varlistentry> | |
326 | ||
327 | <varlistentry> | |
328 | <term><varname>SessionsMax=</varname></term> | |
329 | ||
330 | <listitem><para>Controls the maximum number of concurrent user sessions to manage. Defaults to 8192 | |
331 | (8K). Depending on how the <filename>pam_systemd.so</filename> module is included in the PAM stack | |
332 | configuration, further login sessions will either be refused, or permitted but not tracked by | |
333 | <filename>systemd-logind</filename>.</para></listitem> | |
334 | </varlistentry> | |
335 | ||
336 | <varlistentry> | |
337 | <term><varname>UserTasksMax=</varname></term> | |
338 | ||
339 | <listitem><para>Sets the maximum number of OS tasks each user may run concurrently. This controls the | |
340 | <varname>TasksMax=</varname> setting of the per-user slice unit, see | |
341 | <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
342 | for details. If assigned the special value <literal>infinity</literal>, no tasks limit is applied. | |
343 | Defaults to 33%, which equals 10813 with the kernel's defaults on the host, but might be smaller in | |
344 | OS containers.</para></listitem> | |
345 | </varlistentry> | |
346 | ||
347 | <varlistentry> | |
348 | <term><varname>RemoveIPC=</varname></term> | |
349 | ||
350 | <listitem><para>Controls whether System V and POSIX IPC objects belonging to the user shall be removed when the | |
351 | user fully logs out. Takes a boolean argument. If enabled, the user may not consume IPC resources after the | |
352 | last of the user's sessions terminated. This covers System V semaphores, shared memory and message queues, as | |
353 | well as POSIX shared memory and message queues. Note that IPC objects of the root user and other system users | |
354 | are excluded from the effect of this setting. Defaults to <literal>yes</literal>.</para></listitem> | |
355 | </varlistentry> | |
356 | ||
357 | </variablelist> | |
358 | </refsect1> | |
359 | ||
360 | <refsect1> | |
361 | <title>See Also</title> | |
362 | <para> | |
363 | <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
364 | <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, | |
365 | <citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
366 | <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
367 | </para> | |
368 | </refsect1> | |
369 | ||
370 | </refentry> |