<title>Description</title>
<para><command>pam_systemd</command> registers user
- sessions in the systemd login manager
+ sessions with the systemd login manager
<citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
and hence the systemd control group hierarchy.</para>
<varname>$XDG_SESSION_ID</varname> environment
variable is initialized. If auditing is
available and
- <command>pam_loginuid.so</command> run before
+ <command>pam_loginuid.so</command> was run before
this module (which is highly recommended), the
variable is initialized from the auditing
session id
- (<filename>/proc/self/sessionid</filename>). Otherwise
+ (<filename>/proc/self/sessionid</filename>). Otherwise,
an independent session counter is
used.</para></listitem>
<listitem><para>A new systemd scope unit is
created for the session. If this is the first
- concurrent session of the user an implicit
+ concurrent session of the user, an implicit
slice below <filename>user.slice</filename> is
- automatically created and the scope placed in
- it. In instance of the system service
- <filename>user@.service</filename> which runt
- the systemd user manager
- instance.</para></listitem>
+ automatically created and the scope placed into
+ it. An instance of the system service
+ <filename>user@.service</filename>, which runs
+ the systemd user manager instance, is started.
+ </para></listitem>
</orderedlist>
<para>On logout, this module ensures the following:</para>
<orderedlist>
- <listitem><para>If this is enabled all
+ <listitem><para>If enabled in
+ <citerefentry><refentrytitle>logind.conf</refentrytitle>
+ <manvolnum>5</manvolnum></citerefentry>, all
processes of the session are terminated. If
- the last concurrent session of a user ends his
- user systemd instance will be terminated too,
- and so will the user's slice
+ the last concurrent session of a user ends,
+ the user's systemd instance will be
+ terminated too, and so will the user's slice
unit.</para></listitem>
- <listitem><para>If the las concurrent session
- of a user ends the
+ <listitem><para>If the last concurrent session
+ of a user ends, the
<varname>$XDG_RUNTIME_DIR</varname> directory
and all its contents are removed,
too.</para></listitem>
<listitem><para>Takes a string
argument which sets the session class.
The XDG_SESSION_CLASS environmental variable
- takes precedence.</para></listitem>
+ takes precedence. One of
+ <literal>user</literal>,
+ <literal>greeter</literal>,
+ <literal>lock-screen</literal> or
+ <literal>background</literal>. See
+ <citerefentry><refentrytitle>sd_session_get_class</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+ for details about the session class.</para></listitem>
</varlistentry>
<varlistentry>
- <term><option>debug=</option></term>
+ <term><option>type=</option></term>
- <listitem><para>Takes a boolean
- argument. If yes, the module will log
+ <listitem><para>Takes a string
+ argument which sets the session type.
+ The XDG_SESSION_TYPE environmental
+ variable takes precedence. One of
+ <literal>unspecified</literal>,
+ <literal>tty</literal>,
+ <literal>x11</literal>,
+ <literal>wayland</literal> or
+ <literal>mir</literal>. See
+ <citerefentry><refentrytitle>sd_session_get_type</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+ for details about the session type.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>debug<optional>=</optional></option></term>
+
+ <listitem><para>Takes an optional
+ boolean argument. If yes or without
+ the argument, the module will log
debugging information as it
operates.</para></listitem>
</varlistentry>
to the user login time on the
machine. It is automatically created
the first time a user logs in and
- removed on his final logout. If a user
- logs in twice at the same time, both
- sessions will see the same
+ removed on the user's final logout. If
+ a user logs in twice at the same time,
+ both sessions will see the same
<varname>$XDG_RUNTIME_DIR</varname>
and the same contents. If a user logs
in once, then logs out again, and logs
applications should not rely on this
behavior and must be able to deal with
stale files. To store session-private
- data in this directory, the user should
- include the value of <varname>$XDG_SESSION_ID</varname>
- in the filename. This directory shall
- be used for runtime file system
- objects such as <constant>AF_UNIX</constant> sockets,
- FIFOs, PID files and similar. It is
- guaranteed that this directory is
- local and offers the greatest possible
- file system feature set the
- operating system
- provides.</para></listitem>
+ data in this directory, the user
+ should include the value of
+ <varname>$XDG_SESSION_ID</varname> in
+ the filename. This directory shall be
+ used for runtime file system objects
+ such as <constant>AF_UNIX</constant>
+ sockets, FIFOs, PID files and
+ similar. It is guaranteed that this
+ directory is local and offers the
+ greatest possible file system feature
+ set the operating system provides. For
+ further details see the <ulink
+ url="http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html">XDG
+ Base Directory
+ Specification</ulink>.</para></listitem>
</varlistentry>
+
+ </variablelist>
+
+ <para>The following environment variables are read by
+ the module and may be used by the PAM service to pass
+ metadata to the module:</para>
+
+ <variablelist class='environment-variables'>
+ <varlistentry>
+ <term><varname>$XDG_SESSION_TYPE</varname></term>
+
+ <listitem><para>The session type. This
+ may be used instead of
+ <option>session=</option> on the
+ module parameter line, and is usually
+ preferred.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>$XDG_SESSION_CLASS</varname></term>
+
+ <listitem><para>The session class. This
+ may be used instead of
+ <option>class=</option> on the
+ module parameter line, and is usually
+ preferred.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>$XDG_SESSION_DESKTOP</varname></term>
+
+ <listitem><para>A single, short
+ identifier string for the desktop
+ environment. This may be used to
+ indicate the session desktop used,
+ where this applies and if this
+ information is available. For example:
+ <literal>GNOME</literal>, or
+ <literal>KDE</literal>. It is
+ recommended to use the same
+ identifiers and capitalization as for
+ <varname>$XDG_CURRENT_DESKTOP</varname>,
+ as defined by the <ulink
+ url="http://standards.freedesktop.org/desktop-entry-spec/latest/">Desktop
+ Entry Specification</ulink>. (However,
+ note that
+ <varname>$XDG_SESSION_DESKTOP</varname>
+ only takes a single item, and not a
+ colon-separated list like
+ <varname>$XDG_CURRENT_DESKTOP</varname>.)
+ See
+ <citerefentry><refentrytitle>sd_session_get_desktop</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+ for more details.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>$XDG_SEAT</varname></term>
+
+ <listitem><para>The seat name the session
+ shall be registered for, if
+ any.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>$XDG_VTNR</varname></term>
+
+ <listitem><para>The VT number the
+ session shall be registered for, if
+ any. (Only applies to seats with a VT
+ available, such as
+ <literal>seat0</literal>)</para></listitem>
+ </varlistentry>
+
</variablelist>
</refsect1>
<citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>logind.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>pam_loginuid</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry project='man-pages'><refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry project='man-pages'><refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry project='man-pages'><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry project='man-pages'><refentrytitle>pam_loginuid</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>