<orderedlist>
<listitem><para>If it does not exist yet, the
user runtime directory
- <filename>/var/run/user/$USER</filename> is
+ <filename>/run/user/$USER</filename> is
created and its ownership changed to the user
that is logging in.</para></listitem>
</varlistentry>
<varlistentry>
- <term><option>keep-root=</option></term>
+ <term><option>kill-only-users=</option></term>
- <listitem><para>Takes a boolean
- argument. If true, all processes
- created by the root user (UID 0) during his
- session and from his session will be
- kept around after he logged out. This
- option allows cancelling the effect of
- <option>kill-session=1</option> and
- <option>kill-user=1</option> for the
- root user.</para></listitem>
+ <listitem><para>Takes a comma
+ separated list of user names or
+ numeric user ids as argument. If this
+ option is used the effect of the
+ <option>kill-session=</option> and
+ <option>kill-user=</option> options
+ will apply only to the listed
+ users. If this option is not used the
+ option applies to all local
+ users. Note that
+ <option>kill-exclude-users=</option>
+ takes precedence over this list and is
+ hence subtracted from the list
+ specified here.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>kill-exclude-users=</option></term>
+
+ <listitem><para>Takes a comma
+ separated list of user names or
+ numeric user ids as argument. Users
+ listed in this argument will not be
+ subject to the effect of
+ <option>kill-session=</option> or
+ <option>kill-user=</option>. Note
+ that that this option takes precedence
+ over
+ <option>kill-only-users=</option>, and
+ hence whatever is listed for
+ <option>kill-exclude-users=</option>
+ is guaranteed to never be killed by
+ this PAM module, independent of any
+ other configuration
+ setting.</para></listitem>
</varlistentry>
<varlistentry>
cgroup will be created by default for
each user logging in, in addition to
the cgroup in the named 'name=systemd'
- hierarchy. If ommited, defaults to an
+ hierarchy. If omitted, defaults to an
empty list. This may be used to move
user sessions into their own groups in
the 'cpu' hierarchy which ensures that
separated list of cgroup controllers
in which hierarchies the logged in
processes will be reset to the root
- cgroup. If ommited, defaults to 'cpu',
+ cgroup. If omitted, defaults to 'cpu',
meaning that a 'cpu' cgroup grouping
inherited from the login manager will
be reset for the processes of the
logged in user.</para></listitem>
</varlistentry>
+
+ <varlistentry>
+ <term><option>debug=</option></term>
+
+ <listitem><para>Takes a boolean
+ argument. If true, logs debugging
+ information.</para></listitem>
+ </varlistentry>
</variablelist>
<para>Note that setting <varname>kill-user=1</varname>
<option>create-session=1</option>,
<option>kill-session=0</option>,
<option>kill-user=0</option>,
- <option>keep-root=1</option>,
- <option>reset-controllers=cpu</option>.</para>
+ <option>reset-controllers=cpu</option>,
+ <option>kill-only-users=</option>,
+ <option>kill-exclude-users=root</option>.</para>
</refsect1>
<refsect1>