X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=man%2Fpam_systemd.xml;h=d3edc32d2ddb0742af38965bcc134925b48e4f4a;hb=c573f8f873505770987c9f01595532e74197cbb6;hp=883b50b640a859470e6626428a0fdb618d9d4f68;hpb=c36eecdfcb4afa09850002fbb81a95a24ffde599;p=elogind.git
diff --git a/man/pam_systemd.xml b/man/pam_systemd.xml
index 883b50b64..d3edc32d2 100644
--- a/man/pam_systemd.xml
+++ b/man/pam_systemd.xml
@@ -8,20 +8,20 @@
Copyright 2010 Lennart Poettering
systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
+ Lesser General Public License for more details.
- You should have received a copy of the GNU General Public License
+ You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see .
-->
-
+pam_systemd
@@ -44,21 +44,20 @@
pam_systemd
- Register user sessions in the systemd control group hierarchy
+ Register user sessions in the systemd login manager
-
- pam_systemd.so
-
+ pam_systemd.soDescriptionpam_systemd registers user
- sessions in the systemd control group
- hierarchy.
+ sessions with the systemd login manager
+ systemd-logind.service8,
+ and hence the systemd control group hierarchy.
On login, this module ensures the following:
@@ -81,29 +80,32 @@
an independent session counter is
used.
- A new control group
- /user/$USER/$XDG_SESSION_ID
- is created and the login process moved into
- it.
+ A new systemd scope unit is
+ created for the session. If this is the first
+ concurrent session of the user, an implicit
+ slice below user.slice is
+ automatically created and the scope placed in
+ it. In instance of the system service
+ user@.service which runs
+ the systemd user manager
+ instance.On logout, this module ensures the following:
- If
- $XDG_SESSION_ID is set and
- specified, all
- remaining processes in the
- /user/$USER/$XDG_SESSION_ID
- control group are killed and the control group
- is removed.
-
- If last subgroup of the
- /user/$USER control group
- was removed the
+ If this is enabled, all
+ processes of the session are terminated. If
+ the last concurrent session of a user ends, his
+ user systemd instance will be terminated too,
+ and so will the user's slice
+ unit.
+
+ If the last concurrent session
+ of a user ends, the
$XDG_RUNTIME_DIR directory
- and all its contents are
- removed, too.
+ and all its contents are removed,
+ too.If the system was not booted up with systemd as
@@ -117,113 +119,27 @@
The following options are understood:
-
-
-
-
- Takes a boolean
- argument. If true, all processes
- created by the user during his session
- and from his session will be
- terminated when he logs out from his
- session.
-
+
-
-
- Takes a comma
- separated list of user names or
- numeric user ids as argument. If this
- option is used the effect of the
- options
- will apply only to the listed
- users. If this option is not used the
- option applies to all local
- users. Note that
-
- takes precedence over this list and is
- hence subtracted from the list
- specified here.
-
+
-
-
-
- Takes a comma
- separated list of user names or
- numeric user ids as argument. Users
- listed in this argument will not be
- subject to the effect of
- . Note
- that that this option takes precedence
- over
- , and
- hence whatever is listed for
-
- is guaranteed to never be killed by
- this PAM module, independent of any
- other configuration
- setting.
+ Takes a string
+ argument which sets the session class.
+ The XDG_SESSION_CLASS environmental variable
+ takes precedence.
-
-
- Takes a comma
- separated list of control group
- controllers in which hierarchies a
- user/session control group will be
- created by default for each user
- logging in, in addition to the control
- group in the named 'name=systemd'
- hierarchy. If omitted, defaults to an
- empty list.
-
+
-
-
-
- Takes a comma
- separated list of control group
- controllers in which hierarchies the
- logged in processes will be reset to
- the root control
- group.
-
-
-
-
-
- Takes a boolean
- argument. If yes, the module will log
+ Takes an optional
+ boolean argument. If yes or without
+ the argument, the module will log
debugging information as it
operates.
-
- Note that setting
- kill-session-processes=1 will break tools
- like
- screen1.
-
- Note that
- kill-session-processes=1 is a
- stricter version of
- KillUserProcesses=1 which may be
- configured system-wide in
- systemd-logind.conf5. The
- former kills processes of a session as soon as it
- ends, the latter kills processes as soon as the last
- session of the user ends.
-
- If the options are omitted they default to
- ,
- ,
- ,
- ,
- ,
- .
@@ -237,12 +153,12 @@
The following environment variables are set for the processes of the user's session:
-
+ $XDG_SESSION_IDA session identifier,
- suitable to be used in file names. The
+ suitable to be used in filenames. The
string itself should be considered
opaque, although often it is just the
audit session ID as reported by
@@ -271,13 +187,13 @@
in again, the directory contents will
have been lost in between, but
applications should not rely on this
- behaviour and must be able to deal with
+ behavior and must be able to deal with
stale files. To store session-private
- data in this directory the user should
+ data in this directory, the user should
include the value of $XDG_SESSION_ID
in the filename. This directory shall
be used for runtime file system
- objects such as AF_UNIX sockets,
+ objects such as AF_UNIX sockets,
FIFOs, PID files and similar. It is
guaranteed that this directory is
local and offers the greatest possible
@@ -298,18 +214,23 @@ account required pam_unix.so
password required pam_unix.so
session required pam_unix.so
session required pam_loginuid.so
-session required pam_systemd.so kill-session-processes=1
+session required pam_systemd.so
See Also
+ systemd1,
+ systemd-logind.service8,
+ logind.conf5,
+ loginctl1,
pam.conf5,
pam.d5,
pam8,
pam_loginuid8,
- systemd-logind.conf5,
- systemd1
+ systemd.scope5,
+ systemd.slice5,
+ systemd.service5