X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=man%2Fpam_systemd.xml;h=915e0b60149a150da4ab92c01b630c7563421e7d;hp=e790dd3c3dace612627b5ee8cc3af1d96c9fe167;hb=80758717a6359cbe6048f43a17c2b53a3ca8c2fa;hpb=160cd5c9aa2301892e13950015de7968c764340d
diff --git a/man/pam_systemd.xml b/man/pam_systemd.xml
index e790dd3c3..915e0b601 100644
--- a/man/pam_systemd.xml
+++ b/man/pam_systemd.xml
@@ -63,19 +63,19 @@
On login, this module ensures the following:
- If it does not exist yet the
+ If it does not exist yet, the
user runtime directory
/var/run/user/$USER is
created and its ownership changed to the user
that is logging in.If
- is set the
+ is set, the
$XDG_SESSION_ID environment
variable is initialized. If auditing is
available and
pam_loginuid.so run before
- this module (which es recommended), the
+ this module (which is highly recommended), the
variable is initialized from the auditing
session id
(/proc/self/sessionid). Otherwise
@@ -83,16 +83,16 @@
used.If
- is set a new
+ is set, a new
control group
/user/$USER/$XDG_SESSION_ID
is created and the login process moved into
it.If
- is set a new
+ is set, a new
control group
- /user/$USER/no-session
+ /user/$USER/user
is created and the login process moved into
it.
@@ -107,7 +107,7 @@
remaining processes in the
/user/$USER/$XDG_SESSION_ID
control group are killed and the control group
- removed.
+ is removed.
If
$XDG_SESSION_ID is set and
@@ -115,18 +115,18 @@
remaining processes in the
/user/$USER/$XDG_SESSION_ID
control group are migrated to
- /user/$USER/no-session and
- the original control group
+ /user/$USER/user and
+ the original control group is
removed.If
is specified, and
- no other user session control group remains
+ no other user session control group remains,
except
- /user/$USER/no-session
+ /user/$USER/user,
all remaining processes in the
/user/$USER hierarchy
- are killed and the control group removed.
+ are killed and the control group is removed.
If
is specified, and
@@ -143,7 +143,7 @@
If the system was not booted up with systemd as
- init system this module does nothing and immediately
+ init system, this module does nothing and immediately
returns PAM_SUCCESS.
@@ -165,11 +165,11 @@
login process moved to the
/user/$USER/$XDG_SESSION_ID
control group. It is recommended that
- all services that are directly created
+ all services which are directly created
on the user's behalf set this
option. Only for services that shall
automatically be terminated when the
- user logs out completely otherwise,
+ user logs out completely, otherwise
create-session=0
should be set.
@@ -196,10 +196,83 @@
completely. This is a weaker version
of and is
more friendly for users logged in more
- than once as their processes are
+ than once, as their processes are
terminated only on their complete
logout.
+
+
+
+
+ Takes a comma
+ separated list of user names or
+ numeric user ids as argument. If this
+ option is used the effect of the
+ and
+ options
+ will apply only to the listed
+ users. If this option is not used the
+ option applies to all local
+ users. Note that
+
+ takes precedence over this list and is
+ hence subtracted from the list
+ specified here.
+
+
+
+
+
+ Takes a comma
+ separated list of user names or
+ numeric user ids as argument. Users
+ listed in this argument will not be
+ subject to the effect of
+ or
+ . Note
+ that that this option takes precedence
+ over
+ , and
+ hence whatever is listed for
+
+ is guaranteed to never be killed by
+ this PAM module, independent of any
+ other configuration
+ setting.
+
+
+
+
+
+ Takes a comma
+ separated list of cgroup controllers
+ in which hierarchies a user/session
+ cgroup will be created by default for
+ each user logging in, in addition to
+ the cgroup in the named 'name=systemd'
+ hierarchy. If ommited, defaults to an
+ empty list. This may be used to move
+ user sessions into their own groups in
+ the 'cpu' hierarchy which ensures that
+ every logged in user gets an equal
+ amount of CPU time regardless how many
+ processes he has
+ started.
+
+
+
+
+
+ Takes a comma
+ separated list of cgroup controllers
+ in which hierarchies the logged in
+ processes will be reset to the root
+ cgroup. If ommited, defaults to 'cpu',
+ meaning that a 'cpu' cgroup grouping
+ inherited from the login manager will
+ be reset for the processes of the
+ logged in user.
+ Note that setting kill-user=1
@@ -207,6 +280,14 @@
tools like
screen1.
+ If the options are omitted they default to
+ ,
+ ,
+ ,
+ ,
+ ,
+ ,
+ .
@@ -218,6 +299,8 @@
Environment
+ The following environment variables are set for the processes of the user's session:
+
$XDG_SESSION_ID
@@ -279,7 +362,7 @@ account required pam_unix.so
password required pam_unix.so
session required pam_unix.so
session required pam_loginuid.so
-session required pam_systemd.so create-session=1 kill-user=1
+session required pam_systemd.so kill-user=1