chiark / gitweb /
~ianmdlvl / elogind.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
socket: introduce SELinuxLabelViaNet option
[elogind.git] / man / logind.conf.xml
diff --git a/man/logind.conf.xml b/man/logind.conf.xml
index 8ab6d729a98cb157f561ba41967d3fbf7c62a595..f037da259b1ab30ab54c1a1665d4efdff7bcfe0e 100644 (file)
--- a/man/logind.conf.xml
+++ b/man/logind.conf.xml
@@ -80,25 +80,25 @@
                                 template unit
                                 <filename>autovt@.service</filename>
                                 for the respective VT TTY name,
                                 template unit
                                 <filename>autovt@.service</filename>
                                 for the respective VT TTY name,
-                                e.g. <filename>autovt@tty4.service</filename>. By
+                                for example, <filename>autovt@tty4.service</filename>. By
                                 default,
                                 <filename>autovt@.service</filename>
                                 is linked to
                                 default,
                                 <filename>autovt@.service</filename>
                                 is linked to
-                                <filename>getty@.service</filename>,
-                                i.e. login prompts are started
+                                <filename>getty@.service</filename>.
+                                In other words, login prompts are started
                                 dynamically as the user switches to
                                 unused virtual terminals. Hence, this
                                 parameter controls how many login
                                 <literal>gettys</literal> are
                                 available on the VTs. If a VT is
                                 already used by some other subsystem
                                 dynamically as the user switches to
                                 unused virtual terminals. Hence, this
                                 parameter controls how many login
                                 <literal>gettys</literal> are
                                 available on the VTs. If a VT is
                                 already used by some other subsystem
-                                (for example a graphical login), this
+                                (for example, a graphical login), this
                                 kind of activation will not be
                                 attempted. Note that the VT configured
                                 in <varname>ReserveVT=</varname> is
                                 always subject to this kind of
                                 activation, even if it is not one of
                                 kind of activation will not be
                                 attempted. Note that the VT configured
                                 in <varname>ReserveVT=</varname> is
                                 always subject to this kind of
                                 activation, even if it is not one of
-                                VTs configured with the
+                                the VTs configured with the
                                 <varname>NAutoVTs=</varname>
                                 directive. Defaults to 6. When set to
                                 0, automatic spawning of
                                 <varname>NAutoVTs=</varname>
                                 directive. Defaults to 6. When set to
                                 0, automatic spawning of
@@ -110,7 +110,7 @@
                                 <term><varname>ReserveVT=</varname></term>
 
                                 <listitem><para>Takes a positive
                                 <term><varname>ReserveVT=</varname></term>
 
                                 <listitem><para>Takes a positive
-                                integer. Configures the number of one
+                                integer. Identifies one
                                 virtual terminal that shall
                                 unconditionally be reserved for
                                 <filename>autovt@.service</filename>
                                 virtual terminal that shall
                                 unconditionally be reserved for
                                 <filename>autovt@.service</filename>
@@ -118,7 +118,7 @@
                                 selected with this option will be
                                 marked busy unconditionally, so that no
                                 other subsystem will allocate it. This
                                 selected with this option will be
                                 marked busy unconditionally, so that no
                                 other subsystem will allocate it. This
-                                functionality is useful to ensure that
+                                functionality is useful to ensure that,
                                 regardless of how many VTs are allocated
                                 by other subsystems, one login
                                 <literal>getty</literal> is always
                                 regardless of how many VTs are allocated
                                 by other subsystems, one login
                                 <literal>getty</literal> is always
@@ -136,9 +136,36 @@
                                 <listitem><para>Takes a boolean
                                 argument. Configures whether the
                                 processes of a user should be killed
                                 <listitem><para>Takes a boolean
                                 argument. Configures whether the
                                 processes of a user should be killed
-                                when she or he completely logs out (i.e. after
-                                her/his last session ended). Defaults to
-                                <literal>no</literal>.</para></listitem>
+                                when the user completely logs out (i.e. after
+                                the user's last session ended). Defaults to
+                                <literal>no</literal>.</para>
+
+                                <para>Note that setting
+                                <varname>KillUserProcesses=1</varname>
+                                will break tools like
+                                <citerefentry><refentrytitle>screen</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para></listitem>
+                        </varlistentry>
+
+                        <varlistentry>
+                                <term><varname>KillOnlyUsers=</varname></term>
+                                <term><varname>KillExcludeUsers=</varname></term>
+
+                                <listitem><para>These settings take
+                                space-separated lists of usernames
+                                that influence the effect of
+                                <varname>KillUserProcesses=</varname>. If
+                                not empty, only processes of users
+                                listed in
+                                <varname>KillOnlyUsers=</varname> will
+                                be killed when they log out
+                                entirely. Processes of users listed in
+                                <varname>KillExcludeUsers=</varname>
+                                are excluded from being
+                                killed. <varname>KillExcludeUsers=</varname>
+                                defaults to <literal>root</literal>
+                                and takes precedence over
+                                <varname>KillOnlyUsers=</varname>,
+                                which defaults to the empty list.</para></listitem>
                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>
@@ -153,7 +180,7 @@
                                 <literal>kexec</literal>,
                                 <literal>suspend</literal>,
                                 <literal>hibernate</literal>,
                                 <literal>kexec</literal>,
                                 <literal>suspend</literal>,
                                 <literal>hibernate</literal>,
-                                <literal>hybrid-sleep</literal>,
+                                <literal>hybrid-sleep</literal>, and
                                 <literal>lock</literal>. Defaults to
                                 <literal>ignore</literal>.</para>
 
                                 <literal>lock</literal>. Defaults to
                                 <literal>ignore</literal>.</para>
 
@@ -179,64 +206,6 @@
                                 idle.</para></listitem>
                         </varlistentry>
 
                                 idle.</para></listitem>
                         </varlistentry>
 
-                        <varlistentry>
-                                <term><varname>KillOnlyUsers=</varname></term>
-                                <term><varname>KillExcludeUsers=</varname></term>
-
-                                <listitem><para>These settings take
-                                space-separated lists of usernames
-                                that influence the effect of
-                                <varname>KillUserProcesses=</varname>. If
-                                not empty, only processes of users
-                                listed in
-                                <varname>KillOnlyUsers</varname> will
-                                be killed when they log out
-                                entirely. Processes of users listed in
-                                <varname>KillExcludeUsers=</varname>
-                                are excluded from being
-                                killed. <varname>KillExcludeUsers=</varname>
-                                defaults to <literal>root</literal>
-                                and takes precedence over
-                                <varname>KillOnlyUsers=</varname>,
-                                which defaults to the empty list.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><varname>Controllers=</varname></term>
-                                <term><varname>ResetControllers=</varname></term>
-
-                                <listitem><para>These settings control
-                                the default control group hierarchies
-                                users logging in are added to, in
-                                addition to the
-                                <literal>name=systemd</literal> named
-                                hierarchy. These settings take
-                                space-separated lists of controller
-                                names. Pass the empty string to ensure
-                                that logind does not touch any
-                                hierarchies but systemd's own. When
-                                logging in, user sessions will get
-                                private control groups in all
-                                hierarchies listed in
-                                <varname>Controllers=</varname> and be
-                                reset to the root control group in all
-                                hierarchies listed in
-                                <varname>ResetControllers=</varname>.
-                                <varname>Controllers=</varname>
-                                defaults to the empty list.
-                                <varname>ResetControllers=</varname>
-                                defaults to
-                                <literal>cpu</literal>. Note that for
-                                all controllers that are not listed in
-                                either <varname>Controllers=</varname>
-                                or
-                                <varname>ResetControllers=</varname>,
-                                newly created sessions will be part of
-                                the control groups of the system
-                                service that created the
-                                session.</para></listitem>
-                        </varlistentry>
-
                         <varlistentry>
                                 <term><varname>InhibitDelayMaxSec=</varname></term>
 
                         <varlistentry>
                                 <term><varname>InhibitDelayMaxSec=</varname></term>
 
@@ -247,7 +216,7 @@
                                 being active before the inhibitor is
                                 ignored and the operation executes
                                 anyway. Defaults to
                                 being active before the inhibitor is
                                 ignored and the operation executes
                                 anyway. Defaults to
-                                5s.</para></listitem>
+                                5.</para></listitem>
                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>
@@ -268,15 +237,15 @@
                                 <literal>kexec</literal>,
                                 <literal>suspend</literal>,
                                 <literal>hibernate</literal>,
                                 <literal>kexec</literal>,
                                 <literal>suspend</literal>,
                                 <literal>hibernate</literal>,
-                                <literal>hybrid-sleep</literal> and
+                                <literal>hybrid-sleep</literal>, and
                                 <literal>lock</literal>. If
                                 <literal>ignore</literal>, logind will
                                 never handle these keys. If
                                 <literal>lock</literal>, all running
                                 <literal>lock</literal>. If
                                 <literal>ignore</literal>, logind will
                                 never handle these keys. If
                                 <literal>lock</literal>, all running
-                                sessions will be screen-locked; otherwise,
-                                the specified action
-                                will be taken in the respective
-                                event. Only input devices with the
+                                sessions will be screen-locked;
+                                otherwise, the specified action will
+                                be taken in the respective event. Only
+                                input devices with the
                                 <literal>power-switch</literal> udev
                                 tag will be watched for key/lid switch
                                 events. <varname>HandlePowerKey=</varname>
                                 <literal>power-switch</literal> udev
                                 tag will be watched for key/lid switch
                                 events. <varname>HandlePowerKey=</varname>
@@ -288,7 +257,11 @@
                                 default to <literal>suspend</literal>.
                                 <varname>HandleHibernateKey=</varname>
                                 defaults to
                                 default to <literal>suspend</literal>.
                                 <varname>HandleHibernateKey=</varname>
                                 defaults to
-                                <literal>hibernate</literal>.</para></listitem>
+                                <literal>hibernate</literal>. Note
+                                that the lid switch is ignored if the
+                                system is inserted in a docking
+                                station, or if more than one display
+                                is connected.</para></listitem>
                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>
@@ -322,21 +295,49 @@
                                 </para></listitem>
                         </varlistentry>
 
                                 </para></listitem>
                         </varlistentry>
 
-                </variablelist>
+                        <varlistentry>
+                                <term><varname>RuntimeDirectorySize=</varname></term>
+
+                                <listitem><para>Sets the size limit on
+                                the
+                                <varname>$XDG_RUNTIME_DIR</varname>
+                                runtime directory for each user who
+                                logs in. Takes a size in bytes,
+                                optionally suffixed with the usual K, G,
+                                M, and T suffixes, to the base 1024
+                                (IEC). Alternatively, a numerical
+                                percentage suffixed by <literal>%</literal>
+                                may be specified, which sets the size
+                                limit relative to the amount of
+                                physical RAM. Defaults to 10%. Note
+                                that this size is a safety limit
+                                only. As each runtime directory is a
+                                tmpfs file system, it will only consume
+                                as much memory as is needed.
+                                </para></listitem>
+                        </varlistentry>
+
+                        <varlistentry>
+                                <term><varname>RemoveIPC=</varname></term>
 
 
-                <para>Note that setting
-                <varname>KillUserProcesses=1</varname> will break tools
-                like
-                <citerefentry><refentrytitle>screen</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para>
-
-                <para>Note that <varname>KillUserProcesses=1</varname>
-                is a weaker version of
-                <varname>kill-session-processes=1</varname>, which may
-                be configured per-service for
-                <citerefentry><refentrytitle>pam_systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>. The
-                latter kills processes of a session as soon as it
-                ends, the former kills processes as soon as the last
-                session of the user ends.</para>
+                                <listitem><para>Controls whether
+                                System V and POSIX IPC objects
+                                belonging to the user shall be removed
+                                when the user fully logs out. Takes a
+                                boolean argument. If enabled, the user
+                                may not consume IPC resources after
+                                the last of his sessions
+                                terminated. This covers System V
+                                semaphores, shared memory and message
+                                queues, as well as POSIX shared memory
+                                and message queues. Note that IPC
+                                objects of the root user are excluded
+                                from the effect of this
+                                setting. Defaults to
+                                <literal>yes</literal>.</para></listitem>
+                        </varlistentry>
+
+                </variablelist>
         </refsect1>
 
         <refsect1>
         </refsect1>
 
         <refsect1>
Unnamed repository; edit this file 'description' to name the repository.