From c8f23b4cce3e02081b21e863e7a1cf6cc93e3e2e Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Thu, 9 Feb 2017 18:40:42 +0100 Subject: [PATCH] man: update pam_elogind and elogind-logind man pages a bit This builds on @utezduyar's #4640, but extends on it. Fixes: #4550 Replaces: #4640 --- man/pam_elogind.xml | 50 ++++++++++++++++++++++++++++----------------- 1 file changed, 31 insertions(+), 19 deletions(-) diff --git a/man/pam_elogind.xml b/man/pam_elogind.xml index 80235b37c..af9877c0e 100644 --- a/man/pam_elogind.xml +++ b/man/pam_elogind.xml @@ -55,24 +55,27 @@ Description pam_elogind registers user sessions with - the elogind login manager and hence the elogind control group - hierarchy. + the systemd login manager + systemd-logind.service8, + and hence the systemd control group hierarchy. - On login, this module ensures the following: + On login, this module — in conjunction with systemd-logind.service — ensures the + following: - If it does not exist yet, the user runtime - directory /run/user/$USER is created and - its ownership changed to the user that is logging - in. - - The $XDG_SESSION_ID - environment variable is initialized. If auditing is available - and pam_loginuid.so was run before this - module (which is highly recommended), the variable is - initialized from the auditing session id - (/proc/self/sessionid). Otherwise, an + If it does not exist yet, the user runtime directory /run/user/$UID is + either created or mounted as new tmpfs file system with quota applied, and its ownership + changed to the user that is logging in. + + The $XDG_SESSION_ID environment variable is initialized. If auditing is + available and pam_loginuid.so was run before this module (which is highly recommended), the + variable is initialized from the auditing session id (/proc/self/sessionid). Otherwise, an independent session counter is used. + + A new systemd scope unit is created for the session. If this is the first concurrent session of + the user, an implicit per-user slice unit below user.slice is automatically created and the + scope placed into it. An instance of the system service user@.service, which runs the + systemd user manager instance, is started. On logout, this module ensures the following: @@ -80,14 +83,19 @@ If enabled in logind.conf - 5, all processes of the - session are terminated. + 5 (KillUserProcesses=), all processes of the session are + terminated. If the last concurrent session of a user ends, the user's systemd instance will be terminated too, + and so will the user's slice unit. If the last concurrent session of a user ends, the $XDG_RUNTIME_DIR directory and all its contents are removed, too. + If the system was not booted up with systemd as init system, + this module does nothing and immediately returns + PAM_SUCCESS. + @@ -182,7 +190,7 @@ as AF_UNIX sockets, FIFOs, PID files and similar. It is guaranteed that this directory is local and offers the greatest possible file system feature set the - operating system provides. For further details see the XDG Base Directory Specification. @@ -264,13 +272,17 @@ session required pam_elogind.so See Also - elogind8, + systemd1, + systemd-logind.service8, logind.conf5, loginctl1, pam.conf5, pam.d5, pam8, - pam_loginuid8 + pam_loginuid8, + systemd.scope5, + systemd.slice5, + systemd.service5 -- 2.30.2