diff options
author | Lennart Poettering <lennart@poettering.net> | 2017-02-09 18:40:42 +0100 |
---|---|---|
committer | Sven Eden <yamakuzure@gmx.net> | 2017-07-17 17:58:36 +0200 |
commit | c8f23b4cce3e02081b21e863e7a1cf6cc93e3e2e (patch) | |
tree | fa6a961adf4cda3bda2188477522771b4e2a0d2a /man/pam_elogind.xml | |
parent | 093a10d73a66352cb8c03f38659e214638dba6b5 (diff) |
man: update pam_elogind and elogind-logind man pages a bit
This builds on @utezduyar's #4640, but extends on it.
Fixes: #4550
Replaces: #4640
Diffstat (limited to 'man/pam_elogind.xml')
-rw-r--r-- | man/pam_elogind.xml | 50 |
1 files changed, 31 insertions, 19 deletions
diff --git a/man/pam_elogind.xml b/man/pam_elogind.xml index 80235b37c..af9877c0e 100644 --- a/man/pam_elogind.xml +++ b/man/pam_elogind.xml @@ -55,24 +55,27 @@ <title>Description</title> <para><command>pam_elogind</command> registers user sessions with - the elogind login manager and hence the elogind control group - hierarchy.</para> + the systemd login manager + <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + and hence the systemd control group hierarchy.</para> - <para>On login, this module ensures the following:</para> + <para>On login, this module — in conjunction with <filename>systemd-logind.service</filename> — ensures the + following:</para> <orderedlist> - <listitem><para>If it does not exist yet, the user runtime - directory <filename>/run/user/$USER</filename> is created and - its ownership changed to the user that is logging - in.</para></listitem> - - <listitem><para>The <varname>$XDG_SESSION_ID</varname> - environment variable is initialized. If auditing is available - and <command>pam_loginuid.so</command> was run before this - module (which is highly recommended), the variable is - initialized from the auditing session id - (<filename>/proc/self/sessionid</filename>). Otherwise, an + <listitem><para>If it does not exist yet, the user runtime directory <filename>/run/user/$UID</filename> is + either created or mounted as new <literal>tmpfs</literal> file system with quota applied, and its ownership + changed to the user that is logging in.</para></listitem> + + <listitem><para>The <varname>$XDG_SESSION_ID</varname> environment variable is initialized. If auditing is + available and <command>pam_loginuid.so</command> was run before this module (which is highly recommended), the + variable is initialized from the auditing session id (<filename>/proc/self/sessionid</filename>). Otherwise, an independent session counter is used.</para></listitem> + + <listitem><para>A new systemd scope unit is created for the session. If this is the first concurrent session of + the user, an implicit per-user slice unit below <filename>user.slice</filename> is automatically created and the + scope placed into it. An instance of the system service <filename>user@.service</filename>, which runs the + systemd user manager instance, is started. </para></listitem> </orderedlist> <para>On logout, this module ensures the following:</para> @@ -80,14 +83,19 @@ <orderedlist> <listitem><para>If enabled in <citerefentry><refentrytitle>logind.conf</refentrytitle> - <manvolnum>5</manvolnum></citerefentry>, all processes of the - session are terminated.</para></listitem> + <manvolnum>5</manvolnum></citerefentry> (<varname>KillUserProcesses=</varname>), all processes of the session are + terminated. If the last concurrent session of a user ends, the user's systemd instance will be terminated too, + and so will the user's slice unit.</para></listitem> <listitem><para>If the last concurrent session of a user ends, the <varname>$XDG_RUNTIME_DIR</varname> directory and all its contents are removed, too.</para></listitem> </orderedlist> + <para>If the system was not booted up with systemd as init system, + this module does nothing and immediately returns + <constant>PAM_SUCCESS</constant>.</para> + </refsect1> <refsect1> @@ -182,7 +190,7 @@ as <constant>AF_UNIX</constant> sockets, FIFOs, PID files and similar. It is guaranteed that this directory is local and offers the greatest possible file system feature set the - operating system provides. For further details see the <ulink + operating system provides. For further details, see the <ulink url="http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html">XDG Base Directory Specification</ulink>.</para></listitem> </varlistentry> @@ -264,13 +272,17 @@ session required pam_elogind.so</programlisting> <refsect1> <title>See Also</title> <para> - <citerefentry><refentrytitle>elogind</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>logind.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>loginctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>pam.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>pam.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry project='man-pages'><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>, - <citerefentry project='man-pages'><refentrytitle>pam_loginuid</refentrytitle><manvolnum>8</manvolnum></citerefentry> + <citerefentry project='man-pages'><refentrytitle>pam_loginuid</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry> </para> </refsect1> |