<citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
and hence the systemd control group hierarchy.</para>
- <para>On login, this module ensures the following:</para>
+ <para>On login, this module — in conjunction with <filename>systemd-logind.service</filename> — ensures the
+ following:</para>
<orderedlist>
- <listitem><para>If it does not exist yet, the user runtime
- directory <filename>/run/user/$USER</filename> is created and
- its ownership changed to the user that is logging
- in.</para></listitem>
-
- <listitem><para>The <varname>$XDG_SESSION_ID</varname>
- environment variable is initialized. If auditing is available
- and <command>pam_loginuid.so</command> was run before this
- module (which is highly recommended), the variable is
- initialized from the auditing session id
- (<filename>/proc/self/sessionid</filename>). Otherwise, an
+ <listitem><para>If it does not exist yet, the user runtime directory <filename>/run/user/$UID</filename> is
+ either created or mounted as new <literal>tmpfs</literal> file system with quota applied, and its ownership
+ changed to the user that is logging in.</para></listitem>
+
+ <listitem><para>The <varname>$XDG_SESSION_ID</varname> environment variable is initialized. If auditing is
+ available and <command>pam_loginuid.so</command> was run before this module (which is highly recommended), the
+ variable is initialized from the auditing session id (<filename>/proc/self/sessionid</filename>). Otherwise, an
independent session counter is used.</para></listitem>
- <listitem><para>A new systemd scope unit is created for the
- session. If this is the first concurrent session of the user, an
- implicit slice below <filename>user.slice</filename> is
- automatically created and the scope placed into it. An instance
- of the system service <filename>user@.service</filename>, which
- runs the systemd user manager instance, is started.
- </para></listitem>
+ <listitem><para>A new systemd scope unit is created for the session. If this is the first concurrent session of
+ the user, an implicit per-user slice unit below <filename>user.slice</filename> is automatically created and the
+ scope placed into it. An instance of the system service <filename>user@.service</filename>, which runs the
+ systemd user manager instance, is started. </para></listitem>
</orderedlist>
<para>On logout, this module ensures the following:</para>
<orderedlist>
<listitem><para>If enabled in
<citerefentry><refentrytitle>logind.conf</refentrytitle>
- <manvolnum>5</manvolnum></citerefentry>, all processes of the
- session are terminated. If the last concurrent session of a user
- ends, the user's systemd instance will be terminated too, and so
- will the user's slice unit.</para></listitem>
+ <manvolnum>5</manvolnum></citerefentry> (<varname>KillUserProcesses=</varname>), all processes of the session are
+ terminated. If the last concurrent session of a user ends, the user's systemd instance will be terminated too,
+ and so will the user's slice unit.</para></listitem>
<listitem><para>If the last concurrent session of a user ends,
the <varname>$XDG_RUNTIME_DIR</varname> directory and all its
manages user logins. It is responsible for:</para>
<itemizedlist>
- <listitem><para>Keeping track of users and sessions, their
- processes and their idle state</para></listitem>
+ <listitem><para>Keeping track of users and sessions, their processes and their idle state. This is implemented by
+ allocating a systemd slice unit for each user below <filename>user.slice</filename>, and a scope unit below it
+ for each concurrent session of a user. Also, a per-user service manager is started as system service instance of
+ <filename>user@.service</filename> for each user logged in.</para></listitem>
+
+ <listitem><para>Generating and managing session IDs. If auditing is available and an audit session ID is set for
+ a session already, the session ID is initialized from it. Otherwise, an independent session counter is
+ used.</para></listitem>
<listitem><para>Providing PolicyKit-based access for users to
operations such as system shutdown or sleep</para></listitem>
projects / platform / upstream / systemd.git / commitdiff