logind: flip KillUserProcesses to on by default

This ensures that users sessions are properly cleaned up after.
The admin can still enable or disable linger for specific users to allow
them to run processes after they log out. Doing that through the user
session is much cleaner and provides better control.

dbus daemon can now be run in the user session (with --enable-user-session,
added in 1.10.2), and most distributions opted to pick this configuration.
In the normal case it makes a lot of sense to kill remaining processes.
The exception is stuff like screen and tmux. But it's easy enough to
work around, a simple example was added to the man page in previous
commit. In the long run those services should integrate with the systemd
users session on their own.

https://bugs.freedesktop.org/show_bug.cgi?id=94508
#2900

Author: keszybz

NEWS

@@ -22,9 +22,26 @@ CHANGES WITH 230 in spe:
         * systemd-resolve conveniently resolves DANE records with the --tlsa
           option and OPENPGPKEY records with the --openpgp option.
 
-        * Testing tool /usr/lib/systemd/systemd-activate is renamed to
-          systemd-socket-activate and installed into /usr/bin. It is now fully
-          supported.
+        * systemd-logind will now by default terminate user processes that are
+          part of the user session scope unit (session-XX.scope) when the user
+          logs out. This behaviour is controlled by the
+          KillUserProcesses=yes|no setting in logind.conf, and previous default
+          of "no" is now changed to "yes". This means that user sessions will
+          be properly cleaned up after, but additional steps are necessary to
+          allow intentionally long-running processes to survive logout.
+
+          While the user is logged in at least once, user@.service is running,
+          and any service that should survive the end of any individual login
+          session can be started at a user service or scope using systemd-run.
+          systemd-run(1) man page has been extended with an example which
+          shows how to run screen in a scope unit underneath user@.service.
+          The same command works for tmux.
+
+          After the user logs out of all sessions, user@.service will be
+          terminated too, by default, unless the user has "lingering" enabled.
+          To effectively allow users to run long-term tasks even if they are
+          logged out, lingering must be enabled for them. See loginctl(1)
+          for details.
 
         * The unified cgroup hierarchy added in Linux 4.5 is now supported.
           Use systemd.unified_cgroup_hierarchy=1 on the kernel command line
@@ -45,6 +62,10 @@ CHANGES WITH 230 in spe:
 
         * The Unique Identifier sent in DHCP requests can be configured.
 
+        * Testing tool /usr/lib/systemd/systemd-activate is renamed to
+          systemd-socket-activate and installed into /usr/bin. It is now fully
+          supported.
+
         * systemd-journald now uses separate threads to flush changes to
           disk when closing journal files.
 

man/logind.conf.xml

@@ -124,7 +124,7 @@
         corresponding to the session and all processes inside that scope will be
         terminated. If false, the scope is "abandonded", see
         <citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-        and processes are not killed. Defaults to <literal>no</literal>.</para>
+        and processes are not killed. Defaults to <literal>yes</literal>.</para>
 
         <para>In addition to session processes, user process may run under the user
         manager unit <filename>user@.service</filename>. Depending on the linger

src/login/logind.c

@@ -64,7 +64,7 @@ static void manager_reset_config(Manager *m) {
         m->runtime_dir_size = PAGE_ALIGN((size_t) (physical_memory() / 10)); /* 10% */
         m->user_tasks_max = UINT64_C(12288);
 
-        m->kill_user_processes = false;
+        m->kill_user_processes = true;
 
         m->kill_only_users = strv_free(m->kill_only_users);
         m->kill_exclude_users = strv_free(m->kill_exclude_users);

src/login/logind.conf

@@ -14,7 +14,7 @@
 [Login]
 #NAutoVTs=6
 #ReserveVT=6
-#KillUserProcesses=no
+#KillUserProcesses=yes
 #KillOnlyUsers=
 #KillExcludeUsers=root
 #InhibitDelayMaxSec=5