Skip to content

Commit 97e5530

Browse files
committed
logind: flip KillUserProcesses to on by default
This ensures that users sessions are properly cleaned up after. The admin can still enable or disable linger for specific users to allow them to run processes after they log out. Doing that through the user session is much cleaner and provides better control. dbus daemon can now be run in the user session (with --enable-user-session, added in 1.10.2), and most distributions opted to pick this configuration. In the normal case it makes a lot of sense to kill remaining processes. The exception is stuff like screen and tmux. But it's easy enough to work around, a simple example was added to the man page in previous commit. In the long run those services should integrate with the systemd users session on their own. https://bugs.freedesktop.org/show_bug.cgi?id=94508 #2900
1 parent 65eb37f commit 97e5530

File tree

4 files changed

+27
-6
lines changed

4 files changed

+27
-6
lines changed

NEWS

Lines changed: 24 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -22,9 +22,26 @@ CHANGES WITH 230 in spe:
2222
* systemd-resolve conveniently resolves DANE records with the --tlsa
2323
option and OPENPGPKEY records with the --openpgp option.
2424

25-
* Testing tool /usr/lib/systemd/systemd-activate is renamed to
26-
systemd-socket-activate and installed into /usr/bin. It is now fully
27-
supported.
25+
* systemd-logind will now by default terminate user processes that are
26+
part of the user session scope unit (session-XX.scope) when the user
27+
logs out. This behaviour is controlled by the
28+
KillUserProcesses=yes|no setting in logind.conf, and previous default
29+
of "no" is now changed to "yes". This means that user sessions will
30+
be properly cleaned up after, but additional steps are necessary to
31+
allow intentionally long-running processes to survive logout.
32+
33+
While the user is logged in at least once, user@.service is running,
34+
and any service that should survive the end of any individual login
35+
session can be started at a user service or scope using systemd-run.
36+
systemd-run(1) man page has been extended with an example which
37+
shows how to run screen in a scope unit underneath user@.service.
38+
The same command works for tmux.
39+
40+
After the user logs out of all sessions, user@.service will be
41+
terminated too, by default, unless the user has "lingering" enabled.
42+
To effectively allow users to run long-term tasks even if they are
43+
logged out, lingering must be enabled for them. See loginctl(1)
44+
for details.
2845

2946
* The unified cgroup hierarchy added in Linux 4.5 is now supported.
3047
Use systemd.unified_cgroup_hierarchy=1 on the kernel command line
@@ -45,6 +62,10 @@ CHANGES WITH 230 in spe:
4562

4663
* The Unique Identifier sent in DHCP requests can be configured.
4764

65+
* Testing tool /usr/lib/systemd/systemd-activate is renamed to
66+
systemd-socket-activate and installed into /usr/bin. It is now fully
67+
supported.
68+
4869
* systemd-journald now uses separate threads to flush changes to
4970
disk when closing journal files.
5071

man/logind.conf.xml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -124,7 +124,7 @@
124124
corresponding to the session and all processes inside that scope will be
125125
terminated. If false, the scope is "abandonded", see
126126
<citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
127-
and processes are not killed. Defaults to <literal>no</literal>.</para>
127+
and processes are not killed. Defaults to <literal>yes</literal>.</para>
128128

129129
<para>In addition to session processes, user process may run under the user
130130
manager unit <filename>user@.service</filename>. Depending on the linger

src/login/logind.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,7 @@ static void manager_reset_config(Manager *m) {
6464
m->runtime_dir_size = PAGE_ALIGN((size_t) (physical_memory() / 10)); /* 10% */
6565
m->user_tasks_max = UINT64_C(12288);
6666

67-
m->kill_user_processes = false;
67+
m->kill_user_processes = true;
6868

6969
m->kill_only_users = strv_free(m->kill_only_users);
7070
m->kill_exclude_users = strv_free(m->kill_exclude_users);

src/login/logind.conf

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414
[Login]
1515
#NAutoVTs=6
1616
#ReserveVT=6
17-
#KillUserProcesses=no
17+
#KillUserProcesses=yes
1818
#KillOnlyUsers=
1919
#KillExcludeUsers=root
2020
#InhibitDelayMaxSec=5

0 commit comments

Comments
 (0)