1LOGIND.CONF(5)                    logind.conf                   LOGIND.CONF(5)
2
3
4

NAME

6       logind.conf, logind.conf.d - Login manager configuration files
7

SYNOPSIS

9       /etc/systemd/logind.conf
10
11       /etc/systemd/logind.conf.d/*.conf
12
13       /run/systemd/logind.conf.d/*.conf
14
15       /usr/lib/systemd/logind.conf.d/*.conf
16

DESCRIPTION

18       These files configure various parameters of the systemd login manager,
19       systemd-logind.service(8). See systemd.syntax(5) for a general
20       description of the syntax.
21

CONFIGURATION DIRECTORIES AND PRECEDENCE

23       The default configuration is defined during compilation, so a
24       configuration file is only needed when it is necessary to deviate from
25       those defaults. By default, the configuration file in /etc/systemd/
26       contains commented out entries showing the defaults as a guide to the
27       administrator. This file can be edited to create local overrides.
28
29       When packages need to customize the configuration, they can install
30       configuration snippets in /usr/lib/systemd/*.conf.d/ or
31       /usr/local/lib/systemd/*.conf.d/. Files in /etc/ are reserved for the
32       local administrator, who may use this logic to override the
33       configuration files installed by vendor packages. The main
34       configuration file is read before any of the configuration directories,
35       and has the lowest precedence; entries in a file in any configuration
36       directory override entries in the single configuration file. Files in
37       the *.conf.d/ configuration subdirectories are sorted by their filename
38       in lexicographic order, regardless of which of the subdirectories they
39       reside in. When multiple files specify the same option, for options
40       which accept just a single value, the entry in the file with the
41       lexicographically latest name takes precedence. For options which
42       accept a list of values, entries are collected as they occur in files
43       sorted lexicographically. It is recommended to prefix all filenames in
44       those subdirectories with a two-digit number and a dash, to simplify
45       the ordering of the files.
46
47       To disable a configuration file supplied by the vendor, the recommended
48       way is to place a symlink to /dev/null in the configuration directory
49       in /etc/, with the same filename as the vendor configuration file.
50

OPTIONS

52       All options are configured in the "[Login]" section:
53
54       NAutoVTs=
55           Takes a positive integer. Configures how many virtual terminals
56           (VTs) to allocate by default that, when switched to and are
57           previously unused, "autovt" services are automatically spawned on.
58           These services are instantiated from the template unit
59           autovt@.service for the respective VT TTY name, for example,
60           autovt@tty4.service. By default, autovt@.service is linked to
61           getty@.service. In other words, login prompts are started
62           dynamically as the user switches to unused virtual terminals.
63           Hence, this parameter controls how many login "gettys" are
64           available on the VTs. If a VT is already used by some other
65           subsystem (for example, a graphical login), this kind of activation
66           will not be attempted. Note that the VT configured in ReserveVT= is
67           always subject to this kind of activation, even if it is not one of
68           the VTs configured with the NAutoVTs= directive. Defaults to 6.
69           When set to 0, automatic spawning of "autovt" services is disabled.
70
71       ReserveVT=
72           Takes a positive integer. Identifies one virtual terminal that
73           shall unconditionally be reserved for autovt@.service activation
74           (see above). The VT selected with this option will be marked busy
75           unconditionally, so that no other subsystem will allocate it. This
76           functionality is useful to ensure that, regardless of how many VTs
77           are allocated by other subsystems, one login "getty" is always
78           available. Defaults to 6 (in other words, there will always be a
79           "getty" available on Alt-F6.). When set to 0, VT reservation is
80           disabled.
81
82       KillUserProcesses=
83           Takes a boolean argument. Configures whether the processes of a
84           user should be killed when the user logs out. If true, the scope
85           unit corresponding to the session and all processes inside that
86           scope will be terminated. If false, the scope is "abandoned", see
87           systemd.scope(5), and processes are not killed. Defaults to "no",
88           but see the options KillOnlyUsers= and KillExcludeUsers= below.
89
90           In addition to session processes, user process may run under the
91           user manager unit user@.service. Depending on the linger settings,
92           this may allow users to run processes independent of their login
93           sessions. See the description of enable-linger in loginctl(1).
94
95           Note that setting KillUserProcesses=yes will break tools like
96           screen(1) and tmux(1), unless they are moved out of the session
97           scope. See example in systemd-run(1).
98
99       KillOnlyUsers=, KillExcludeUsers=
100           These settings take space-separated lists of usernames that
101           override the KillUserProcesses= setting. A user name may be added
102           to KillExcludeUsers= to exclude the processes in the session scopes
103           of that user from being killed even if KillUserProcesses=yes is
104           set. If KillExcludeUsers= is not set, the "root" user is excluded
105           by default.  KillExcludeUsers= may be set to an empty value to
106           override this default. If a user is not excluded, KillOnlyUsers= is
107           checked next. If this setting is specified, only the session scopes
108           of those users will be killed. Otherwise, users are subject to the
109           KillUserProcesses=yes setting.
110
111       IdleAction=
112           Configures the action to take when the system is idle. Takes one of
113           "ignore", "poweroff", "reboot", "halt", "kexec", "suspend",
114           "hibernate", "hybrid-sleep", "suspend-then-hibernate", and "lock".
115           Defaults to "ignore".
116
117           Note that this requires that user sessions correctly report the
118           idle status to the system. The system will execute the action after
119           all sessions report that they are idle, no idle inhibitor lock is
120           active, and subsequently, the time configured with IdleActionSec=
121           (see below) has expired.
122
123       IdleActionSec=
124           Configures the delay after which the action configured in
125           IdleAction= (see above) is taken after the system is idle.
126
127       InhibitDelayMaxSec=
128           Specifies the maximum time a system shutdown or sleep request is
129           delayed due to an inhibitor lock of type "delay" being active
130           before the inhibitor is ignored and the operation executes anyway.
131           Defaults to 5.
132
133       UserStopDelaySec=
134           Specifies how long to keep the user record and per-user service
135           user@.service around for a user after they logged out fully. If set
136           to zero, the per-user service is terminated immediately when the
137           last session of the user has ended. If this option is configured to
138           non-zero rapid logout/login cycles are sped up, as the user's
139           service manager is not constantly restarted. If set to "infinity"
140           the per-user service for a user is never terminated again after
141           first login, and continues to run until system shutdown. Defaults
142           to 10s.
143
144       HandlePowerKey=, HandleSuspendKey=, HandleHibernateKey=,
145       HandleLidSwitch=, HandleLidSwitchExternalPower=, HandleLidSwitchDocked=
146           Controls how logind shall handle the system power and sleep keys
147           and the lid switch to trigger actions such as system power-off or
148           suspend. Can be one of "ignore", "poweroff", "reboot", "halt",
149           "kexec", "suspend", "hibernate", "hybrid-sleep",
150           "suspend-then-hibernate", and "lock". If "ignore", logind will
151           never handle these keys. If "lock", all running sessions will be
152           screen-locked; otherwise, the specified action will be taken in the
153           respective event. Only input devices with the "power-switch" udev
154           tag will be watched for key/lid switch events.  HandlePowerKey=
155           defaults to "poweroff".  HandleSuspendKey= and HandleLidSwitch=
156           default to "suspend".  HandleLidSwitchExternalPower= is completely
157           ignored by default (for backwards compatibility) — an explicit
158           value must be set before it will be used to determine behaviour.
159           HandleLidSwitchDocked= defaults to "ignore".  HandleHibernateKey=
160           defaults to "hibernate". If the system is inserted in a docking
161           station, or if more than one display is connected, the action
162           specified by HandleLidSwitchDocked= occurs; if the system is on
163           external power the action (if any) specified by
164           HandleLidSwitchExternalPower= occurs; otherwise the
165           HandleLidSwitch= action occurs.
166
167           A different application may disable logind's handling of system
168           power and sleep keys and the lid switch by taking a low-level
169           inhibitor lock ("handle-power-key", "handle-suspend-key",
170           "handle-hibernate-key", "handle-lid-switch"). This is most commonly
171           used by graphical desktop environments to take over suspend and
172           hibernation handling, and to use their own configuration
173           mechanisms. If a low-level inhibitor lock is taken, logind will not
174           take any action when that key or switch is triggered and the
175           Handle*= settings are irrelevant.
176
177       PowerKeyIgnoreInhibited=, SuspendKeyIgnoreInhibited=,
178       HibernateKeyIgnoreInhibited=, LidSwitchIgnoreInhibited=
179           Controls whether actions that systemd-logind takes when the power
180           and sleep keys and the lid switch are triggered are subject to
181           high-level inhibitor locks ("shutdown", "sleep", "idle"). Low level
182           inhibitor locks ("handle-power-key", "handle-suspend-key",
183           "handle-hibernate-key", "handle-lid-switch"), are always honored,
184           irrespective of this setting.
185
186           These settings take boolean arguments. If "no", the inhibitor locks
187           taken by applications are respected. If "yes", "shutdown", "sleep",
188           and "idle" inhibitor locks are ignored.  PowerKeyIgnoreInhibited=,
189           SuspendKeyIgnoreInhibited=, and HibernateKeyIgnoreInhibited=
190           default to "no".  LidSwitchIgnoreInhibited= defaults to "yes". This
191           means that when systemd-logind is handling events by itself (no low
192           level inhibitor locks are taken by another application), the lid
193           switch does not respect suspend blockers by default, but the power
194           and sleep keys do.
195
196       HoldoffTimeoutSec=
197           Specifies the timeout after system startup or system resume in
198           which systemd will hold off on reacting to lid events. This is
199           required for the system to properly detect any hotplugged devices
200           so systemd can ignore lid events if external monitors, or docks,
201           are connected. If set to 0, systemd will always react immediately,
202           possibly before the kernel fully probed all hotplugged devices.
203           This is safe, as long as you do not care for systemd to account for
204           devices that have been plugged or unplugged while the system was
205           off. Defaults to 30s.
206
207       RuntimeDirectorySize=
208           Sets the size limit on the $XDG_RUNTIME_DIR runtime directory for
209           each user who logs in. Takes a size in bytes, optionally suffixed
210           with the usual K, G, M, and T suffixes, to the base 1024 (IEC).
211           Alternatively, a numerical percentage suffixed by "%" may be
212           specified, which sets the size limit relative to the amount of
213           physical RAM. Defaults to 10%. Note that this size is a safety
214           limit only. As each runtime directory is a tmpfs file system, it
215           will only consume as much memory as is needed.
216
217       InhibitorsMax=
218           Controls the maximum number of concurrent inhibitors to permit.
219           Defaults to 8192 (8K).
220
221       SessionsMax=
222           Controls the maximum number of concurrent user sessions to manage.
223           Defaults to 8192 (8K). Depending on how the pam_systemd.so module
224           is included in the PAM stack configuration, further login sessions
225           will either be refused, or permitted but not tracked by
226           systemd-logind.
227
228       RemoveIPC=
229           Controls whether System V and POSIX IPC objects belonging to the
230           user shall be removed when the user fully logs out. Takes a boolean
231           argument. If enabled, the user may not consume IPC resources after
232           the last of the user's sessions terminated. This covers System V
233           semaphores, shared memory and message queues, as well as POSIX
234           shared memory and message queues. Note that IPC objects of the root
235           user and other system users are excluded from the effect of this
236           setting. Defaults to "yes".
237

SEE ALSO

239       systemd(1), systemd-logind.service(8), loginctl(1), systemd-
240       system.conf(5)
241
242
243
244systemd 243                                                     LOGIND.CONF(5)
Impressum