1LOGIND.CONF(5)                    logind.conf                   LOGIND.CONF(5)
2
3
4

NAME

6       logind.conf, logind.conf.d - Login manager configuration files
7

SYNOPSIS

9       /etc/systemd/logind.conf
10
11       /etc/systemd/logind.conf.d/*.conf
12
13       /run/systemd/logind.conf.d/*.conf
14
15       /usr/lib/systemd/logind.conf.d/*.conf
16

DESCRIPTION

18       These files configure various parameters of the systemd login manager,
19       systemd-logind.service(8). See systemd.syntax(5) for a general
20       description of the syntax.
21

CONFIGURATION DIRECTORIES AND PRECEDENCE

23       The default configuration is defined during compilation, so a
24       configuration file is only needed when it is necessary to deviate from
25       those defaults. By default, the configuration file in /etc/systemd/
26       contains commented out entries showing the defaults as a guide to the
27       administrator. This file can be edited to create local overrides.
28
29       When packages need to customize the configuration, they can install
30       configuration snippets in /usr/lib/systemd/*.conf.d/ or
31       /usr/local/lib/systemd/*.conf.d/. The main configuration file is read
32       before any of the configuration directories, and has the lowest
33       precedence; entries in a file in any configuration directory override
34       entries in the single configuration file. Files in the *.conf.d/
35       configuration subdirectories are sorted by their filename in
36       lexicographic order, regardless of in which of the subdirectories they
37       reside. When multiple files specify the same option, for options which
38       accept just a single value, the entry in the file with the
39       lexicographically latest name takes precedence. For options which
40       accept a list of values, entries are collected as they occur in files
41       sorted lexicographically.
42
43       Files in /etc/ are reserved for the local administrator, who may use
44       this logic to override the configuration files installed by vendor
45       packages. It is recommended to prefix all filenames in those
46       subdirectories with a two-digit number and a dash, to simplify the
47       ordering of the files.
48
49       To disable a configuration file supplied by the vendor, the recommended
50       way is to place a symlink to /dev/null in the configuration directory
51       in /etc/, with the same filename as the vendor configuration file.
52

OPTIONS

54       All options are configured in the "[Login]" section:
55
56       NAutoVTs=
57           Takes a positive integer. Configures how many virtual terminals
58           (VTs) to allocate by default that, when switched to and are
59           previously unused, "autovt" services are automatically spawned on.
60           These services are instantiated from the template unit
61           autovt@.service for the respective VT TTY name, for example,
62           autovt@tty4.service. By default, autovt@.service is linked to
63           getty@.service. In other words, login prompts are started
64           dynamically as the user switches to unused virtual terminals.
65           Hence, this parameter controls how many login "gettys" are
66           available on the VTs. If a VT is already used by some other
67           subsystem (for example, a graphical login), this kind of activation
68           will not be attempted. Note that the VT configured in ReserveVT= is
69           always subject to this kind of activation, even if it is not one of
70           the VTs configured with the NAutoVTs= directive. Defaults to 6.
71           When set to 0, automatic spawning of "autovt" services is disabled.
72
73       ReserveVT=
74           Takes a positive integer. Identifies one virtual terminal that
75           shall unconditionally be reserved for autovt@.service activation
76           (see above). The VT selected with this option will be marked busy
77           unconditionally, so that no other subsystem will allocate it. This
78           functionality is useful to ensure that, regardless of how many VTs
79           are allocated by other subsystems, one login "getty" is always
80           available. Defaults to 6 (in other words, there will always be a
81           "getty" available on Alt-F6.). When set to 0, VT reservation is
82           disabled.
83
84       KillUserProcesses=
85           Takes a boolean argument. Configures whether the processes of a
86           user should be killed when the user logs out. If true, the scope
87           unit corresponding to the session and all processes inside that
88           scope will be terminated. If false, the scope is "abandoned", see
89           systemd.scope(5), and processes are not killed. Defaults to "no",
90           but see the options KillOnlyUsers= and KillExcludeUsers= below.
91
92           In addition to session processes, user process may run under the
93           user manager unit user@.service. Depending on the linger settings,
94           this may allow users to run processes independent of their login
95           sessions. See the description of enable-linger in loginctl(1).
96
97           Note that setting KillUserProcesses=yes will break tools like
98           screen(1) and tmux(1), unless they are moved out of the session
99           scope. See example in systemd-run(1).
100
101       KillOnlyUsers=, KillExcludeUsers=
102           These settings take space-separated lists of usernames that
103           override the KillUserProcesses= setting. A user name may be added
104           to KillExcludeUsers= to exclude the processes in the session scopes
105           of that user from being killed even if KillUserProcesses=yes is
106           set. If KillExcludeUsers= is not set, the "root" user is excluded
107           by default.  KillExcludeUsers= may be set to an empty value to
108           override this default. If a user is not excluded, KillOnlyUsers= is
109           checked next. If this setting is specified, only the session scopes
110           of those users will be killed. Otherwise, users are subject to the
111           KillUserProcesses=yes setting.
112
113       IdleAction=
114           Configures the action to take when the system is idle. Takes one of
115           "ignore", "poweroff", "reboot", "halt", "kexec", "suspend",
116           "hibernate", "hybrid-sleep", "suspend-then-hibernate", and "lock".
117           Defaults to "ignore".
118
119           Note that this requires that user sessions correctly report the
120           idle status to the system. The system will execute the action after
121           all sessions report that they are idle, no idle inhibitor lock is
122           active, and subsequently, the time configured with IdleActionSec=
123           (see below) has expired.
124
125       IdleActionSec=
126           Configures the delay after which the action configured in
127           IdleAction= (see above) is taken after the system is idle.
128
129       InhibitDelayMaxSec=
130           Specifies the maximum time a system shutdown or sleep request is
131           delayed due to an inhibitor lock of type "delay" being active
132           before the inhibitor is ignored and the operation executes anyway.
133           Defaults to 5.
134
135       UserStopDelaySec=
136           Specifies how long to keep the user record and per-user service
137           user@.service around for a user after they logged out fully. If set
138           to zero, the per-user service is terminated immediately when the
139           last session of the user has ended. If this option is configured to
140           non-zero rapid logout/login cycles are sped up, as the user's
141           service manager is not constantly restarted. If set to "infinity"
142           the per-user service for a user is never terminated again after
143           first login, and continues to run until system shutdown. Defaults
144           to 10s.
145
146       HandlePowerKey=, HandleSuspendKey=, HandleHibernateKey=,
147       HandleLidSwitch=, HandleLidSwitchExternalPower=, HandleLidSwitchDocked=
148           Controls how logind shall handle the system power and sleep keys
149           and the lid switch to trigger actions such as system power-off or
150           suspend. Can be one of "ignore", "poweroff", "reboot", "halt",
151           "kexec", "suspend", "hibernate", "hybrid-sleep",
152           "suspend-then-hibernate", and "lock". If "ignore", logind will
153           never handle these keys. If "lock", all running sessions will be
154           screen-locked; otherwise, the specified action will be taken in the
155           respective event. Only input devices with the "power-switch" udev
156           tag will be watched for key/lid switch events.  HandlePowerKey=
157           defaults to "poweroff".  HandleSuspendKey= and HandleLidSwitch=
158           default to "suspend".  HandleLidSwitchExternalPower= is completely
159           ignored by default (for backwards compatibility) — an explicit
160           value must be set before it will be used to determine behaviour.
161           HandleLidSwitchDocked= defaults to "ignore".  HandleHibernateKey=
162           defaults to "hibernate". If the system is inserted in a docking
163           station, or if more than one display is connected, the action
164           specified by HandleLidSwitchDocked= occurs; if the system is on
165           external power the action (if any) specified by
166           HandleLidSwitchExternalPower= occurs; otherwise the
167           HandleLidSwitch= action occurs.
168
169           A different application may disable logind's handling of system
170           power and sleep keys and the lid switch by taking a low-level
171           inhibitor lock ("handle-power-key", "handle-suspend-key",
172           "handle-hibernate-key", "handle-lid-switch"). This is most commonly
173           used by graphical desktop environments to take over suspend and
174           hibernation handling, and to use their own configuration
175           mechanisms. If a low-level inhibitor lock is taken, logind will not
176           take any action when that key or switch is triggered and the
177           Handle*= settings are irrelevant.
178
179       PowerKeyIgnoreInhibited=, SuspendKeyIgnoreInhibited=,
180       HibernateKeyIgnoreInhibited=, LidSwitchIgnoreInhibited=
181           Controls whether actions that systemd-logind takes when the power
182           and sleep keys and the lid switch are triggered are subject to
183           high-level inhibitor locks ("shutdown", "sleep", "idle"). Low level
184           inhibitor locks ("handle-power-key", "handle-suspend-key",
185           "handle-hibernate-key", "handle-lid-switch"), are always honored,
186           irrespective of this setting.
187
188           These settings take boolean arguments. If "no", the inhibitor locks
189           taken by applications are respected. If "yes", "shutdown", "sleep",
190           and "idle" inhibitor locks are ignored.  PowerKeyIgnoreInhibited=,
191           SuspendKeyIgnoreInhibited=, and HibernateKeyIgnoreInhibited=
192           default to "no".  LidSwitchIgnoreInhibited= defaults to "yes". This
193           means that when systemd-logind is handling events by itself (no low
194           level inhibitor locks are taken by another application), the lid
195           switch does not respect suspend blockers by default, but the power
196           and sleep keys do.
197
198       HoldoffTimeoutSec=
199           Specifies the timeout after system startup or system resume in
200           which systemd will hold off on reacting to lid events. This is
201           required for the system to properly detect any hotplugged devices
202           so systemd can ignore lid events if external monitors, or docks,
203           are connected. If set to 0, systemd will always react immediately,
204           possibly before the kernel fully probed all hotplugged devices.
205           This is safe, as long as you do not care for systemd to account for
206           devices that have been plugged or unplugged while the system was
207           off. Defaults to 30s.
208
209       RuntimeDirectorySize=
210           Sets the size limit on the $XDG_RUNTIME_DIR runtime directory for
211           each user who logs in. Takes a size in bytes, optionally suffixed
212           with the usual K, G, M, and T suffixes, to the base 1024 (IEC).
213           Alternatively, a numerical percentage suffixed by "%" may be
214           specified, which sets the size limit relative to the amount of
215           physical RAM. Defaults to 10%. Note that this size is a safety
216           limit only. As each runtime directory is a tmpfs file system, it
217           will only consume as much memory as is needed.
218
219       InhibitorsMax=
220           Controls the maximum number of concurrent inhibitors to permit.
221           Defaults to 8192 (8K).
222
223       SessionsMax=
224           Controls the maximum number of concurrent user sessions to manage.
225           Defaults to 8192 (8K). Depending on how the pam_systemd.so module
226           is included in the PAM stack configuration, further login sessions
227           will either be refused, or permitted but not tracked by
228           systemd-logind.
229
230       RemoveIPC=
231           Controls whether System V and POSIX IPC objects belonging to the
232           user shall be removed when the user fully logs out. Takes a boolean
233           argument. If enabled, the user may not consume IPC resources after
234           the last of the user's sessions terminated. This covers System V
235           semaphores, shared memory and message queues, as well as POSIX
236           shared memory and message queues. Note that IPC objects of the root
237           user and other system users are excluded from the effect of this
238           setting. Defaults to "yes".
239

SEE ALSO

241       systemd(1), systemd-logind.service(8), loginctl(1), systemd-
242       system.conf(5)
243
244
245
246systemd 245                                                     LOGIND.CONF(5)
Impressum