|
HTML rendering created 2025-09-06 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|
|
NAME | SYNOPSIS | DESCRIPTION | CONFIGURATION DIRECTORIES AND PRECEDENCE | OPTIONS | SEE ALSO | NOTES | COLOPHON |
|
|
|
LOGIND.CONF(5) logind.conf LOGIND.CONF(5)
logind.conf, logind.conf.d - Login manager configuration files
/etc/systemd/logind.conf
/run/systemd/logind.conf
/usr/local/lib/systemd/logind.conf
/usr/lib/systemd/logind.conf
/etc/systemd/logind.conf.d/*.conf
/run/systemd/logind.conf.d/*.conf
/usr/local/lib/systemd/logind.conf.d/*.conf
/usr/lib/systemd/logind.conf.d/*.conf
These files configure various parameters of the systemd login
manager, systemd-logind.service(8). See systemd.syntax(7) for a
general description of the syntax.
The default configuration is set during compilation, so
configuration is only needed when it is necessary to deviate from
those defaults. The main configuration file is loaded from one of
the listed directories in order of priority, only the first file
found is used: /etc/systemd/, /run/systemd/,
/usr/local/lib/systemd/ [1], /usr/lib/systemd/. The vendor version
of the file contains commented out entries showing the defaults as
a guide to the administrator. Local overrides can also be created
by creating drop-ins, as described below. The main configuration
file can also be edited for this purpose (or a copy in /etc/ if it
is shipped under /usr/), however using drop-ins for local
configuration is recommended over modifications to the main
configuration file.
In addition to the main configuration file, drop-in configuration
snippets are read from /usr/lib/systemd/*.conf.d/,
/usr/local/lib/systemd/*.conf.d/, and /etc/systemd/*.conf.d/.
Those drop-ins have higher precedence and override the main
configuration file. Files in the *.conf.d/ configuration
subdirectories are sorted by their filename in lexicographic
order, regardless of in which of the subdirectories they reside.
When multiple files specify the same option, for options which
accept just a single value, the entry in the file sorted last
takes precedence, and for options which accept a list of values,
entries are collected as they occur in the sorted files.
When packages need to customize the configuration, they can
install drop-ins under /usr/. Files in /etc/ are reserved for the
local administrator, who may use this logic to override the
configuration files installed by vendor packages. Drop-ins have to
be used to override package drop-ins, since the main configuration
file has lower precedence. It is recommended to prefix all
filenames in those subdirectories with a two-digit number and a
dash, to simplify the ordering. This also defines a concept of
drop-in priorities to allow OS vendors to ship drop-ins within a
specific range lower than the range used by users. This should
lower the risk of package drop-ins overriding accidentally
drop-ins defined by users. It is recommended to use the range
10-40 for drop-ins in /usr/ and the range 60-90 for drop-ins in
/etc/ and /run/, to make sure that local and transient drop-ins
take priority over drop-ins shipped by the OS vendor.
To disable a configuration file supplied by the vendor, the
recommended way is to place a symlink to /dev/null in the
configuration directory in /etc/, with the same filename as the
vendor configuration file.
All options are configured in the [Login] section:
NAutoVTs=
Takes a positive integer. Configures how many virtual
terminals (VTs) to allocate by default that, when switched to
and are previously unused, "autovt" services are automatically
spawned on. These services are instantiated from the template
unit autovt@.service for the respective VT TTY name, for
example, autovt@tty4.service. By default, autovt@.service is
linked to getty@.service. In other words, login prompts are
started dynamically as the user switches to unused virtual
terminals. Hence, this parameter controls how many login
"gettys" are available on the VTs. If a VT is already used by
some other subsystem (for example, a graphical login), this
kind of activation will not be attempted. Note that the VT
configured in ReserveVT= is always subject to this kind of
activation, even if it is not one of the VTs configured with
the NAutoVTs= directive. Defaults to 6. When set to 0,
automatic spawning of "autovt" services is disabled.
ReserveVT=
Takes a positive integer. Identifies one virtual terminal that
shall unconditionally be reserved for autovt@.service
activation (see above). The VT selected with this option will
be marked busy unconditionally, so that no other subsystem
will allocate it. This functionality is useful to ensure that,
regardless of how many VTs are allocated by other subsystems,
one login "getty" is always available. Defaults to 6 (in other
words, there will always be a "getty" available on Alt-F6.).
When set to 0, VT reservation is disabled.
Added in version 190.
KillUserProcesses=
Takes a boolean argument. Configures whether the processes of
a user should be killed when the user logs out. If true, the
scope unit corresponding to the session and all processes
inside that scope will be terminated. If false, the scope is
"abandoned", see systemd.scope(5), and processes are not
killed. Defaults to "yes", but see the options KillOnlyUsers=
and KillExcludeUsers= below.
In addition to session processes, user process may run under
the user manager unit user@.service. Depending on the linger
settings, this may allow users to run processes independent of
their login sessions. See the description of enable-linger in
loginctl(1).
Note that setting KillUserProcesses=yes will break tools like
screen(1) and tmux(1), unless they are moved out of the
session scope. See example in systemd-run(1).
KillOnlyUsers=, KillExcludeUsers=
These settings take space-separated lists of usernames that
override the KillUserProcesses= setting. A user name may be
added to KillExcludeUsers= to exclude the processes in the
session scopes of that user from being killed even if
KillUserProcesses=yes is set. If KillExcludeUsers= is not set,
the "root" user is excluded by default. KillExcludeUsers= may
be set to an empty value to override this default. If a user
is not excluded, KillOnlyUsers= is checked next. If this
setting is specified, only the processes in the session scopes
of those users will be killed. Otherwise, users are subject to
the KillUserProcesses=yes setting.
IdleAction=
Configures the action to take when the system is idle. Takes
one of "ignore", "poweroff", "reboot", "halt", "kexec",
"suspend", "hibernate", "hybrid-sleep",
"suspend-then-hibernate", "sleep", and "lock". Defaults to
"ignore".
Note that this requires that user sessions correctly report
the idle status to the system. The system will execute the
action after all sessions report that they are idle, no idle
inhibitor lock is active, and subsequently, the time
configured with IdleActionSec= (see below) has expired.
Added in version 198.
IdleActionSec=
Configures the delay after which the action configured in
IdleAction= (see above) is taken after the system is idle.
Added in version 198.
InhibitDelayMaxSec=
Specifies the maximum time a system shutdown or sleep request
is delayed due to an inhibitor lock of type "delay" being
active before the inhibitor is ignored and the operation
executes anyway. Defaults to 5.
UserStopDelaySec=
Specifies how long to keep the user record and per-user
service user@.service around for a user after they logged out
fully. If set to zero, the per-user service is terminated
immediately when the last session of the user has ended. If
this option is configured to non-zero rapid logout/login
cycles are sped up, as the user's service manager is not
constantly restarted. If set to "infinity" the per-user
service for a user is never terminated again after first
login, and continues to run until system shutdown. Defaults to
10s.
Added in version 240.
SleepOperation=
Takes a list of sleep operations. Possible values are
"suspend", "hibernate", "hybrid-sleep", and
"suspend-then-hibernate". Controls the candidate sleep
operations for the "sleep" action. When "sleep" action is
performed, the specified sleep operations are checked in a
fixed order ("suspend-then-hibernate" โ "hybrid-sleep" โ
"suspend" โ "hibernate"), and the first one supported by the
machine is used to put the system into sleep. Defaults to
"suspend-then-hibernate suspend hibernate".
Added in version 256.
HandlePowerKey=, HandlePowerKeyLongPress=, HandleRebootKey=,
HandleRebootKeyLongPress=, HandleSuspendKey=,
HandleSuspendKeyLongPress=, HandleHibernateKey=,
HandleHibernateKeyLongPress=, HandleLidSwitch=,
HandleLidSwitchExternalPower=, HandleLidSwitchDocked=,
HandleSecureAttentionKey=
Controls how logind shall handle the system power, reboot and
sleep keys and the lid switch to trigger actions such as
system power-off, reboot or suspend. Can be one of "ignore",
"poweroff", "reboot", "halt", "kexec", "suspend", "hibernate",
"hybrid-sleep", "suspend-then-hibernate", "sleep", "lock",
"factory-reset", and "secure-attention-key". If "ignore",
systemd-logind will never handle these keys. If "lock", all
running sessions will be screen-locked; otherwise, the
specified action will be taken in the respective event. Only
input devices with the "power-switch" udev tag will be watched
for key/lid switch events.
HandlePowerKey= defaults to "poweroff", HandleRebootKey=
defaults to "reboot", HandleSuspendKey= defaults to "suspend",
HandleHibernateKey= defaults to "hibernate",
HandlePowerKeyLongPress= defaults to "ignore",
HandleRebootKeyLongPress= defaults to "poweroff",
HandleSuspendKeyLongPress= defaults to "hibernate",
HandleHibernateKeyLongPress= defaults to "ignore".
HandleLidSwitch= defaults to "suspend".
HandleLidSwitchExternalPower= is completely ignored by default
(for backwards compatibility) โ an explicit value must be set
before it will be used to determine behaviour.
HandleLidSwitchDocked= defaults to "ignore". If the system is
inserted in a docking station, or if more than one display is
connected, the action specified by HandleLidSwitchDocked=
occurs; if the system is on external power the action (if any)
specified by HandleLidSwitchExternalPower= occurs; otherwise
the HandleLidSwitch= action occurs. HandleSecureAttentionKey=
defaults to "secure-attention-key"
A different application may disable logind's handling of
system power and sleep keys and the lid switch by taking a
low-level inhibitor lock ("handle-power-key",
"handle-suspend-key", "handle-hibernate-key",
"handle-lid-switch", "handle-reboot-key"). This is most
commonly used by graphical desktop environments to take over
suspend and hibernation handling, and to use their own
configuration mechanisms. If a low-level inhibitor lock is
taken, logind will not take any action when that key or switch
is triggered and the Handle*= settings are irrelevant, except
for HandleSecureAttentionKey=, which is always handled since
its addition in v257.
Added in version 184.
PowerKeyIgnoreInhibited=, SuspendKeyIgnoreInhibited=,
HibernateKeyIgnoreInhibited=, LidSwitchIgnoreInhibited=,
RebootKeyIgnoreInhibited=
Controls whether actions that systemd-logind takes when the
power, reboot and sleep keys and the lid switch are triggered
are subject to high-level inhibitor locks ("shutdown",
"reboot", "sleep", "idle"). Low level inhibitor locks
("handle-power-key", "handle-suspend-key",
"handle-hibernate-key", "handle-lid-switch",
"handle-reboot-key"), are always honored, irrespective of this
setting.
These settings take boolean arguments. If "no", the inhibitor
locks taken by applications are respected. If "yes",
"shutdown", "reboot" "sleep", and "idle" inhibitor locks are
ignored. PowerKeyIgnoreInhibited=,
SuspendKeyIgnoreInhibited=, HibernateKeyIgnoreInhibited= and
RebootKeyIgnoreInhibited= default to "no".
LidSwitchIgnoreInhibited= defaults to "yes". This means that
when systemd-logind is handling events by itself (no low level
inhibitor locks are taken by another application), the lid
switch does not respect suspend blockers by default, but the
power and sleep keys do.
Added in version 190.
HoldoffTimeoutSec=
Specifies a period of time after system startup or system
resume in which systemd will hold off on reacting to lid
events. This is required for the system to properly detect any
hotplugged devices so systemd can ignore lid events if
external monitors, or docks, are connected. If set to 0,
systemd will always react immediately, possibly before the
kernel fully probed all hotplugged devices. This is safe, as
long as you do not care for systemd to account for devices
that have been plugged or unplugged while the system was off.
Defaults to 30s.
Added in version 220.
RuntimeDirectorySize=
Sets the size limit on the $XDG_RUNTIME_DIR runtime directory
for each user who logs in. Takes a size in bytes, optionally
suffixed with the usual K, G, M, and T suffixes, to the base
1024 (IEC). Alternatively, a numerical percentage suffixed by
"%" may be specified, which sets the size limit relative to
the amount of physical RAM. Defaults to 10%. Note that this
size is a safety limit only. As each runtime directory is a
tmpfs file system, it will only consume as much memory as is
needed.
Added in version 211.
RuntimeDirectoryInodesMax=
Sets the limit on number of inodes for the $XDG_RUNTIME_DIR
runtime directory for each user who logs in. Takes a number,
optionally suffixed with the usual K, G, M, and T suffixes, to
the base 1024 (IEC). Defaults to RuntimeDirectorySize= divided
by 4096. Note that this size is a safety limit only. As each
runtime directory is a tmpfs file system, it will only consume
as much memory as is needed.
Added in version 246.
InhibitorsMax=
Controls the maximum number of concurrent inhibitors to
permit. Defaults to 8192 (8K).
Added in version 230.
SessionsMax=
Controls the maximum number of concurrent user sessions to
manage. Defaults to 8192 (8K). Depending on how the
pam_systemd.so module is included in the PAM stack
configuration, further login sessions will either be refused,
or permitted but not tracked by systemd-logind.
Added in version 230.
RemoveIPC=
Controls whether System V and POSIX IPC objects belonging to
the user shall be removed when the user fully logs out. Takes
a boolean argument. If enabled, the user may not consume IPC
resources after the last of the user's sessions terminated.
This covers System V semaphores, shared memory and message
queues, as well as POSIX shared memory and message queues.
Note that IPC objects of the root user and other system users
are excluded from the effect of this setting. Defaults to
"yes".
Added in version 212.
StopIdleSessionSec=
Specifies a timeout in seconds, or a time span value after
which systemd-logind checks the idle state of all sessions.
Every session that is idle for longer than the timeout will be
stopped. Note that this option does not apply to "greeter" or
"lock-screen" sessions. Defaults to "infinity" (systemd-logind
is not checking the idle state of sessions). For details about
the syntax of time spans, see systemd.time(7).
Added in version 252.
DesignatedMaintenanceTime=
Specifies a default calendar event for scheduled shutdowns. So
when using e.g. the command shutdown -r to reboot the system
without specifying a timeout, logind would use the configured
calendar event instead. For details about the syntax of
calendar events, see systemd.time(7).
Added in version 257.
WallMessages=
Controls whether wall(1) messages should be sent to the
terminals of all currently logged in users upon shutdown or
reboot. Defaults to "yes", and can be changed at runtime via
the DBus "EnableWallMessages" and "WallMessagePrefix"
properties.
Added in version 258.
systemd(1), systemd-logind.service(8), loginctl(1),
systemd-system.conf(5)
1. ๐ฃ๐ฅ๐งจ๐ฅ๐ฅ๐ฃ Please note that those configuration files must
be available at all times. If /usr/local/ is a separate
partition, it may not be available during early boot, and must
not be used for configuration.
This page is part of the systemd (systemd system and service
manager) project. Information about the project can be found at
โจhttp://www.freedesktop.org/wiki/Software/systemdโฉ. If you have a
bug report for this manual page, see
โจhttp://www.freedesktop.org/wiki/Software/systemd/#bugreportsโฉ.
This page was obtained from the project's upstream Git repository
โจhttps://github.com/systemd/systemd.gitโฉ on 2025-08-11. (At that
time, the date of the most recent commit that was found in the
repository was 2025-08-11.) If you discover any rendering
problems in this HTML version of the page, or you believe there is
a better or more up-to-date source for the page, or you have
corrections or improvements to the information in this COLOPHON
(which is not part of the original manual page), send a mail to
man-pages@man7.org
systemd 258~rc2 LOGIND.CONF(5)
Pages that refer to this page: homectl(1), loginctl(1), systemctl(1), systemd-inhibit(1), systemd-run(1), org.freedesktop.login1(5), systemd.directives(7), systemd.index(7), systemd.syntax(7), pam_systemd(8), systemd-logind.service(8)
|
HTML rendering created 2025-09-06 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|