logind: flip KillUserProcesses to on by default

This ensures that users sessions are properly cleaned up after. The admin can still enable or disable linger for specific users to allow them to run processes after they log out. Doing that through the user session is much cleaner and provides better control. dbus daemon can now be run in the user session (with --enable-user-session, added in 1.10.2), and most distributions opted to pick this configuration. In the normal case it makes a lot of sense to kill remaining processes. The exception is stuff like screen and tmux. But it's easy enough to work around, a simple example was added to the man page in previous commit. In the long run those services should integrate with the systemd users session on their own. https://bugs.freedesktop.org/show_bug.cgi?id=94508 https://github.com/systemd/systemd/issues/2900
author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2016-04-09 20:40:45 -0400
committer: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2016-04-21 00:21:32 -0400
commit: 97e5530cf2076a2b4fc55755917262607aaa6338 (patch)
tree: d5e81a1e8d0a3ad8780ca818cbb9c08bfcd9255e
parent: 65eb37f8fcf0c82db0d9b600bb804adf7ead0327 (diff)
4 files changed, 27 insertions, 6 deletions
diff --git a/NEWS b/NEWS
index b75638ed36..99e6b51ae3 100644
--- a/NEWS
+++ b/NEWS
@@ -22,9 +22,26 @@ CHANGES WITH 230 in spe:
         * systemd-resolve conveniently resolves DANE records with the --tlsa
           option and OPENPGPKEY records with the --openpgp option.
 
-        * Testing tool /usr/lib/systemd/systemd-activate is renamed to
-          systemd-socket-activate and installed into /usr/bin. It is now fully
-          supported.
+        * systemd-logind will now by default terminate user processes that are
+          part of the user session scope unit (session-XX.scope) when the user
+          logs out. This behaviour is controlled by the
+          KillUserProcesses=yes|no setting in logind.conf, and previous default
+          of "no" is now changed to "yes". This means that user sessions will
+          be properly cleaned up after, but additional steps are necessary to
+          allow intentionally long-running processes to survive logout.
+
+          While the user is logged in at least once, user@.service is running,
+          and any service that should survive the end of any individual login
+          session can be started at a user service or scope using systemd-run.
+          systemd-run(1) man page has been extended with an example which
+          shows how to run screen in a scope unit underneath user@.service.
+          The same command works for tmux.
+
+          After the user logs out of all sessions, user@.service will be
+          terminated too, by default, unless the user has "lingering" enabled.
+          To effectively allow users to run long-term tasks even if they are
+          logged out, lingering must be enabled for them. See loginctl(1)
+          for details.
 
         * The unified cgroup hierarchy added in Linux 4.5 is now supported.
           Use systemd.unified_cgroup_hierarchy=1 on the kernel command line
@@ -45,6 +62,10 @@ CHANGES WITH 230 in spe:
 
         * The Unique Identifier sent in DHCP requests can be configured.
 
+        * Testing tool /usr/lib/systemd/systemd-activate is renamed to
+          systemd-socket-activate and installed into /usr/bin. It is now fully
+          supported.
+
         * systemd-journald now uses separate threads to flush changes to
           disk when closing journal files.
 
diff --git a/man/logind.conf.xml b/man/logind.conf.xml
index 10a23955a4..6e587c3561 100644
--- a/man/logind.conf.xml
+++ b/man/logind.conf.xml
@@ -124,7 +124,7 @@
         corresponding to the session and all processes inside that scope will be
         terminated. If false, the scope is "abandonded", see
         <citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-        and processes are not killed. Defaults to <literal>no</literal>.</para>
+        and processes are not killed. Defaults to <literal>yes</literal>.</para>
 
         <para>In addition to session processes, user process may run under the user
         manager unit <filename>user@.service</filename>. Depending on the linger
diff --git a/src/login/logind.c b/src/login/logind.c
index 268502c437..616346799a 100644
--- a/src/login/logind.c
+++ b/src/login/logind.c
@@ -64,7 +64,7 @@ static void manager_reset_config(Manager *m) {
         m->runtime_dir_size = PAGE_ALIGN((size_t) (physical_memory() / 10)); /* 10% */
         m->user_tasks_max = UINT64_C(12288);
 
-        m->kill_user_processes = false;
+        m->kill_user_processes = true;
 
         m->kill_only_users = strv_free(m->kill_only_users);
         m->kill_exclude_users = strv_free(m->kill_exclude_users);
diff --git a/src/login/logind.conf b/src/login/logind.conf
index 6095e482ac..8316bb4d74 100644
--- a/src/login/logind.conf
+++ b/src/login/logind.conf
@@ -14,7 +14,7 @@
 [Login]
 #NAutoVTs=6
 #ReserveVT=6
-#KillUserProcesses=no
+#KillUserProcesses=yes
 #KillOnlyUsers=
 #KillExcludeUsers=root
 #InhibitDelayMaxSec=5
author	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2016-04-09 20:40:45 -0400
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2016-04-21 00:21:32 -0400
commit	97e5530cf2076a2b4fc55755917262607aaa6338 (patch)
tree	d5e81a1e8d0a3ad8780ca818cbb9c08bfcd9255e
parent	65eb37f8fcf0c82db0d9b600bb804adf7ead0327 (diff)