LOGINCTL(1) | loginctl | LOGINCTL(1) |
NAME
loginctl - Control the systemd login manager
SYNOPSIS
loginctl [OPTIONS...] {COMMAND} [NAME...]
DESCRIPTION
loginctl may be used to introspect and control the state of the systemd(1) login manager systemd-logind.service(8).
COMMANDS
The following commands are understood:
Session Commands
list-sessions
session-status [ID...]
Added in version 233.
show-session [ID...]
Added in version 233.
activate [ID]
Added in version 219.
lock-session [ID...], unlock-session [ID...]
Added in version 233.
lock-sessions, unlock-sessions
Added in version 188.
terminate-session ID...
Added in version 233.
kill-session ID...
Added in version 233.
User Commands
list-users
user-status [USER...]
Added in version 233.
show-user [USER...]
Added in version 233.
enable-linger [USER...], disable-linger [USER...]
See also KillUserProcesses= setting in logind.conf(5).
Added in version 233.
terminate-user USER...
Added in version 233.
kill-user USER...
Added in version 233.
Seat Commands
list-seats
seat-status [NAME...]
Added in version 233.
show-seat [NAME...]
Added in version 233.
attach NAME DEVICE...
Added in version 233.
flush-devices
terminate-seat NAME...
Added in version 233.
OPTIONS
The following options are understood:
-p, --property=
--value
Added in version 230.
-a, --all
-l, --full
Added in version 198.
--kill-whom=
Added in version 252.
-s, --signal=
The special value "help" will list the known values and the program will exit immediately, and the special value "list" will list known values along with the numerical signal numbers and the program will exit immediately.
-n, --lines=
Added in version 219.
-o, --output=
Added in version 219.
-H, --host=
-M, --machine=
--no-ask-password
--no-pager
--no-legend
--json=MODE
-j
-h, --help
--version
EXIT STATUS
On success, 0 is returned, a non-zero failure code otherwise.
EXAMPLES
Example 1. Querying user status
$ loginctl user-status fatima (1005) Since: Sat 2016-04-09 14:23:31 EDT; 54min ago State: active Sessions: 5 *3 Unit: user-1005.slice ├─user@1005.service ... ├─session-3.scope ... └─session-5.scope ├─3473 login -- fatima └─3515 -zsh Apr 09 14:40:30 laptop login[2325]: pam_unix(login:session): session opened for user fatima by LOGIN(uid=0) Apr 09 14:40:30 laptop login[2325]: LOGIN ON tty3 BY fatima
There are two sessions, 3 and 5. Session 3 is a graphical session, marked with a star. The tree of processing including the two corresponding scope units and the user manager unit are shown.
ENVIRONMENT
$SYSTEMD_LOG_LEVEL
$SYSTEMD_LOG_COLOR
This setting is only useful when messages are written directly to the terminal, because journalctl(1) and other tools that display logs will color messages based on the log level on their own.
$SYSTEMD_LOG_TIME
This setting is only useful when messages are written directly to the terminal or a file, because journalctl(1) and other tools that display logs will attach timestamps based on the entry metadata on their own.
$SYSTEMD_LOG_LOCATION
Note that the log location is often attached as metadata to journal entries anyway. Including it directly in the message text can nevertheless be convenient when debugging programs.
$SYSTEMD_LOG_TID
Note that the this information is attached as metadata to journal entries anyway. Including it directly in the message text can nevertheless be convenient when debugging programs.
$SYSTEMD_LOG_TARGET
$SYSTEMD_LOG_RATELIMIT_KMSG
$SYSTEMD_PAGER, $PAGER
Note: if $SYSTEMD_PAGERSECURE is not set, $SYSTEMD_PAGER and $PAGER can only be used to disable the pager (with "cat" or ""), and are otherwise ignored.
$SYSTEMD_LESS
Users might want to change two options in particular:
K
If the value of $SYSTEMD_LESS does not include "K", and the pager that is invoked is less, Ctrl+C will be ignored by the executable, and needs to be handled by the pager.
X
Note that setting the regular $LESS environment variable has no effect for less invocations by systemd tools.
See less(1) for more discussion.
$SYSTEMD_LESSCHARSET
Note that setting the regular $LESSCHARSET environment variable has no effect for less invocations by systemd tools.
$SYSTEMD_PAGERSECURE
This option takes a boolean argument. When set to true, the "secure mode" of the pager is enabled. In "secure mode", LESSSECURE=1 will be set when invoking the pager, which instructs the pager to disable commands that open or create new files or start new subprocesses. Currently only less(1) is known to understand this variable and implement "secure mode".
When set to false, no limitation is placed on the pager. Setting SYSTEMD_PAGERSECURE=0 or not removing it from the inherited environment may allow the user to invoke arbitrary commands.
When $SYSTEMD_PAGERSECURE is not set, systemd tools attempt to automatically figure out if "secure mode" should be enabled and whether the pager supports it. "Secure mode" is enabled if the effective UID is not the same as the owner of the login session, see geteuid(2) and sd_pid_get_owner_uid(3), or when running under sudo(8) or similar tools ($SUDO_UID is set [1]). In those cases, SYSTEMD_PAGERSECURE=1 will be set and pagers which are not known to implement "secure mode" will not be used at all. Note that this autodetection only covers the most common mechanisms to elevate privileges and is intended as convenience. It is recommended to explicitly set $SYSTEMD_PAGERSECURE or disable the pager.
Note that if the $SYSTEMD_PAGER or $PAGER variables are to be honoured, other than to disable the pager, $SYSTEMD_PAGERSECURE must be set too.
$SYSTEMD_COLORS
$SYSTEMD_URLIFY
SEE ALSO
systemd(1), systemctl(1), systemd-logind.service(8), logind.conf(5)
NOTES
- 1.
- It is recommended for other tools to set and check $SUDO_UID as appropriate, treating it is a common interface.
systemd 257.6 |