(Generated by  groff(1))

PAM_XDG manual

This plain  groff(1) HTML output has only been fixed slightly — i am sorry for false list indentions etc.!


pam_xdg [v0.8.5, 2024-11-27] — PAM module that manages XDG Base Directories

SYNOPSIS

pam_xdg.so [runtime] [notroot] [track_sessions [per_user_lock]]

DESCRIPTION

pam_xdg.so is a PAM module that manages creation of the XDG_RUNTIME_DIR directory, as well as injection of environment variables denoting all directories specified by the XDG Base Directory Specification 0.8: https://specifications.freedesktop.org/basedir-spec/basedir-spec- latest.html, into user sessions.

When linked into the PAM session system the runtime directory will be created once a user creates his or her first login session. Unless runtime was given all XDG related environment variables will be created in all user sessions with their default or computed values, otherwise only XDG_RUNTIME_DIR. If notroot was given the module will bypass itself for root account logins and perform no actions for root, except removing any possibly existing XDG environment variable. Lastly track_sessions will enable session tracking: once the last session ends, the user’s XDG_RUNTIME_DIR will be recursively removed; on high-load servers then setting per_user_lock will reduce lock file lock contention.

In order to make use of this module, place the following in the ‘session’ part of the control file of desire under /etc/pam.d, on Linux it may be /etc/pam.d/common-session if that exists, on BSD’s the files /etc/pam.d/system as well as /etc/pam.d/login, /etc/pam.d/sshd and /etc/pam.d/su may be desirable, adjusting paths as necessary:

session optional pam_xdg.so notroot track_sessions

SEE ALSO

pam(3), pam.conf(5)

AUTHORS

Steffen Nurpmeso <[email protected]>.

CAVEATS

On Unix systems any “daemonized” program or script is reparented to the program running with PID 1, most likely leaving the PAM user session without PAM recognizing this. Yet careless such code may hold or expect availability of resources of the session it just left, truly performing cleanup when sessions end seems thus unwise. Since so many PAM modules do support session tracking and cleanup pam_xdg.so readded optional support for this.

Copyright (c) 1997 - 2024, Steffen Nurpmeso <[email protected]>
@(#)code-pam_xdg.html-w42 1.5 2024-11-27T23:01:30+0000