.\"@ pam_xdg - manage XDG Base Directories (runtime dir life time, environ). .\" .\" Copyright (c) 2021 Steffen Nurpmeso . .\" SPDX-License-Identifier: ISC .\" .\" Permission to use, copy, modify, and/or distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. . .Dd July 29, 2021 .Dt PAM_XDG 8 .Os . . .Sh NAME .Nm pam_xdg.so .Nd PAM module that manages XDG Base Directories . . .Sh SYNOPSIS . .Nm .Op Ar runtime .Op Ar notroot .\".Op Ar track_user_sessions Op Ar per_user_lock . . .Sh DESCRIPTION . .Nm is a PAM module that manages creation of the .Ev XDG_RUNTIME_DIR directory, as well as injection of environment variables denoting all directories specified by the .Lk https://specifications.\:freedesktop.\:org/basedir-\:\ spec/\:basedir-\:spec-\:latest.html "XDG Base Directory Specification" into user sessions. . .Pp When linked into the PAM session system the runtime directory will be created once a user creates his or her first login session. Unless .Ar runtime was given all XDG related environment variables will be created in all user sessions with their default or computed values, otherwise only .Ev XDG_RUNTIME_DIR . If .Ar notroot was given the module will bypass itself for root account logins and perform no actions for root. .\"Lastly .\".Ar track_user_sessions .\"will enable session tracking: once the last session ends, the user's .\".Ev XDG_RUNTIME_DIR .\"will be recursively removed; on high-load servers setting .\".Ar per_user_lock .\"then will reduce lock file lock contention. . .Pp In order to make use of this module, place the following in the .Ql session part of the control file of desire under .Pa /etc/pam.d , on Linux it may be .Pa /etc/pam.d/common-session if that exists, on BSD's the files .Pa /etc/pam.d/system as well as .Pa /etc/pam.d/login , .Pa /etc/pam.d/sshd and .Pa /etc/pam.d/su may be desirable, adjusting paths as necessary: . .Bd -literal -offset indent session optional pam_xdg.so notroot \"track_user_sessions .Ed . . .Sh "SEE ALSO" . .Xr pam 3 , .Xr pam.conf 5 . . .Sh AUTHORS . .An "Steffen Nurpmeso" Aq steffen@sdaoden.eu . . . .Sh CAVEATS . On Unix systems any .Dq daemonized program or script is reparented to the program running with PID 1, therefore leaving the PAM user session without PAM recognizing this. Yet careless such code may hold or expect availability of resources of the session it just left, truly performing cleanup when sessions end seems thus unwise. .\"However, many PAM modules do support cleanup upon closing the last .\"session of a user, and therefore .\".Nm .\"supports this optionally, too. . .\" s-ts-mode