On Sat, Jul 09, 2016 at 07:32:01AM -0400, Nico Kadel-Garcia wrote:
On Thu, Jul 7, 2016 at 8:13 AM, Jan Kurik <jkurik(a)redhat.com>
> = Proposed System Wide Change: KillUserProcesses=yes by default =
> Change owner(s):
> * Zbigniew Jędrzejewski-Szmek <zbyszek(a)in.waw.pl>
> Set the default policy to terminate processes in session scope when
> the user logs out. Specifically, systemd-logind's KillUserProcesses
> setting, which currently is set to "no" to override the upstream
> default, will be removed to follow the upstream default of "yes".
We already discussed this idea on this mailing list. It's a *horrible*
idea. It breaks screen, nohup processes and all backgrounded tasks,
Right, the next paragraph that you helpfully snipped, talks about
changing screen to automatically register itself with systemd
to avoid being killed. So let's discuss the change as proposed,
with the assumption that we modify common
run-stuff-in-the-background-on-purpose-style programs so that they
continue to work as expected.
For a larger environment, it still shouldn't be killing the
automatically, That's what scheduled nightly reboots, or nightly
audits and autokills with user email notifications are for.
That sounds like a much worse solution in every regard — because
the issue of having to mark processes to be exempt from killing
is still present, but the process to get rid of unwanted processes
is asynchronous, heavyweight, nonstandard, and requires a lot of
admin engagement. But if you have this kind of setup in place, then
simply set KillUserProcesses=no and carry on.