The loginctl utility is part of the systemd toolkit for system management. It allows managing active user sessions, viewing the list of active users, locking the screen or terminating sessions completely, killing user processes, and much more.
Previously, several utilities and configuration files were required for all of this, but now everything is in one place. In this article, we will explore how to use loginctl and what purposes this utility can serve.
Table of Contents
Basics of Loginctl
The loginctl utility allows interaction with everything related to user authorization. According to the official documentation, loginctl is designed to control the systemd-logind login manager. The utility operates with the following entities:
- User - any user registered in the system;
- Session - active user authorization in the system. Each login, except for sudo and su, is considered a new session. You can log in through multiple TTYs, SSH, or graphical login manager, these will all be new sessions;
- Seat - this concept allows connecting multiple pairs of mice, keyboards, monitors to a computer and using it by multiple users simultaneously. Usually, this feature is not used, and the utility shows only one seat.
Now, let's look at the syntax and available options for loginctl.
Syntax and Options of Loginctl
The utility syntax is quite simple:
$ loginctl options command arguments
Here are the main commands you can use:
- list-sessions - display a list of sessions;
- session-status <id> - shows session state, authorization date, information about main running services and processes;
- show-session <id> - displays session settings;
- activate <id> - allows switching to the specified session;
- lock-session <id> - locks the screen for the specified session, if session ID is not specified, locks the screen for the current session;
- unlock-session <id> - unlocks the screen for the specified session;
- kill-session <id> - allows to end a session, or send a specific signal to all processes;
- terminate-session <id> allows to end the specified session;
- list-users - displays a list of currently authorized users;
- user-status <id> - similar to session-status, shows authorization date, state and all running processes in a tree view;
- show-user <id> - displays information about the user and their current session without running processes;
- terminate-user <id> - ends all user sessions and all their processes;
- kill-user <id> - sends a signal to all user processes, by default SIGTERM will be sent;
- list-seats - displays a list of seats;
- seat-status <id> - shows all processes running within the specified seat;
- show-seat <id> - displays seat settings;
- terminate-seat <id> - ends all seat processes.
Workstation configuration will not be covered in this article, so I won't even provide commands for it. Note that many commands will only work for sessions with a graphical interface, for example lock-session or unlock-session are not supported for TTY or SSH sessions. Now, let's look at some examples.
How to Use Loginctl
1. Session Information
You can view all active user sessions using the list-sessions command:
loginctl list-sessions
In this case, there are two sessions. The first one is auto-login to the graphical interface where Gnome is running, and the second is a console session in TTY3. Here, only the session ID, username, and TTY where the session is running are shown for each session. To get more detailed information about each session, use the session-status command. This is how the session in the graphical interface looks:
loginctl session-status 1
Here you can see when the session was started, its type (in this case X11), and the main processes. A console session in TTY looks like this:
loginctl session-status 3
If you want to view session settings without process information, use the show-session command:
loginctl show-session 1
For this command, you can specify which information you want to retrieve using the -p or --property option. For example, to get only the type, use the following command:
loginctl show-session 1 --p Type
To get only the value without the property name, use the --value option:
loginctl show-session 1 --p Type --value
2. User Information
Viewing user information works in a similar way to viewing session information. You can see a list of all authorized users using the following command:
loginctl list-users
Using the user-status command, you can view details about each user. This will specifically show information about their sessions rather than user data.
loginctl user-status 1000
The Sessions field displays identifiers of all user sessions, with the active session marked with an asterisk. Below, it shows Systemd services running under this user's name and the processes they launched. By default, the process list may be truncated. If you want to see all processes, use the -l or --full option:
loginctl user-status 1000 --full
To display all information at once without pagination, use the --no-pager option:
loginctl user-status 1000 --no-pager
3. Switching to Another Session
You can switch between sessions using a graphical interface, for example in Gnome or KDE. However, if you want to do this in the terminal, you need to use loginctl. For instance, to switch to a session with ID 3, use the command:
loginctl activate 3
And there you can switch back. This might be more convenient than switching between TTYs using hotkeys. After switching, you can lock the screen for the previous session. To do this, use the lock-session command. For example:
loginctl lock-session 1
4. Terminating Sessions and Processes
Using the kill-user or kill-session commands, you can terminate processes that are running under a specific user or within a particular session. These commands work similarly to the console utility kill, which means they can not only terminate a process but also send it any signal. If you provide only the session identifier to the kill-session command, it will simply terminate that session:
loginctl kill-session 3
However, you can send any other signal using the --signal option. By default, the SIGTERM signal is sent. For example, to send a SIGKILL signal, use the command:
loginctl kill-session 3 --signal SIGKILL
A similar command exists for terminating all user processes - kill-user. Additionally, there is a session-terminate command. It does essentially the same thing, but it doesn't allow you to choose the signal and immediately terminates all processes:
loginctl terminate-session 3
5. User Service Autostart
Systemd supports services that run under user accounts. These services can be managed without using sudo, which is quite convenient. Desktop environments like Gnome have been using this feature for a long time. These are services that are managed using the systemctl command with the --user option. Typically, such services start when a user logs into the system and stop when they log out. However, sometimes there's a need to make user processes start during system boot, before user authentication, and continue running even after the session ends. You can configure this using loginctl.
For example, to configure this for the user sergiy, you need to use the following loginctl command:
loginctl enable-linger sergiy
You can check the status of this parameter using the user-status command. To disable it, use the disable-linger command:
loginctl disable-linger sergiy
Wrapping Up
In this article, we have examined how to use loginctl to view information about sessions and authorized users, as well as how to terminate user sessions. As you can see, the utility is quite simple to use and allows you to do everything in one place.
