Running a systemd service after logins

iolaum · May 1, 2020, 6:59am

I am using Fedora MATE 31. I want to configure a service to run after every user login.

I found some useful information here (among other sources).

Based on those I set up the following:

# create needed directory
mkdir -p $HOME/.local/share/systemd/user
# Use nano to write the service file shown below
$ nano $HOME/.local/share/systemd/user/test1.service
[Unit]
Description=Testing On Login service
[Service]
Type=oneshot
RemainAfterExit=true
StandardOutput=journal
ExecStart=/bin/sh -c "echo $(date) > /home/$USER/.date"
[Install]
WantedBy=default.target
$ systemctl --user enable test1.service
Created symlink /home/$USER/.config/systemd/user/default.target.wants/test1.service → /home/$USER//.local/share/systemd/user/test1.service.
$ systemctl --user status test1
$ systemctl --user start test1
$ systemctl --user daemon-reload

After having reloaded the systemctl daemon I can do a cat ~/.date and see that the service has run successfully.

I can then reboot the system and also see that the service has run successfully.

The problem is that if I then log out and log back in, the service doesn’t run again! How can I make the service run after a login no matter if it is the first login after booting or subsequent ones?

I tried changing default.target to multi-user.target or graphical.target but that didn’t help.

vits95 · May 2, 2020, 5:51am

The systemd user instance is started after the first login of a user and killed after the last session of the user is closed.
Source: ArchWiki (IDK. On second though, the instance and service is a different things.)

lcts · May 2, 2020, 7:43am

Hi,
if I remember correctly, the systemd package in Fedora is built with an option to not kill user processes on logout. You can change this by setting KillUserProcesses=yes in /etc/systemd/logind.conf. Caveat: I think that breaks terminal multiplexers like GNU Screen.

iolaum · May 2, 2020, 10:53am

I am confused.

According to

$ cat logind.conf 
#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See logind.conf(5) for details.

[Login]
#NAutoVTs=6
#ReserveVT=6
#KillUserProcesses=no
#KillOnlyUsers=
#KillExcludeUsers=root
#InhibitDelayMaxSec=5
#HandlePowerKey=poweroff
#HandleSuspendKey=suspend
#HandleHibernateKey=hibernate
#HandleLidSwitch=suspend
#HandleLidSwitchExternalPower=suspend
#HandleLidSwitchDocked=ignore
#PowerKeyIgnoreInhibited=no
#SuspendKeyIgnoreInhibited=no
#HibernateKeyIgnoreInhibited=no
#LidSwitchIgnoreInhibited=yes
#HoldoffTimeoutSec=30s
#IdleAction=ignore
#IdleActionSec=30min
#RuntimeDirectorySize=10%
#RemoveIPC=yes
#InhibitorsMax=8192
#SessionsMax=8192

user processes should not be killed by default.

I also tried

$ loginctl enable-linger $username

but that didn’t seem to help.

I m thinking that maybe default.target is an event before the user enters a lightdm, in this case, session after a successful login and something else is needed to make this happen with systemd.

iolaum · May 2, 2020, 11:12am

I also don’t know is pam_systemd.so could be a factor here. For example it doesn’t appeart to be included by default in system-auth:

$ cat /etc/pam.d/system-auth 
# Generated by authselect on Thu Apr  2 22:31:48 2020
# Do not modify this file manually.

auth        required                                     pam_env.so
auth        required                                     pam_faildelay.so delay=2000000
auth        sufficient                                   pam_fprintd.so
auth        [default=1 ignore=ignore success=ok]         pam_succeed_if.so uid >= 1000 quiet
auth        [default=1 ignore=ignore success=ok]         pam_localuser.so
auth        sufficient                                   pam_unix.so nullok try_first_pass
auth        requisite                                    pam_succeed_if.so uid >= 1000 quiet_success
auth        sufficient                                   pam_sss.so forward_pass
auth        required                                     pam_deny.so

account     required                                     pam_unix.so
account     sufficient                                   pam_localuser.so
account     sufficient                                   pam_succeed_if.so uid < 1000 quiet
account     [default=bad success=ok user_unknown=ignore] pam_sss.so
account     required                                     pam_permit.so

password    requisite                                    pam_pwquality.so try_first_pass local_users_only
password    sufficient                                   pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password    sufficient                                   pam_sss.so use_authtok
password    required                                     pam_deny.so

session     optional                                     pam_keyinit.so revoke
session     required                                     pam_limits.so
-session    optional                                     pam_systemd.so
session     [success=1 default=ignore]                   pam_succeed_if.so service in crond quiet use_uid
session     required                                     pam_unix.so
session     optional                                     pam_sss.so

I am not sure how to tell authselect whuch creates this file, to include it in.

grumpey · May 2, 2020, 12:45pm

Can you try

Description=Testing On Login service
After=graphical.target

[Service]
Type=oneshot
RemainAfterExit=true
StandardOutput=journal
ExecStart=/bin/sh -c "echo $(date) > /home/$USER/.date"

[Install]
WantedBy=default.target

I tried the original on my machine this morning and it appeared to work but I use GDM. `

Thanks

iolaum · May 2, 2020, 2:52pm

Tried it didn’t work. It still only runs after first boot. As suggested by arch wiki troubleshooting systemd page I did a

$ journalctl -u graphical.target
...
$ journalctl --user -u test1

but there were entries only after the first login. On subsequent log outs and logins nothing happened.

grumpey · May 2, 2020, 3:33pm

If you remove Type and RemainAfterExit does it work?

thanks

iolaum · May 2, 2020, 4:06pm

Thanks for the suggestion, unfortunately it didn’t work. I don’t know if it is because of how lightdm is setup.

/etc/lighdm/lightdm.conf has two options,
# session-setup-script = Script to run when starting a user session (runs as root)
and
# session-cleanup-script = Script to run when quitting a user session (runs as root)
.

Maybe that’s how it’s supposed to be done in MATE DE?