When starting a user session using /usr/bin/startplasma-x11, on exit, tons of user owned processes remain

On Tumbleweed (current) and I’m using x2go to start a session which invokes /usr/bin/startplasma-x11. When I “logout” from KDE, a lot of left over processes stay around:

ccox      6850     1  0 11:50 ?        00:00:00 /usr/lib/systemd/systemd --user
ccox      6851  6850  0 11:50 ?        00:00:00 (sd-pam)
ccox      7576  6850  0 11:50 ?        00:00:00 /usr/bin/pipewire
ccox      7577  6850  0 11:50 ?        00:00:00 /usr/bin/wireplumber
ccox      7578  6850  0 11:50 ?        00:00:00 /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
ccox      7798     1  0 11:50 ?        00:00:00 /usr/libexec/baloo_file
ccox      7819     1  0 11:50 ?        00:00:00 /usr/libexec/geoclue-2.0/demos/agent

I’m AD joined and interactive users get a Kerberos ticket. I’ve noticed that my account in AD gets locked out a lot, and wondered if it’s possibly because of these derelict processes and that kerberos ticket renewals still don’t work properly.

All of this used to work reasonably well as long as I didn’t stay logged in beyond ticket expiration (or possibly renew expiration). So, in the past, as long as I logged out, everything was “fine”. But now, my account gets locked even if I’m “logged out”.

I haven’t done enough long term testing to verify if I nuke those extraneous processes if that fixes the lockout issue or not, but I think it does.

It has been this way for a long time – probably since Plasma5 showed up.

The first process that you show – that “systemd” process – seems to be the key. If you kill that, then most of the others will go away.

I’m not sure, but I think this is part of how “systemd” works. When you logout, that “systemd” user process hangs around for a while. I think it times out a few minutes later, and possibly it ends when a different user logs in.

I don’t know if this is related to your kerberos issues.

They are not leftover - they are user services started by systemd user instance. User instance is launched with the first login session and remains running until the last session terminates. So the first obvious thing to check - do you have other login sessions for the same user?

None. The “session” started by /usr/bin/startplasma-x11 is terminated. The processes shown are all that is left for that user, parented by the systemd --usermostly, but also the “init” owned baloo_file and geoclue agent.

That behavior would be bizarre (talking systemd), if not ludicrous. But systemd is the land of “assumptions” for assumptions sake.

This might be of interest for you:

$ grep Kill /etc/systemd/logind.conf
#KillUserProcesses=no
#KillOnlyUsers=
#KillExcludeUsers=root
$ man logind.conf | grep -A 3 Kill
       KillUserProcesses=
           Takes a boolean argument. Configures whether the processes of a user should be killed when the user logs out. If true, the scope unit corresponding to the session and
           all processes inside that scope will be terminated. If false, the scope is "abandoned", see systemd.scope(5), and processes are not killed. Defaults to "no", but see
           the options KillOnlyUsers= and KillExcludeUsers= below.

           In addition to session processes, user process may run under the user manager unit user@.service. Depending on the linger settings, this may allow users to run
           processes independent of their login sessions. See the description of enable-linger in loginctl(1).

yep, see discussion: logout leaves running user processes · Issue #2975 · systemd/systemd · GitHub

TL;DR it’s a mess, no good solution. But LP says maybe KillUserProcesses should default to yes (noting it breaks other things like suspended session sorts of things… sigh).

Edit: btw, it doesn’t work. Processes remain.

Linux has become boring. “World, I present to you: systemd”

Some of those processes are spawned by user services. That man pages excerpt read a bit dubious regarding those, if lingering is not enabled.

This command does not start any login session. To execute this command you must already have logged in and this login started session and systemd user instance.

Nice rants but no useful strategies whatsoever.

No mess, no bizarre behaviour observed on infamous host erlangen. Three instances of systemd are active, one system and two users:

erlangen:~ # ps ax |grep systemd/systemd
    1 ?        Ss     0:04 /usr/lib/systemd/systemd --switched-root --system --deserialize=39
...
 1489 ?        Ss     0:00 /usr/lib/systemd/systemd --user
17389 ?        Ss     0:00 /usr/lib/systemd/systemd --user
18404 pts/1    S+     0:00 grep --color=auto systemd/systemd
erlangen:~ # 

Killing #17389 safely removes all processes owned by tester’s session:

erlangen:~ # ll /sys/fs/cgroup/user.slice/
total 0
-r--r--r-- 1 root root 0 Jun  8 06:42 cgroup.controllers
...
drwxr-xr-x 4 root root 0 Jun  5 13:31 user-1000.slice
drwxr-xr-x 4 root root 0 Jun  8 06:58 user-1005.slice
erlangen:~ # 
erlangen:~ # kill 17389
erlangen:~ # 

What remains are the parents of the session:

erlangen:~ # systemd-cgls /sys/fs/cgroup/user.slice/user-1005.slice/
Directory /sys/fs/cgroup/user.slice/user-1005.slice/:
└─session-7.scope (#7726)
  ├─17356 /usr/libexec/sddm/sddm-helper --socket /tmp/sddm-authf18acee1-4dfa-41c4-9d1a-c470043cde11 --id 3 --start /usr/bin/startplasma-x11 --user tester
  ├─17412 /usr/bin/startplasma-x11
  └─17487 /usr/bin/gpg-agent --sh --daemon --keep-display /usr/libexec/xinit/xinitrc
erlangen:~ # 

You may kill them too:

erlangen:~ # systemd-cgls /sys/fs/cgroup/user.slice/user-1005.slice/
Directory /sys/fs/cgroup/user.slice/user-1005.slice/:
Failed to list cgroup tree: No such file or directory
erlangen:~ # 

You are done.

Remember days when you didn’t have to perform something “out of band” and logout actually logged you out.

I would be “mean” here, you do understand what I just said? Right?

2 Likes

So far you did not show any evidence that you actually logged out.

I remember the days when users logged out and left behind zombies consuming 100% time of the single CPU. System administrators told the users still logged in that only a reboot would kill the zombies.

Nowadays a user can log into multiple sessions. Upon logout all child processes are reliably terminated. You may read some fine documentation man loginctl. See also systemd/User - ArchWiki.

Have a nice day.

I will write some sort sort of out of band “thing” (daemon) running on the host to clean things up. Sigh.

You may stop the user slice e.g. systemctl stop user-1005.slice.

Nope. Anyway, I setup my own cron process to remove the abandoned session if still present after logout.

1 Like

That’s the hard way. Administrators configure local settings:

thinkbook:~ # grep KillUserProcesses /etc/systemd/logind.conf
#KillUserProcesses=no
thinkbook:~ # 

Again, since systemd is absolutely clueless with regards to what a “session is”, this is never going to work.

loginctl is part of systemd. It supports killing sessions.

erlangen:~ # loginctl
SESSION  UID USER SEAT  TTY 
      5 1000 karl seat0 tty2
      6    0 root seat0 tty1

2 sessions listed.
erlangen:~ # loginctl kill-session 6
erlangen:~ # loginctl
SESSION  UID USER SEAT  TTY 
      5 1000 karl seat0 tty2

1 sessions listed.
erlangen:~ #