Daemon for handling Sailfish OS device users.

This daemon provides D-Bus API for adding, removing and editing additional Sailfish OS device users. The main system user is created during the first boot of the device. This user can then use this API to add additional users which have access only to some of the available functionality and services.

Using Sailfish User Manager Daemon

Sailfish User Manager Daemon is used through org.sailfishos.usermanager D-Bus service.

D-Bus API

See SailfishUserManager for more information about org.sailfishos.usermanager interface.

There is <sailfishusermanagerinterface.h> header that provides useful definitions for the D-Bus API.

User types

By default devices have only device owner which has permissions to do anything on the device unless prohibited by a device policy. SailfishUserManager::addUser can be used to create additional users that have less permissions and to whom disk quota applies. In addition to these there can be one guest user for which any data created by the user is destroyed at the end of session. Guest user is enabled and disabled with separate interface SailfishUserManager::enableGuestUser. Any restrictions that apply to additional user also apply to guest user.

Operation

Systemd launches the daemon automatically when a call to the interface is made. In the case of an error a D-Bus error is responded. The daemon quits after one minute if there are no more incoming messages.

Quota

By default new users are set to have quota for /home partition and they may reserve at most 20 % of blocks or 2 GB whichever is smaller. Hard limit is set to 120 % of the soft limit but soft limit will become hard limit after grace period (default is 7 days). Quota limits are set only on user creation and can be adjusted with setquota afterwards. If kernel does not support quota or it is not enabled on /home partition the limits are not set.