atrium is a Wayland display manager for Linux with first-class multiseat support. It discovers seats via logind, launches a GTK4 greeter on each seat inside a cage kiosk compositor, authenticates the user via PAM, and hands off to a Wayland session.

What's new in 0.3.0

Runtime configuration files

All settings previously requiring a recompile (src/config.h) are now in /etc/atrium.conf (daemon) and /etc/atrium-greeter.conf (greeter), both parsed at startup using inih. The meson setup flag is now -Ddist=<arch|debian|fedora> (previously -Dpam_config).

Session picker

The greeter now discovers available Wayland sessions from /usr/share/wayland-sessions/*.desktop and presents a session picker on the login screen. The last session used on each seat is remembered and preselected on the next login.

PAM keyring integration

GNOME Keyring and KWallet are unlocked automatically on login via PAM (pam_gnome_keyring.so, pam_kwallet5.so). Both are included in the provided PAM stacks. Note: on Fedora, these daemons are managed by systemd user units and may not unlock via PAM — see Known Limitations.

Duplicate login prevention

By default, atrium now blocks the same user from logging in on more than one seat simultaneously, avoiding cross-seat compositor state collisions (XDG_RUNTIME_DIR, D-Bus session bus). This can be relaxed with allow-duplicate-login = true in atrium.conf.

Deferred seat handling

Seats whose GPU has no connected monitor are now held in a deferred state rather than crash-looping the greeter; the greeter launches when a monitor appears (detected via udev DRM events and a periodic sysfs poll). atrium also subscribes to the logind SeatNew D-Bus signal and launches a greeter on seats that appear after startup (e.g. a USB DisplayLink adapter plugged in later).

Crash-loop detection

The greeter is now monitored for crash loops. After a configurable number of rapid restarts, atrium backs off and eventually gives up rather than spinning indefinitely. The threshold and delays are configurable in atrium.conf.

Fedora / SELinux support

A local SELinux policy module (atrium-local.te) is now provided and installed by meson install on Fedora targets (-Ddist=fedora). File context labels are set automatically post-install. End-to-end testing was completed on Fedora 42 (SELinux enforcing).

Bug fixes

• logind session class — greeter sessions are now registered with class=greeter instead of class=user, preventing GNOME from listing atriumdm as a blocking user in the shutdown dialog. (#87)
• XDG_SESSION_ID — correctly set in the compositor and greeter environments. (#90)
• basename() mutation — basename() could modify pw_shell in place before execl used it, corrupting the shell argument. (#83)
• Duplicate-login race — the duplicate-login check could observe a logind session that was already being torn down, incorrectly blocking a fresh login on that seat. (#79)
• DRM event feedback loop — a DRM udev event generated by atrium's own seat assignment could trigger a second greeter launch attempt during crash-loop give-up.

Internal / architecture

• Daemon restructured into daemon/core/, daemon/auth/, and daemon/policy/ with an enforced build-time boundary check (mechanism vs policy separation).
• inih replaces the custom conf_parse library.
• atriumdm home directory standardised to /var/lib/atrium.

Supported distros

Known limitations

• No hotplug — GPU or seat removal/re-addition at runtime is not yet handled cleanly. Restart atrium to recover; note this ends active sessions. A clean redesign is in progress. (#28)
• No SIGKILL escalation — compositors that ignore SIGTERM are waited on indefinitely rather than force-killed. (#3)
• Fedora keyring unlock — GNOME Keyring and KWallet are not unlocked on login on Fedora because both daemons are managed by systemd user units started before the D-Bus session bus is available. (#92)
• See the README for the full list.

Installing

Download the source tarball attached to this release, or clone the tag:

git clone --branch v0.3.0 https://github.com/kavau/atrium.git

Then follow the README for the full build, install, and enable steps.

Arch Linux / CachyOS users can install from the AUR instead.

Upgrading from v0.2.0

The src/config.h compile-time configuration is gone. meson install now installs /etc/atrium.conf and /etc/atrium-greeter.conf with commented-out defaults — review both after upgrading. The defaults match the previous hardcoded values for most options.

The meson -Dpam_config flag has been renamed to -Ddist.

Feedback

• Bug reports and feature requests: GitHub issues
• Questions and discussion: GitHub Discussions
• General Linux multiseat topics: r/linux_multiseat

atrium is a Wayland display manager for Linux with first-class multiseat support. It discovers seats via logind, launches a GTK4 greeter on each seat inside a cage kiosk compositor, authenticates the user via PAM, and hands off to a Wayland session. When the compositor exits, the greeter restarts.

This is the first tagged release. atrium is usable as a daily-driver display manager today — the project has been self-hosted on a three-seat workstation since PAM integration landed. Expect rough edges; see known limitations below.

Warning: atrium runs as a system service with root privileges. It is experimental software — use at your own risk. See LICENSE for warranty and liability terms.

What works in 0.2.0

• Seat discovery via logind ListSeats at startup.
• Greeter on every seat — GTK4 user picker and password prompt, running as an unprivileged atriumdm account inside cage.
• PAM authentication — full pam_authenticate / pam_acct_mgmt / pam_setcred / pam_open_session sequence, split across daemon and compositor child so session modules (pam_loginuid, pam_keyinit, pam_limits) run in the right PID context.
• logind session creation via sd-bus CreateSession, with VT allocation on seat0 and full privilege drop (initgroups / setresgid / setresuid) before exec.
• Compositor handoff — login shell wrapping so .profile runs; XDG_CURRENT_DESKTOP, XDG_SESSION_DESKTOP, DBUS_SESSION_BUS_ADDRESS, and PAM's pam_getenvlist output are all set in the compositor environment.
• Automatic greeter restart when the compositor exits.
• Screen blanking after 5 minutes of greeter inactivity, dismissed by any key or pointer motion.
• Passwordless users via CONFIG_PASSWORDLESS_USERS (kiosk / shared account use cases).
• Clean shutdown — systemctl stop atrium terminates greeters and compositors and closes logind sessions.

Supported distros

Other systemd-based distros should work — the only distro-specific piece is the PAM stack.

Install requirements

• libsystemd, libudev, libpam, gtk4, cage
• meson, ninja
• systemd/logind; Wayland sessions only (X11 not supported)

See the README for the full build, install, and enable steps.

Known limitations

• No hotplug — seats and displays added/removed after startup are not detected. Restart atrium (systemctl restart atrium) to pick up hardware changes; note that this ends any active sessions. (#28)
• No display-connected check — a seat with a GPU but no attached monitor will crash-loop the cage compositor. Workaround: list the affected seats in CONFIG_IGNORE_SEATS.
• Compile-time configuration only — all settings live in src/config.h; no runtime config file.
• No session discovery — atrium does not read .desktop files from /usr/share/wayland-sessions/. The compositor command and XDG_CURRENT_DESKTOP value are hardcoded in src/config.h (CONFIG_COMPOSITOR and CONFIG_DESKTOP_NAME) and apply globally to every seat and every user; no per-user session selection. (#24)
• No SIGKILL escalation — if cage ignores SIGTERM during teardown, atrium currently waits a fixed delay rather than following up with SIGKILL. (#3)
• Same-user multi-seat cross-talk — when the same user logs in on multiple seats, both sessions share XDG_RUNTIME_DIR and the D-Bus session bus, so desktop environments that use D-Bus for UI state can leak actions between seats. Per-seat runtime isolation is a planned future config option.
• See the README for the full list.

Installing

Download the source tarball attached to this release, or clone the tag:

git clone --branch v0.2.0 https://github.com/kavau/atrium.git

Then follow the build and install instructions.

Feedback

• Bug reports and feature requests: GitHub issues
• Questions and discussion: GitHub Discussions
• General Linux multiseat topics: r/linux_multiseat