Currently SUID is required to kill-session. This prevents users (without sudo access) from using loginctl to log out of their own session. This would be useful for users who don't have a third party session manager or have a broken session manager and need a "clean" means of logging out. By "clean" I mean a way that ends a specific session, such as their currently logged in session, without affecting other sessions (owned by themselves or other users). I don't think it's necessary to require SUID for this function. Users aren't allowed to kill processes that don't belong to them anyway, so it follows that a user would only be able to kill their own session(s). Perhaps this could be acheived with polkit? Besides, users (with polkit) already have acess to systemctl shutdown, reboot, hibernate, and suspend; loginctl kill-session seems less serious. +1: if kill-session can be allowed to users to end their own sessions, how about kill-user for users to end themselves?
Implemented in http://cgit.freedesktop.org/systemd/systemd/commit/?id=c529695e7a.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.