2012-01-25 02:20:38 +01:00
|
|
|
systemd System and Service Manager
|
2010-05-13 03:30:21 +02:00
|
|
|
|
|
|
|
DETAILS:
|
|
|
|
http://0pointer.de/blog/projects/systemd.html
|
|
|
|
|
|
|
|
WEB SITE:
|
|
|
|
http://www.freedesktop.org/wiki/Software/systemd
|
|
|
|
|
|
|
|
GIT:
|
2012-01-22 18:40:13 +01:00
|
|
|
git://anongit.freedesktop.org/systemd/systemd
|
|
|
|
ssh://git.freedesktop.org/git/systemd/systemd
|
2010-05-13 03:30:21 +02:00
|
|
|
|
|
|
|
GITWEB:
|
2012-01-22 18:40:13 +01:00
|
|
|
http://cgit.freedesktop.org/systemd/systemd
|
2010-05-13 03:30:21 +02:00
|
|
|
|
|
|
|
MAILING LIST:
|
|
|
|
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
|
|
|
|
http://lists.freedesktop.org/mailman/listinfo/systemd-commits
|
|
|
|
|
|
|
|
IRC:
|
|
|
|
#systemd on irc.freenode.org
|
|
|
|
|
|
|
|
BUG REPORTS:
|
|
|
|
https://bugs.freedesktop.org/enter_bug.cgi?product=systemd
|
|
|
|
|
|
|
|
AUTHOR:
|
2012-04-12 00:20:58 +02:00
|
|
|
Lennart Poettering
|
|
|
|
Kay Sievers
|
|
|
|
...and many others
|
2010-05-13 03:30:21 +02:00
|
|
|
|
2011-07-14 23:53:53 +02:00
|
|
|
LICENSE:
|
2012-04-12 00:20:58 +02:00
|
|
|
LGPLv2.1+ for all code
|
2013-12-22 23:26:07 +01:00
|
|
|
- except src/shared/MurmurHash2.c which is Public Domain
|
|
|
|
- except src/shared/siphash24.c which is CC0 Public Domain
|
2013-08-14 22:58:21 +02:00
|
|
|
- except src/journal/lookup3.c which is Public Domain
|
|
|
|
- except src/udev/* which is (currently still) GPLv2, GPLv2+
|
2011-07-14 23:53:53 +02:00
|
|
|
|
2010-05-13 03:30:21 +02:00
|
|
|
REQUIREMENTS:
|
2014-08-30 11:34:20 +02:00
|
|
|
Linux kernel >= 3.7
|
2014-03-22 18:27:35 +01:00
|
|
|
Linux kernel >= 3.8 for Smack support
|
|
|
|
|
|
|
|
Kernel Config Options:
|
2013-03-06 19:36:39 +01:00
|
|
|
CONFIG_DEVTMPFS
|
2014-05-03 19:15:23 +02:00
|
|
|
CONFIG_CGROUPS (it is OK to disable all controllers)
|
2013-03-06 19:36:39 +01:00
|
|
|
CONFIG_INOTIFY_USER
|
|
|
|
CONFIG_SIGNALFD
|
|
|
|
CONFIG_TIMERFD
|
|
|
|
CONFIG_EPOLL
|
2013-03-06 19:51:52 +01:00
|
|
|
CONFIG_NET
|
2013-03-06 19:36:39 +01:00
|
|
|
CONFIG_SYSFS
|
2013-12-09 16:04:06 +01:00
|
|
|
CONFIG_PROC_FS
|
2014-02-15 17:21:49 +01:00
|
|
|
CONFIG_FHANDLE (libudev, mount and bind mount handling)
|
2013-03-06 19:36:39 +01:00
|
|
|
|
2014-08-30 11:34:20 +02:00
|
|
|
udev will fail to work with the legacy sysfs layout:
|
2013-03-06 20:01:45 +01:00
|
|
|
CONFIG_SYSFS_DEPRECATED=n
|
2013-03-06 19:36:39 +01:00
|
|
|
|
|
|
|
Legacy hotplug slows down the system and confuses udev:
|
|
|
|
CONFIG_UEVENT_HELPER_PATH=""
|
|
|
|
|
2014-08-30 11:34:20 +02:00
|
|
|
Userspace firmware loading is not supported and should
|
|
|
|
be disabled in the kernel:
|
2013-03-06 19:36:39 +01:00
|
|
|
CONFIG_FW_LOADER_USER_HELPER=n
|
|
|
|
|
|
|
|
Some udev rules and virtualization detection relies on it:
|
|
|
|
CONFIG_DMIID
|
|
|
|
|
2013-09-15 07:29:25 +02:00
|
|
|
Support for some SCSI devices serial number retrieval, to
|
|
|
|
create additional symlinks in /dev/disk/ and /dev/tape:
|
|
|
|
CONFIG_BLK_DEV_BSG
|
|
|
|
|
2014-12-30 15:57:01 +01:00
|
|
|
Required for PrivateNetwork and PrivateDevices in service units:
|
2014-03-31 20:28:23 +02:00
|
|
|
CONFIG_NET_NS
|
2014-12-30 15:57:01 +01:00
|
|
|
CONFIG_DEVPTS_MULTIPLE_INSTANCES
|
|
|
|
Note that systemd-localed.service and other systemd units use
|
|
|
|
PrivateNetwork and PrivateDevices so this is effectively required.
|
2014-03-31 20:28:23 +02:00
|
|
|
|
2013-03-06 19:36:39 +01:00
|
|
|
Optional but strongly recommended:
|
|
|
|
CONFIG_IPV6
|
|
|
|
CONFIG_AUTOFS4_FS
|
|
|
|
CONFIG_TMPFS_XATTR
|
2015-03-03 15:00:39 +01:00
|
|
|
CONFIG_{TMPFS,EXT4,XFS,BTRFS_FS,...}_POSIX_ACL
|
2013-03-06 20:01:45 +01:00
|
|
|
CONFIG_SECCOMP
|
2013-03-06 19:36:39 +01:00
|
|
|
|
2014-06-10 23:29:30 +02:00
|
|
|
Required for CPUShares in resource control unit settings
|
|
|
|
CONFIG_CGROUP_SCHED
|
|
|
|
CONFIG_FAIR_GROUP_SCHED
|
|
|
|
|
2014-11-18 16:13:43 +01:00
|
|
|
Required for CPUQuota in resource control unit settings
|
|
|
|
CONFIG_CFS_BANDWIDTH
|
|
|
|
|
2013-12-09 16:04:06 +01:00
|
|
|
For systemd-bootchart, several proc debug interfaces are required:
|
2013-03-06 19:36:39 +01:00
|
|
|
CONFIG_SCHEDSTATS
|
|
|
|
CONFIG_SCHED_DEBUG
|
|
|
|
|
2013-03-06 20:01:45 +01:00
|
|
|
For UEFI systems:
|
2014-03-22 01:41:12 +01:00
|
|
|
CONFIG_EFIVAR_FS
|
2013-03-06 20:01:45 +01:00
|
|
|
CONFIG_EFI_PARTITION
|
|
|
|
|
2013-05-10 00:14:12 +02:00
|
|
|
Note that kernel auditing is broken when used with systemd's
|
|
|
|
container code. When using systemd in conjunction with
|
2013-10-22 01:50:48 +02:00
|
|
|
containers, please make sure to either turn off auditing at
|
2013-05-10 00:14:12 +02:00
|
|
|
runtime using the kernel command line option "audit=0", or
|
|
|
|
turn it off at kernel compile time using:
|
|
|
|
CONFIG_AUDIT=n
|
2014-03-11 05:40:36 +01:00
|
|
|
If systemd is compiled with libseccomp support on
|
|
|
|
architectures which do not use socketcall() and where seccomp
|
|
|
|
is supported (this effectively means x86-64 and ARM, but
|
2014-05-03 19:15:24 +02:00
|
|
|
excludes 32-bit x86!), then nspawn will now install a
|
2014-03-11 05:40:36 +01:00
|
|
|
work-around seccomp filter that makes containers boot even
|
|
|
|
with audit being enabled. This works correctly only on kernels
|
|
|
|
3.14 and newer though. TL;DR: turn audit off, still.
|
2013-05-10 00:14:12 +02:00
|
|
|
|
2015-04-10 19:39:17 +02:00
|
|
|
glibc >= 2.16
|
2011-02-16 19:09:11 +01:00
|
|
|
libcap
|
2014-11-24 05:33:37 +01:00
|
|
|
libmount >= 2.20 (from util-linux)
|
2014-02-12 01:29:54 +01:00
|
|
|
libseccomp >= 1.0.0 (optional)
|
2014-12-13 01:56:56 +01:00
|
|
|
libblkid >= 2.24 (from util-linux) (optional)
|
2013-10-17 19:49:19 +02:00
|
|
|
libkmod >= 15 (optional)
|
2011-02-16 19:09:11 +01:00
|
|
|
PAM >= 1.1.2 (optional)
|
|
|
|
libcryptsetup (optional)
|
|
|
|
libaudit (optional)
|
2011-07-12 13:57:48 +02:00
|
|
|
libacl (optional)
|
2011-02-16 19:09:11 +01:00
|
|
|
libselinux (optional)
|
2011-07-12 13:57:48 +02:00
|
|
|
liblzma (optional)
|
2014-07-08 00:29:19 +02:00
|
|
|
liblz4 >= 119 (optional)
|
2012-09-28 00:46:32 +02:00
|
|
|
libgcrypt (optional)
|
|
|
|
libqrencode (optional)
|
|
|
|
libmicrohttpd (optional)
|
2012-11-22 15:30:50 +01:00
|
|
|
libpython (optional)
|
2014-08-20 00:14:09 +02:00
|
|
|
libidn (optional)
|
2014-06-22 20:52:43 +02:00
|
|
|
gobject-introspection > 1.40.0 (optional)
|
2014-06-23 12:42:17 +02:00
|
|
|
elfutils >= 158 (optional)
|
2012-11-22 15:30:50 +01:00
|
|
|
make, gcc, and similar tools
|
|
|
|
|
2013-10-22 01:50:48 +02:00
|
|
|
During runtime, you need the following additional
|
|
|
|
dependencies:
|
2012-11-22 15:30:50 +01:00
|
|
|
|
2014-10-22 12:37:08 +02:00
|
|
|
util-linux >= v2.25 required
|
2013-11-27 16:50:53 +01:00
|
|
|
dbus >= 1.4.0 (strictly speaking optional, but recommended)
|
2012-11-22 15:30:50 +01:00
|
|
|
dracut (optional)
|
2013-02-13 22:56:43 +01:00
|
|
|
PolicyKit (optional)
|
2011-02-16 19:09:11 +01:00
|
|
|
|
2013-10-22 01:50:48 +02:00
|
|
|
When building from git, you need the following additional
|
|
|
|
dependencies:
|
2011-02-16 19:09:11 +01:00
|
|
|
|
2014-12-22 13:33:19 +01:00
|
|
|
pkg-config
|
2011-02-16 19:09:11 +01:00
|
|
|
docbook-xsl
|
|
|
|
xsltproc
|
|
|
|
automake
|
|
|
|
autoconf
|
|
|
|
libtool
|
2011-07-12 13:57:48 +02:00
|
|
|
intltool
|
2011-08-03 17:09:55 +02:00
|
|
|
gperf
|
2011-07-12 13:57:48 +02:00
|
|
|
gtkdocize (optional)
|
|
|
|
python (optional)
|
2014-02-12 08:58:41 +01:00
|
|
|
python-lxml (optional, but required to build the indices)
|
2013-02-09 21:37:35 +01:00
|
|
|
sphinx (optional)
|
2011-02-23 01:12:07 +01:00
|
|
|
|
2013-10-22 01:50:48 +02:00
|
|
|
When systemd-hostnamed is used, it is strongly recommended to
|
|
|
|
install nss-myhostname to ensure that, in a world of
|
|
|
|
dynamically changing hostnames, the hostname stays resolvable
|
2011-05-17 19:35:56 +02:00
|
|
|
under all circumstances. In fact, systemd-hostnamed will warn
|
2013-01-24 10:31:34 +01:00
|
|
|
if nss-myhostname is not installed.
|
2011-05-17 19:35:56 +02:00
|
|
|
|
2013-02-09 21:37:35 +01:00
|
|
|
To build HTML documentation for python-systemd using sphinx,
|
|
|
|
please first install systemd (using 'make install'), and then
|
|
|
|
invoke sphinx-build with 'make sphinx-<target>', with <target>
|
|
|
|
being 'html' or 'latexpdf'. If using DESTDIR for installation,
|
|
|
|
pass the same DESTDIR to 'make sphinx-html' invocation.
|
|
|
|
|
2013-03-05 18:53:21 +01:00
|
|
|
USERS AND GROUPS:
|
2013-03-05 19:15:31 +01:00
|
|
|
Default udev rules use the following standard system group
|
|
|
|
names, which need to be resolvable by getgrnam() at any time,
|
|
|
|
even in the very early boot stages, where no other databases
|
|
|
|
and network are available:
|
|
|
|
|
2014-06-12 14:59:53 +02:00
|
|
|
audio, cdrom, dialout, disk, input, kmem, lp, tape, tty, video
|
2013-03-05 19:04:48 +01:00
|
|
|
|
2013-10-22 01:50:48 +02:00
|
|
|
During runtime, the journal daemon requires the
|
2013-03-05 19:19:26 +01:00
|
|
|
"systemd-journal" system group to exist. New journal files will
|
2013-10-22 01:50:48 +02:00
|
|
|
be readable by this group (but not writable), which may be used
|
2015-01-18 21:05:40 +01:00
|
|
|
to grant specific users read access. In addition, system
|
|
|
|
groups "wheel" and "adm" will be given read-only access to
|
|
|
|
journal files using systemd-tmpfiles.service.
|
2013-03-05 18:53:21 +01:00
|
|
|
|
2013-03-05 19:15:31 +01:00
|
|
|
The journal gateway daemon requires the
|
2013-03-05 19:19:26 +01:00
|
|
|
"systemd-journal-gateway" system user and group to
|
2013-03-05 19:15:31 +01:00
|
|
|
exist. During execution this network facing service will drop
|
|
|
|
privileges and assume this uid/gid for security reasons.
|
|
|
|
|
2014-06-28 00:48:28 +02:00
|
|
|
Similarly, the NTP daemon requires the "systemd-timesync" system
|
2014-06-04 11:17:32 +02:00
|
|
|
user and group to exist.
|
|
|
|
|
2014-06-28 00:48:28 +02:00
|
|
|
Similarly, the network management daemon requires the
|
2014-06-04 11:17:32 +02:00
|
|
|
"systemd-network" system user and group to exist.
|
|
|
|
|
2014-06-28 00:48:28 +02:00
|
|
|
Similarly, the name resolution daemon requires the
|
2014-06-04 11:17:32 +02:00
|
|
|
"systemd-resolve" system user and group to exist.
|
|
|
|
|
2014-06-28 00:48:28 +02:00
|
|
|
Similarly, the kdbus dbus1 proxy daemon requires the
|
2014-06-04 11:17:32 +02:00
|
|
|
"systemd-bus-proxy" system user and group to exist.
|
2014-06-01 23:01:20 +02:00
|
|
|
|
2014-08-19 21:55:10 +02:00
|
|
|
NSS:
|
|
|
|
systemd ships with three NSS modules:
|
|
|
|
|
|
|
|
nss-myhostname resolves the local hostname to locally
|
|
|
|
configured IP addresses, as well as "localhost" to
|
|
|
|
127.0.0.1/::1.
|
|
|
|
|
|
|
|
nss-resolve enables DNS resolution via the systemd-resolved
|
|
|
|
DNS/LLMNR caching stub resolver "systemd-resolved".
|
|
|
|
|
|
|
|
nss-mymachines enables resolution of all local containers
|
|
|
|
registered with machined to their respective IP addresses.
|
|
|
|
|
|
|
|
To make use of these NSS modules, please add them to the
|
|
|
|
"hosts: " line in /etc/nsswitch.conf. The "resolve" module
|
|
|
|
should replace the glibc "dns" module in this file.
|
|
|
|
|
|
|
|
The three modules should be used in the following order:
|
|
|
|
|
|
|
|
hosts: files mymachines resolve myhostname
|
|
|
|
|
2011-02-23 01:12:07 +01:00
|
|
|
WARNINGS:
|
|
|
|
systemd will warn you during boot if /etc/mtab is not a
|
|
|
|
symlink to /proc/mounts. Please ensure that /etc/mtab is a
|
|
|
|
proper symlink.
|
|
|
|
|
|
|
|
systemd will warn you during boot if /usr is on a different
|
|
|
|
file system than /. While in systemd itself very little will
|
2013-10-22 01:50:48 +02:00
|
|
|
break if /usr is on a separate partition, many of its
|
2011-02-23 01:12:07 +01:00
|
|
|
dependencies very likely will break sooner or later in one
|
2013-10-22 01:50:48 +02:00
|
|
|
form or another. For example, udev rules tend to refer to
|
2011-02-23 01:12:07 +01:00
|
|
|
binaries in /usr, binaries that link to libraries in /usr or
|
|
|
|
binaries that refer to data files in /usr. Since these
|
2013-10-22 01:50:48 +02:00
|
|
|
breakages are not always directly visible, systemd will warn
|
2011-02-23 01:12:07 +01:00
|
|
|
about this, since this kind of file system setup is not really
|
|
|
|
supported anymore by the basic set of Linux OS components.
|
2011-03-01 23:44:26 +01:00
|
|
|
|
2014-02-26 02:54:37 +01:00
|
|
|
systemd requires that the /run mount point exists. systemd also
|
2014-05-08 01:28:45 +02:00
|
|
|
requires that /var/run is a a symlink to /run.
|
2014-02-26 02:54:37 +01:00
|
|
|
|
2011-03-04 05:07:01 +01:00
|
|
|
For more information on this issue consult
|
|
|
|
http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken
|
|
|
|
|
2012-10-12 14:56:19 +02:00
|
|
|
To run systemd under valgrind, compile with VALGRIND defined
|
|
|
|
(e.g. ./configure CPPFLAGS='... -DVALGRIND=1'). Otherwise,
|
|
|
|
false positives will be triggered by code which violates
|
|
|
|
some rules but is actually safe.
|
2014-11-06 15:27:13 +01:00
|
|
|
|
|
|
|
ENGINEERING AND CONSULTING SERVICES:
|
|
|
|
ENDOCODE <https://endocode.com/> offers professional
|
|
|
|
engineering and consulting services for systemd. Please
|
|
|
|
contact Chris Kühl <chris@endocode.com> for more information.
|