proxmox-mirrors/systemd
1
0
Fork 0
mirror of https://git.proxmox.com/git/systemd synced 2025-06-03 19:11:37 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
e735f4d4ea
systemd/man/systemd-user.conf.html
Martin Pitt e735f4d4ea Imported Upstream version 219
2015-02-17 11:22:16 +01:00

203 lines
21 KiB
HTML
Raw Blame History

<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>systemd-system.conf</title><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><style>
a.headerlink {
color: #c60f0f;
font-size: 0.8em;
padding: 0 4px 0 4px;
text-decoration: none;
visibility: hidden;
}
a.headerlink:hover {
background-color: #c60f0f;
color: white;
}
h1:hover > a.headerlink, h2:hover > a.headerlink, h3:hover > a.headerlink, dt:hover > a.headerlink {
visibility: visible;
}
</style><a href="index.html">Index </a>·
<a href="systemd.directives.html">Directives </a>·
<a href="../python-systemd/index.html">Python </a>·
<a href="../libudev/index.html">libudev </a>·
<a href="../libudev/index.html">gudev </a><span style="float:right">systemd 219</span><hr><div class="refentry"><a name="systemd-system.conf"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>systemd-system.conf, system.conf.d, systemd-user.conf, user.conf.d — System and session service manager configuration files</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><p><code class="filename">/etc/systemd/system.conf</code></p><p><code class="filename">/etc/systemd/system.conf.d/*.conf</code></p><p><code class="filename">/run/systemd/system.conf.d/*.conf</code></p><p><code class="filename">/usr/lib/systemd/system.conf.d/*.conf</code></p><p><code class="filename">/etc/systemd/user.conf</code></p><p><code class="filename">/etc/systemd/user.conf.d/*.conf</code></p><p><code class="filename">/run/systemd/user.conf.d/*.conf</code></p><p><code class="filename">/usr/lib/systemd/user.conf.d/*.conf</code></p></div><div class="refsect1"><a name="idm140311371378672"></a><h2 id="Description">Description<a class="headerlink" title="Permalink to this headline" href="#Description"></a></h2><p>When run as a system instance, systemd interprets the
configuration file <code class="filename">system.conf</code> and the files
in <code class="filename">system.conf.d</code> directories; when run as a
user instance, systemd interprets the configuration file
<code class="filename">user.conf</code> and the files in
<code class="filename">user.conf.d</code> directories. These configuration
files contain a few settings controlling basic manager
operations.</p></div><div class="refsection"><a name="confd"></a><h2>Configuration Directories and Precedence</h2><p>Configuration files are read from directories in
<code class="filename">/etc/</code>, <code class="filename">/run/</code>, and
<code class="filename">/usr/lib/</code>, in order of precedence.
Each configuration file in these configuration directories shall be named in
the style of <code class="filename"><em class="replaceable"><code>filename</code></em>.conf</code>.
Files in <code class="filename">/etc/</code> override files with the same name in
<code class="filename">/run/</code> and <code class="filename">/usr/lib/</code>. Files in
<code class="filename">/run/</code> override files with the same name in
<code class="filename">/usr/lib/</code>.</p><p>Packages should install their configuration files in
<code class="filename">/usr/lib/</code>. Files in <code class="filename">/etc/</code> are
reserved for the local administrator, who may use this logic to override the
configuration files installed by vendor packages. All configuration files
are sorted by their filename in lexicographic order, regardless of which of
the directories they reside in. If multiple files specify the same option,
the entry in the file with the lexicographically latest name will take
precedence. It is recommended to prefix all filenames with a two-digit number
and a dash, to simplify the ordering of the files.</p><p>If the administrator wants to disable a configuration file supplied by
the vendor, the recommended way is to place a symlink to
<code class="filename">/dev/null</code> in the configuration directory in
<code class="filename">/etc/</code>, with the same filename as the vendor
configuration file.</p></div><div class="refsection"><a name="conf"></a><h2>Configuration File</h2><p>Configuration is also read from a single configuration file in
<code class="filename">/etc/</code>. This file is read before any of the
configuration directories, and has the lowest precedence; entries in a file
in any configuration directory override entries in the single configuration
file.</p></div><div class="refsect1"><a name="idm140311371372688"></a><h2 id="Options">Options<a class="headerlink" title="Permalink to this headline" href="#Options"></a></h2><p>All options are configured in the
"<code class="literal">[Manager]</code>" section:</p><div class="variablelist"><dl class="variablelist"><dt id="LogLevel="><span class="term"><code class="varname">LogLevel=</code>, </span><span class="term"><code class="varname">LogTarget=</code>, </span><span class="term"><code class="varname">LogColor=</code>, </span><span class="term"><code class="varname">LogLocation=</code>, </span><span class="term"><code class="varname">DumpCore=yes</code>, </span><span class="term"><code class="varname">CrashShell=no</code>, </span><span class="term"><code class="varname">ShowStatus=yes</code>, </span><span class="term"><code class="varname">CrashChVT=1</code>, </span><span class="term"><code class="varname">DefaultStandardOutput=journal</code>, </span><span class="term"><code class="varname">DefaultStandardError=inherit</code></span><a class="headerlink" title="Permalink to this term" href="#LogLevel="></a></dt><dd><p>Configures various parameters of basic manager
operation. These options may be overridden by the respective
command line arguments. See
<a href="systemd.html"><span class="citerefentry"><span class="refentrytitle">systemd</span>(1)</span></a>
for details about these command line
arguments.</p></dd><dt id="CPUAffinity="><span class="term"><code class="varname">CPUAffinity=</code></span><a class="headerlink" title="Permalink to this term" href="#CPUAffinity="></a></dt><dd><p>Configures the initial CPU affinity for the
init process. Takes a space-separated list of CPU
indices.</p></dd><dt id="JoinControllers=cpu,cpuacct net_cls,netprio"><span class="term"><code class="varname">JoinControllers=cpu,cpuacct net_cls,netprio</code></span><a class="headerlink" title="Permalink to this term" href="#JoinControllers=cpu,cpuacct%20net_cls,netprio"></a></dt><dd><p>Configures controllers that shall be mounted
in a single hierarchy. By default, systemd will mount all
controllers which are enabled in the kernel in individual
hierarchies, with the exception of those listed in this
setting. Takes a space-separated list of comma-separated
controller names, in order to allow multiple joined
hierarchies. Defaults to 'cpu,cpuacct'. Pass an empty string
to ensure that systemd mounts all controllers in separate
hierarchies.</p><p>Note that this option is only applied once, at very
early boot. If you use an initial RAM disk (initrd) that uses
systemd, it might hence be necessary to rebuild the initrd if
this option is changed, and make sure the new configuration
file is included in it. Otherwise, the initrd might mount the
controller hierarchies in a different configuration than
intended, and the main system cannot remount them
anymore.</p></dd><dt id="RuntimeWatchdogSec="><span class="term"><code class="varname">RuntimeWatchdogSec=</code>, </span><span class="term"><code class="varname">ShutdownWatchdogSec=</code></span><a class="headerlink" title="Permalink to this term" href="#RuntimeWatchdogSec="></a></dt><dd><p>Configure the hardware watchdog at runtime and
at reboot. Takes a timeout value in seconds (or in other time
units if suffixed with "<code class="literal">ms</code>",
"<code class="literal">min</code>", "<code class="literal">h</code>",
"<code class="literal">d</code>", "<code class="literal">w</code>"). If
<code class="varname">RuntimeWatchdogSec=</code> is set to a non-zero
value, the watchdog hardware
(<code class="filename">/dev/watchdog</code>) will be programmed to
automatically reboot the system if it is not contacted within
the specified timeout interval. The system manager will ensure
to contact it at least once in half the specified timeout
interval. This feature requires a hardware watchdog device to
be present, as it is commonly the case in embedded and server
systems. Not all hardware watchdogs allow configuration of the
reboot timeout, in which case the closest available timeout is
picked. <code class="varname">ShutdownWatchdogSec=</code> may be used to
configure the hardware watchdog when the system is asked to
reboot. It works as a safety net to ensure that the reboot
takes place even if a clean reboot attempt times out. By
default <code class="varname">RuntimeWatchdogSec=</code> defaults to 0
(off), and <code class="varname">ShutdownWatchdogSec=</code> to 10min.
These settings have no effect if a hardware watchdog is not
available.</p></dd><dt id="CapabilityBoundingSet="><span class="term"><code class="varname">CapabilityBoundingSet=</code></span><a class="headerlink" title="Permalink to this term" href="#CapabilityBoundingSet="></a></dt><dd><p>Controls which capabilities to include in the
capability bounding set for PID 1 and its children. See
<a href="http://man7.org/linux/man-pages/man7/capabilities.7.html"><span class="citerefentry"><span class="refentrytitle">capabilities</span>(7)</span></a>
for details. Takes a whitespace-separated list of capability
names as read by
<a href="cap_from_name.html"><span class="citerefentry"><span class="refentrytitle">cap_from_name</span>(3)</span></a>.
Capabilities listed will be included in the bounding set, all
others are removed. If the list of capabilities is prefixed
with ~, all but the listed capabilities will be included, the
effect of the assignment inverted. Note that this option also
affects the respective capabilities in the effective,
permitted and inheritable capability sets. The capability
bounding set may also be individually configured for units
using the <code class="varname">CapabilityBoundingSet=</code> directive
for units, but note that capabilities dropped for PID 1 cannot
be regained in individual units, they are lost for
good.</p></dd><dt id="SystemCallArchitectures="><span class="term"><code class="varname">SystemCallArchitectures=</code></span><a class="headerlink" title="Permalink to this term" href="#SystemCallArchitectures="></a></dt><dd><p>Takes a space-separated list of architecture
identifiers. Selects from which architectures system calls may
be invoked on this system. This may be used as an effective
way to disable invocation of non-native binaries system-wide,
for example to prohibit execution of 32-bit x86 binaries on
64-bit x86-64 systems. This option operates system-wide, and
acts similar to the
<code class="varname">SystemCallArchitectures=</code> setting of unit
files, see
<a href="systemd.exec.html"><span class="citerefentry"><span class="refentrytitle">systemd.exec</span>(5)</span></a>
for details. This setting defaults to the empty list, in which
case no filtering of system calls based on architecture is
applied. Known architecture identifiers are
"<code class="literal">x86</code>", "<code class="literal">x86-64</code>",
"<code class="literal">x32</code>", "<code class="literal">arm</code>" and the special
identifier "<code class="literal">native</code>". The latter implicitly
maps to the native architecture of the system (or more
specifically, the architecture the system manager was compiled
for). Set this setting to "<code class="literal">native</code>" to
prohibit execution of any non-native binaries. When a binary
executes a system call of an architecture that is not listed
in this setting, it will be immediately terminated with the
SIGSYS signal.</p></dd><dt id="TimerSlackNSec="><span class="term"><code class="varname">TimerSlackNSec=</code></span><a class="headerlink" title="Permalink to this term" href="#TimerSlackNSec="></a></dt><dd><p>Sets the timer slack in nanoseconds for PID 1,
which is inherited by all executed processes, unless
overridden individually, for example with the
<code class="varname">TimerSlackNSec=</code> setting in service units
(for details see
<a href="systemd.exec.html"><span class="citerefentry"><span class="refentrytitle">systemd.exec</span>(5)</span></a>).
The timer slack controls the accuracy of wake-ups triggered by
system timers. See
<a href="http://man7.org/linux/man-pages/man2/prctl.2.html"><span class="citerefentry"><span class="refentrytitle">prctl</span>(2)</span></a>
for more information. Note that in contrast to most other time
span definitions this parameter takes an integer value in
nano-seconds if no unit is specified. The usual time units are
understood too.</p></dd><dt id="DefaultTimerAccuracySec="><span class="term"><code class="varname">DefaultTimerAccuracySec=</code></span><a class="headerlink" title="Permalink to this term" href="#DefaultTimerAccuracySec="></a></dt><dd><p>Sets the default accuracy of timer units. This
controls the global default for the
<code class="varname">AccuracySec=</code> setting of timer units, see
<a href="systemd.timer.html"><span class="citerefentry"><span class="refentrytitle">systemd.timer</span>(5)</span></a>
for details. <code class="varname">AccuracySec=</code> set in individual
units override the global default for the specific unit.
Defaults to 1min. Note that the accuracy of timer units is
also affected by the configured timer slack for PID 1, see
<code class="varname">TimerSlackNSec=</code> above.</p></dd><dt id="DefaultTimeoutStartSec="><span class="term"><code class="varname">DefaultTimeoutStartSec=</code>, </span><span class="term"><code class="varname">DefaultTimeoutStopSec=</code>, </span><span class="term"><code class="varname">DefaultRestartSec=</code></span><a class="headerlink" title="Permalink to this term" href="#DefaultTimeoutStartSec="></a></dt><dd><p>Configures the default timeouts for starting
and stopping of units, as well as the default time to sleep
between automatic restarts of units, as configured per-unit in
<code class="varname">TimeoutStartSec=</code>,
<code class="varname">TimeoutStopSec=</code> and
<code class="varname">RestartSec=</code> (for services, see
<a href="systemd.service.html"><span class="citerefentry"><span class="refentrytitle">systemd.service</span>(5)</span></a>
for details on the per-unit settings). For non-service units,
<code class="varname">DefaultTimeoutStartSec=</code> sets the default
<code class="varname">TimeoutSec=</code> value. </p></dd><dt id="DefaultStartLimitInterval="><span class="term"><code class="varname">DefaultStartLimitInterval=</code>, </span><span class="term"><code class="varname">DefaultStartLimitBurst=</code></span><a class="headerlink" title="Permalink to this term" href="#DefaultStartLimitInterval="></a></dt><dd><p>Configure the default unit start rate
limiting, as configured per-service by
<code class="varname">StartLimitInterval=</code> and
<code class="varname">StartLimitBurst=</code>. See
<a href="systemd.service.html"><span class="citerefentry"><span class="refentrytitle">systemd.service</span>(5)</span></a>
for details on the per-service settings.</p></dd><dt id="DefaultEnvironment="><span class="term"><code class="varname">DefaultEnvironment=</code></span><a class="headerlink" title="Permalink to this term" href="#DefaultEnvironment="></a></dt><dd><p>Sets manager environment variables passed to
all executed processes. Takes a space-separated list of
variable assignments. See
<a href="http://man7.org/linux/man-pages/man7/environ.7.html"><span class="citerefentry"><span class="refentrytitle">environ</span>(7)</span></a>
for details about environment variables.</p><p>Example:
</p><pre class="programlisting">DefaultEnvironment="VAR1=word1 word2" VAR2=word3 "VAR3=word 5 6"</pre><p>
Sets three variables
"<code class="literal">VAR1</code>",
"<code class="literal">VAR2</code>",
"<code class="literal">VAR3</code>".</p></dd><dt id="DefaultCPUAccounting="><span class="term"><code class="varname">DefaultCPUAccounting=</code>, </span><span class="term"><code class="varname">DefaultBlockIOAccounting=</code>, </span><span class="term"><code class="varname">DefaultMemoryAccounting=</code></span><a class="headerlink" title="Permalink to this term" href="#DefaultCPUAccounting="></a></dt><dd><p>Configure the default resource accounting
settings, as configured per-unit by
<code class="varname">CPUAccounting=</code>,
<code class="varname">BlockIOAccounting=</code> and
<code class="varname">MemoryAccounting=</code>. See
<a href="systemd.resource-control.html"><span class="citerefentry"><span class="refentrytitle">systemd.resource-control</span>(5)</span></a>
for details on the per-unit settings.</p></dd><dt id="DefaultLimitCPU="><span class="term"><code class="varname">DefaultLimitCPU=</code>, </span><span class="term"><code class="varname">DefaultLimitFSIZE=</code>, </span><span class="term"><code class="varname">DefaultLimitDATA=</code>, </span><span class="term"><code class="varname">DefaultLimitSTACK=</code>, </span><span class="term"><code class="varname">DefaultLimitCORE=</code>, </span><span class="term"><code class="varname">DefaultLimitRSS=</code>, </span><span class="term"><code class="varname">DefaultLimitNOFILE=</code>, </span><span class="term"><code class="varname">DefaultLimitAS=</code>, </span><span class="term"><code class="varname">DefaultLimitNPROC=</code>, </span><span class="term"><code class="varname">DefaultLimitMEMLOCK=</code>, </span><span class="term"><code class="varname">DefaultLimitLOCKS=</code>, </span><span class="term"><code class="varname">DefaultLimitSIGPENDING=</code>, </span><span class="term"><code class="varname">DefaultLimitMSGQUEUE=</code>, </span><span class="term"><code class="varname">DefaultLimitNICE=</code>, </span><span class="term"><code class="varname">DefaultLimitRTPRIO=</code>, </span><span class="term"><code class="varname">DefaultLimitRTTIME=</code></span><a class="headerlink" title="Permalink to this term" href="#DefaultLimitCPU="></a></dt><dd><p>These settings control various default
resource limits for units. See
<a href="http://man7.org/linux/man-pages/man2/setrlimit.2.html"><span class="citerefentry"><span class="refentrytitle">setrlimit</span>(2)</span></a>
for details. Use the string <code class="varname">infinity</code> to
configure no limit on a specific resource. These settings may
be overridden in individual units using the corresponding
LimitXXX= directives. Note that these resource limits are only
defaults for units, they are not applied to PID 1
itself.</p></dd></dl></div></div><div class="refsect1"><a name="idm140311370277552"></a><h2 id="See Also">See Also<a class="headerlink" title="Permalink to this headline" href="#See%20Also"></a></h2><p>
<a href="systemd.html"><span class="citerefentry"><span class="refentrytitle">systemd</span>(1)</span></a>,
<a href="systemd.directives.html"><span class="citerefentry"><span class="refentrytitle">systemd.directives</span>(7)</span></a>,
<a href="systemd.exec.html"><span class="citerefentry"><span class="refentrytitle">systemd.exec</span>(5)</span></a>,
<a href="systemd.service.html"><span class="citerefentry"><span class="refentrytitle">systemd.service</span>(5)</span></a>,
<a href="http://man7.org/linux/man-pages/man7/environ.7.html"><span class="citerefentry"><span class="refentrytitle">environ</span>(7)</span></a>,
<a href="http://man7.org/linux/man-pages/man7/capabilities.7.html"><span class="citerefentry"><span class="refentrytitle">capabilities</span>(7)</span></a>
</p></div></div></body></html>
Reference in New Issue View Git Blame Copy Permalink