2 title: Known Environment Variables
5 SPDX-License-Identifier: LGPL-2.1-or-later
8 # Known Environment Variables
10 A number of systemd components take additional runtime parameters via
11 environment variables. Many of these environment variables are not supported at
12 the same level as command line switches and other interfaces are: we don't
13 document them in the man pages and we make no stability guarantees for
14 them. While they generally are unlikely to be dropped any time soon again, we
15 do not want to guarantee that they stay around for good either.
17 Below is an (incomprehensive) list of the environment variables understood by
18 the various tools. Note that this list only covers environment variables not
19 documented in the proper man pages.
23 * `$SYSTEMD_OFFLINE=[0|1]` — if set to `1`, then `systemctl` will refrain from
24 talking to PID 1; this has the same effect as the historical detection of
25 `chroot()`. Setting this variable to `0` instead has a similar effect as
26 `$SYSTEMD_IGNORE_CHROOT=1`; i.e. tools will try to communicate with PID 1
27 even if a `chroot()` environment is detected. You almost certainly want to
28 set this to `1` if you maintain a package build system or similar and are
29 trying to use a modern container system and not plain `chroot()`.
31 * `$SYSTEMD_IGNORE_CHROOT=1` — if set, don't check whether being invoked in a
32 `chroot()` environment. This is particularly relevant for systemctl, as it
33 will not alter its behaviour for `chroot()` environments if set. Normally it
34 refrains from talking to PID 1 in such a case; turning most operations such
35 as `start` into no-ops. If that's what's explicitly desired, you might
36 consider setting `$SYSTEMD_OFFLINE=1`.
38 * `$SD_EVENT_PROFILE_DELAYS=1` — if set, the sd-event event loop implementation
39 will print latency information at runtime.
41 * `$SYSTEMD_PROC_CMDLINE` — if set, the contents are used as the kernel command
42 line instead of the actual one in `/proc/cmdline`. This is useful for
43 debugging, in order to test generators and other code against specific kernel
46 * `$SYSTEMD_OS_RELEASE` — if set, use this path instead of `/etc/os-release` or
47 `/usr/lib/os-release`. When operating under some root (e.g. `systemctl
48 --root=…`), the path is prefixed with the root. Only useful for debugging.
50 * `$SYSTEMD_FSTAB` — if set, use this path instead of `/etc/fstab`. Only useful
53 * `$SYSTEMD_SYSROOT_FSTAB` — if set, use this path instead of
54 `/sysroot/etc/fstab`. Only useful for debugging `systemd-fstab-generator`.
56 * `$SYSTEMD_SYSFS_CHECK` — takes a boolean. If set, overrides sysfs container
57 detection that ignores `/dev/` entries in fstab. Only useful for debugging
58 `systemd-fstab-generator`.
60 * `$SYSTEMD_CRYPTTAB` — if set, use this path instead of `/etc/crypttab`. Only
61 useful for debugging. Currently only supported by
62 `systemd-cryptsetup-generator`.
64 * `$SYSTEMD_INTEGRITYTAB` — if set, use this path instead of
65 `/etc/integritytab`. Only useful for debugging. Currently only supported by
66 `systemd-integritysetup-generator`.
68 * `$SYSTEMD_VERITYTAB` — if set, use this path instead of
69 `/etc/veritytab`. Only useful for debugging. Currently only supported by
70 `systemd-veritysetup-generator`.
72 * `$SYSTEMD_EFI_OPTIONS` — if set, used instead of the string in the
73 `SystemdOptions` EFI variable. Analogous to `$SYSTEMD_PROC_CMDLINE`.
75 * `$SYSTEMD_DEFAULT_HOSTNAME` — override the compiled-in fallback hostname
76 (relevant in particular for the system manager and `systemd-hostnamed`).
77 Must be a valid hostname (either a single label or a FQDN).
79 * `$SYSTEMD_IN_INITRD` — takes a boolean. If set, overrides initrd detection.
80 This is useful for debugging and testing initrd-only programs in the main
83 * `$SYSTEMD_BUS_TIMEOUT=SECS` — specifies the maximum time to wait for method call
84 completion. If no time unit is specified, assumes seconds. The usual other units
85 are understood, too (us, ms, s, min, h, d, w, month, y). If it is not set or set
86 to 0, then the built-in default is used.
88 * `$SYSTEMD_MEMPOOL=0` — if set, the internal memory caching logic employed by
89 hash tables is turned off, and libc `malloc()` is used for all allocations.
91 * `$SYSTEMD_UTF8=` — takes a boolean value, and overrides whether to generate
92 non-ASCII special glyphs at various places (i.e. "→" instead of
93 "->"). Usually this is deterined automatically, based on $LC_CTYPE, but in
94 scenarios where locale definitions are not installed it might make sense to
95 override this check explicitly.
97 * `$SYSTEMD_EMOJI=0` — if set, tools such as `systemd-analyze security` will
98 not output graphical smiley emojis, but ASCII alternatives instead. Note that
99 this only controls use of Unicode emoji glyphs, and has no effect on other
102 * `$RUNTIME_DIRECTORY` — various tools use this variable to locate the
103 appropriate path under `/run/`. This variable is also set by the manager when
104 `RuntimeDirectory=` is used, see systemd.exec(5).
106 * `$SYSTEMD_CRYPT_PREFIX` — if set configures the hash method prefix to use for
107 UNIX `crypt()` when generating passwords. By default the system's "preferred
108 method" is used, but this can be overridden with this environment variable.
109 Takes a prefix such as `$6$` or `$y$`. (Note that this is only honoured on
110 systems built with libxcrypt and is ignored on systems using glibc's
111 original, internal `crypt()` implementation.)
113 * `$SYSTEMD_SECCOMP=0` — if set, seccomp filters will not be enforced, even if
114 support for it is compiled in and available in the kernel.
116 * `$SYSTEMD_LOG_SECCOMP=1` — if set, system calls blocked by seccomp filtering,
117 for example in `systemd-nspawn`, will be logged to the audit log, if the
118 kernel supports this.
120 * `$SYSTEMD_ENABLE_LOG_CONTEXT` — if set, extra fields will always be logged to
121 the journal instead of only when logging in debug mode.
125 * `$SYSTEMCTL_FORCE_BUS=1` — if set, do not connect to PID 1's private D-Bus
126 listener, and instead always connect through the dbus-daemon D-bus broker.
128 * `$SYSTEMCTL_INSTALL_CLIENT_SIDE=1` — if set, enable or disable unit files on
129 the client side, instead of asking PID 1 to do this.
131 * `$SYSTEMCTL_SKIP_SYSV=1` — if set, do not call SysV compatibility hooks.
135 * `$SYSTEMD_NSPAWN_UNIFIED_HIERARCHY=1` — if set, force `systemd-nspawn` into
136 unified cgroup hierarchy mode.
138 * `$SYSTEMD_NSPAWN_API_VFS_WRITABLE=1` — if set, make `/sys/`, `/proc/sys/`,
139 and friends writable in the container. If set to "network", leave only
140 `/proc/sys/net/` writable.
142 * `$SYSTEMD_NSPAWN_CONTAINER_SERVICE=…` — override the "service" name nspawn
143 uses to register with machined. If unset defaults to "nspawn", but with this
144 variable may be set to any other value.
146 * `$SYSTEMD_NSPAWN_USE_CGNS=0` — if set, do not use cgroup namespacing, even if
149 * `$SYSTEMD_NSPAWN_LOCK=0` — if set, do not lock container images when running.
151 * `$SYSTEMD_NSPAWN_TMPFS_TMP=0` — if set, do not overmount `/tmp/` in the
152 container with a tmpfs, but leave the directory from the image in place.
154 * `$SYSTEMD_SUPPRESS_SYNC=1` — if set, all disk synchronization syscalls are
155 blocked to the container payload (e.g. `sync()`, `fsync()`, `syncfs()`, …)
156 and the `O_SYNC`/`O_DSYNC` flags are made unavailable to `open()` and
157 friends. This is equivalent to passing `--suppress-sync=yes` on the
158 `systemd-nspawn` command line.
162 * `$SYSTEMD_BYPASS_HIBERNATION_MEMORY_CHECK=1` — if set, report that
163 hibernation is available even if the swap devices do not provide enough room
166 * `$SYSTEMD_REBOOT_TO_FIRMWARE_SETUP` — if set, overrides `systemd-logind`'s
167 built-in EFI logic of requesting a reboot into the firmware. Takes a boolean.
168 If set to false, the functionality is turned off entirely. If set to true,
169 instead of requesting a reboot into the firmware setup UI through EFI a file,
170 `/run/systemd/reboot-to-firmware-setup` is created whenever this is
171 requested. This file may be checked for by services run during system
172 shutdown in order to request the appropriate operation from the firmware in
173 an alternative fashion.
175 * `$SYSTEMD_REBOOT_TO_BOOT_LOADER_MENU` — similar to the above, allows
176 overriding of `systemd-logind`'s built-in EFI logic of requesting a reboot
177 into the boot loader menu. Takes a boolean. If set to false, the
178 functionality is turned off entirely. If set to true, instead of requesting a
179 reboot into the boot loader menu through EFI, the file
180 `/run/systemd/reboot-to-boot-loader-menu` is created whenever this is
181 requested. The file contains the requested boot loader menu timeout in µs,
182 formatted in ASCII decimals, or zero in case no timeout is requested. This
183 file may be checked for by services run during system shutdown in order to
184 request the appropriate operation from the boot loader in an alternative
187 * `$SYSTEMD_REBOOT_TO_BOOT_LOADER_ENTRY` — similar to the above, allows
188 overriding of `systemd-logind`'s built-in EFI logic of requesting a reboot
189 into a specific boot loader entry. Takes a boolean. If set to false, the
190 functionality is turned off entirely. If set to true, instead of requesting a
191 reboot into a specific boot loader entry through EFI, the file
192 `/run/systemd/reboot-to-boot-loader-entry` is created whenever this is
193 requested. The file contains the requested boot loader entry identifier. This
194 file may be checked for by services run during system shutdown in order to
195 request the appropriate operation from the boot loader in an alternative
196 fashion. Note that by default only boot loader entries which follow the
197 [Boot Loader Specification](https://uapi-group.org/specifications/specs/boot_loader_specification)
198 and are placed in the ESP or the Extended Boot Loader partition may be
199 selected this way. However, if a directory `/run/boot-loader-entries/`
200 exists, the entries are loaded from there instead. The directory should
201 contain the usual directory hierarchy mandated by the Boot Loader
202 Specification, i.e. the entry drop-ins should be placed in
203 `/run/boot-loader-entries/loader/entries/*.conf`, and the files referenced by
204 the drop-ins (including the kernels and initrds) somewhere else below
205 `/run/boot-loader-entries/`. Note that all these files may be (and are
206 supposed to be) symlinks. `systemd-logind` will load these files on-demand,
207 these files can hence be updated (ideally atomically) whenever the boot
208 loader configuration changes. A foreign boot loader installer script should
209 hence synthesize drop-in snippets and symlinks for all boot entries at boot
210 or whenever they change if it wants to integrate with `systemd-logind`'s
213 `systemd-udevd` and sd-device library:
215 * `$NET_NAMING_SCHEME=` — if set, takes a network naming scheme (i.e. one of
216 "v238", "v239", "v240"…, or the special value "latest") as parameter. If
217 specified udev's `net_id` builtin will follow the specified naming scheme
218 when determining stable network interface names. This may be used to revert
219 to naming schemes of older udev versions, in order to provide more stable
220 naming across updates. This environment variable takes precedence over the
221 kernel command line option `net.naming-scheme=`, except if the value is
222 prefixed with `:` in which case the kernel command line option takes
223 precedence, if it is specified as well.
225 * `$SYSTEMD_DEVICE_VERIFY_SYSFS` — if set to "0", disables verification that
226 devices sysfs path are actually backed by sysfs. Relaxing this verification
227 is useful for testing purposes.
231 * `$SYSTEMD_NSS_BYPASS_SYNTHETIC=1` — if set, `nss-systemd` won't synthesize
232 user/group records for the `root` and `nobody` users if they are missing from
235 * `$SYSTEMD_NSS_DYNAMIC_BYPASS=1` — if set, `nss-systemd` won't return
236 user/group records for dynamically registered service users (i.e. users
237 registered through `DynamicUser=1`).
241 * `$SYSTEMD_TIMEDATED_NTP_SERVICES=…` — colon-separated list of unit names of
242 NTP client services. If set, `timedatectl set-ntp on` enables and starts the
243 first existing unit listed in the environment variable, and
244 `timedatectl set-ntp off` disables and stops all listed units.
246 `systemd-sulogin-shell`:
248 * `$SYSTEMD_SULOGIN_FORCE=1` — This skips asking for the root password if the
249 root password is not available (such as when the root account is locked).
250 See `sulogin(8)` for more details.
252 `bootctl` and other tools that access the EFI System Partition (ESP):
254 * `$SYSTEMD_RELAX_ESP_CHECKS=1` — if set, the ESP validation checks are
255 relaxed. Specifically, validation checks that ensure the specified ESP path
256 is a FAT file system are turned off, as are checks that the path is located
257 on a GPT partition with the correct type UUID.
259 * `$SYSTEMD_ESP_PATH=…` — override the path to the EFI System Partition. This
260 may be used to override ESP path auto detection, and redirect any accesses to
261 the ESP to the specified directory. Note that unlike with `bootctl`'s
262 `--path=` switch only very superficial validation of the specified path is
263 done when this environment variable is used.
265 * `$KERNEL_INSTALL_CONF_ROOT=…` — override the built in default configuration
266 directory /etc/kernel/ to read files like entry-token and install.conf from.
270 * `$SYSTEMD_ACTIVATION_UNIT` — set for all NSS and PAM module invocations that
271 are done by the service manager on behalf of a specific unit, in child
272 processes that are later (after execve()) going to become unit
273 processes. Contains the full unit name (e.g. "foobar.service"). NSS and PAM
274 modules can use this information to determine in which context and on whose
275 behalf they are being called, which may be useful to avoid deadlocks, for
276 example to bypass IPC calls to the very service that is about to be
277 started. Note that NSS and PAM modules should be careful to only rely on this
278 data when invoked privileged, or possibly only when getppid() returns 1, as
279 setting environment variables is of course possible in any even unprivileged
282 * `$SYSTEMD_ACTIVATION_SCOPE` — closely related to `$SYSTEMD_ACTIVATION_UNIT`,
283 it is either set to `system` or `user` depending on whether the NSS/PAM
284 module is called by systemd in `--system` or `--user` mode.
286 * `$SYSTEMD_SUPPORT_DEVICE`, `$SYSTEMD_SUPPORT_MOUNT`, `$SYSTEMD_SUPPORT_SWAP` -
287 can be set to `0` to mark respective unit type as unsupported. Generally,
288 having less units saves system resources so these options might be useful
289 for cases where we don't need to track given unit type, e.g. `--user` manager
290 often doesn't need to deal with device or swap units because they are
291 handled by the `--system` manager (PID 1). Note that setting certain unit
292 type as unsupported may not prevent loading some units of that type if they
293 are referenced by other units of another supported type.
295 * `$SYSTEMD_DEFAULT_MOUNT_RATE_LIMIT_BURST` — can be set to override the mount
296 units burst rate limit for parsing `/proc/self/mountinfo`. On a system with
297 few resources but many mounts the rate limit may be hit, which will cause the
298 processing of mount units to stall. The burst limit may be adjusted when the
299 default is not appropriate for a given system. Defaults to `5`, accepts
302 `systemd-remount-fs`:
304 * `$SYSTEMD_REMOUNT_ROOT_RW=1` — if set and no entry for the root directory
305 exists in `/etc/fstab` (this file always takes precedence), then the root
306 directory is remounted writable. This is primarily used by
307 `systemd-gpt-auto-generator` to ensure the root partition is mounted writable
308 in accordance to the GPT partition flags.
310 `systemd-firstboot` and `localectl`:
312 * `$SYSTEMD_LIST_NON_UTF8_LOCALES=1` — if set, non-UTF-8 locales are listed among
313 the installed ones. By default non-UTF-8 locales are suppressed from the
314 selection, since we are living in the 21st century.
318 * `$SYSTEMD_RESOLVED_SYNTHESIZE_HOSTNAME` — if set to "0", `systemd-resolved`
319 won't synthesize system hostname on both regular and reverse lookups.
323 * `$SYSTEMD_SYSEXT_HIERARCHIES` — this variable may be used to override which
324 hierarchies are managed by `systemd-sysext`. By default only `/usr/` and
325 `/opt/` are managed, and directories may be added or removed to that list by
326 setting this environment variable to a colon-separated list of absolute
327 paths. Only "real" file systems and directories that only contain "real" file
328 systems as submounts should be used. Do not specify API file systems such as
329 `/proc/` or `/sys/` here, or hierarchies that have them as submounts. In
330 particular, do not specify the root directory `/` here. Similarly,
331 `$SYSTEMD_CONFEXT_HIERARCHIES` works for confext images and supports the
332 systemd-confext multi-call functionality of sysext.
336 * `$SYSTEMD_TMPFILES_FORCE_SUBVOL` — if unset, `v`/`q`/`Q` lines will create
337 subvolumes only if the OS itself is installed into a subvolume. If set to `1`
338 (or another value interpreted as true), these lines will always create
339 subvolumes if the backing filesystem supports them. If set to `0`, these
340 lines will always create directories.
344 * `SOURCE_DATE_EPOCH` — if unset, the field of the date of last password change
345 in `/etc/shadow` will be the number of days from Jan 1, 1970 00:00 UTC until
346 today. If SOURCE_DATE_EPOCH is set to a valid UNIX epoch value in seconds,
347 then the field will be the number of days until that time instead. This is to
348 support creating bit-by-bit reproducible system images by choosing a
349 reproducible value for the field of the date of last password change in
350 `/etc/shadow`. See: https://reproducible-builds.org/specs/source-date-epoch/
352 `systemd-sysv-generator`:
354 * `$SYSTEMD_SYSVINIT_PATH` — Controls where `systemd-sysv-generator` looks for
357 * `$SYSTEMD_SYSVRCND_PATH` — Controls where `systemd-sysv-generator` looks for
358 SysV init script runlevel link farms.
362 * `$SYSTEMD_TEST_DATA` — override the location of test data. This is useful if
363 a test executable is moved to an arbitrary location.
365 * `$SYSTEMD_TEST_NSS_BUFSIZE` — size of scratch buffers for "reentrant"
366 functions exported by the nss modules.
370 * `$SYSTEMD_FUZZ_OUTPUT` — A boolean that specifies whether to write output to
371 stdout. Setting to true is useful in manual invocations, since all output is
372 suppressed by default.
374 * `$SYSTEMD_FUZZ_RUNS` — The number of times execution should be repeated in
377 Note that it may be also useful to set `$SYSTEMD_LOG_LEVEL`, since all logging
378 is suppressed by default.
382 * `$SYSTEMD_IMPORT_BTRFS_SUBVOL` — takes a boolean, which controls whether to
383 prefer creating btrfs subvolumes over plain directories for machine
384 images. Has no effect on non-btrfs file systems where subvolumes are not
385 available anyway. If not set, defaults to true.
387 * `$SYSTEMD_IMPORT_BTRFS_QUOTA` — takes a boolean, which controls whether to set
388 up quota automatically for created btrfs subvolumes for machine images. If
389 not set, defaults to true. Has no effect if machines are placed in regular
390 directories, because btrfs subvolumes are not supported or disabled. If
391 enabled, the quota group of the subvolume is automatically added to a
392 combined quota group for all such machine subvolumes.
394 * `$SYSTEMD_IMPORT_SYNC` — takes a boolean, which controls whether to
395 synchronize images to disk after installing them, before completing the
396 operation. If not set, defaults to true. If disabled installation of images
397 will be quicker, but not as safe.
399 `systemd-dissect`, `systemd-nspawn` and all other tools that may operate on
400 disk images with `--image=` or similar:
402 * `$SYSTEMD_DISSECT_VERITY_SIDECAR` — takes a boolean, which controls whether to
403 load "sidecar" Verity metadata files. If enabled (which is the default),
404 whenever a disk image is used, a set of files with the `.roothash`,
405 `.usrhash`, `.roothash.p7s`, `.usrhash.p7s`, `.verity` suffixes are searched
406 adjacent to disk image file, containing the Verity root hashes, their
407 signatures or the Verity data itself. If disabled this automatic discovery of
408 Verity metadata files is turned off.
410 * `$SYSTEMD_DISSECT_VERITY_EMBEDDED` — takes a boolean, which controls whether
411 to load the embedded Verity signature data. If enabled (which is the
412 default), Verity root hash information and a suitable signature is
413 automatically acquired from a signature partition, following the
414 [Discoverable Partitions Specification](https://uapi-group.org/specifications/specs/discoverable_partitions_specification).
415 If disabled any such partition is ignored. Note that this only disables
416 discovery of the root hash and its signature, the Verity data partition
417 itself is still searched in the GPT image.
419 * `$SYSTEMD_DISSECT_VERITY_SIGNATURE` — takes a boolean, which controls whether
420 to validate the signature of the Verity root hash if available. If enabled
421 (which is the default), the signature of suitable disk images is validated
422 against any of the certificates in `/etc/verity.d/*.crt` (and similar
423 directories in `/usr/lib/`, `/run`, …) or passed to the kernel for validation
424 against its built-in certificates.
426 * `$SYSTEMD_DISSECT_VERITY_TIMEOUT_SEC=sec` — takes a timespan, which controls
427 the timeout waiting for the image to be configured. Defaults to 100 msec.
429 * `$SYSTEMD_DISSECT_FILE_SYSTEMS=` — takes a colon-separated list of file
430 systems that may be mounted for automatically dissected disk images. If not
431 specified defaults to something like: `ext4:btrfs:xfs:vfat:erofs:squashfs`
433 * `$SYSTEMD_LOOP_DIRECT_IO` – takes a boolean, which controls whether to enable
434 LO_FLAGS_DIRECT_IO (i.e. direct IO + asynchronous IO) on loopback block
435 devices when opening them. Defaults to on, set this to "0" to disable this
438 `systemd-cryptsetup`:
440 * `$SYSTEMD_CRYPTSETUP_USE_TOKEN_MODULE` – takes a boolean, which controls
441 whether to use the libcryptsetup "token" plugin module logic even when
442 activating via FIDO2, PKCS#11, TPM2, i.e. mechanisms natively supported by
443 `systemd-cryptsetup`. Defaults to enabled.
445 Various tools that read passwords from the TTY, such as `systemd-cryptenroll`
448 * `$PASSWORD` — takes a string: the literal password to use. If this
449 environment variable is set it is used as password instead of prompting the
450 user interactively. This exists primarily for debugging and testing
451 purposes. Do not use this for production code paths, since environment
452 variables are typically inherited down the process tree without restrictions
453 and should thus not be used for secrets.
455 * `$NEWPASSWORD` — similar to `$PASSWORD` above, but is used when both a
456 current and a future password are required, for example if the password is to
457 be changed. In that case `$PASSWORD` shall carry the current (i.e. old)
458 password and `$NEWPASSWORD` the new.
462 * `$SYSTEMD_HOME_ROOT` – defines an absolute path where to look for home
463 directories/images. When unspecified defaults to `/home/`. This is useful for
464 debugging purposes in order to run a secondary `systemd-homed` instance that
465 operates on a different directory where home directories/images are placed.
467 * `$SYSTEMD_HOME_RECORD_DIR` – defines an absolute path where to look for
468 fixated home records kept on the host. When unspecified defaults to
469 `/var/lib/systemd/home/`. Similar to `$SYSTEMD_HOME_ROOT` this is useful for
470 debugging purposes, in order to run a secondary `systemd-homed` instance that
471 operates on a record database entirely separate from the host's.
473 * `$SYSTEMD_HOME_DEBUG_SUFFIX` – takes a short string that is suffixed to
474 `systemd-homed`'s D-Bus and Varlink service names/sockets. This is also
475 understood by `homectl`. This too is useful for running an additional copy of
476 `systemd-homed` that doesn't interfere with the host's main one.
478 * `$SYSTEMD_HOMEWORK_PATH` – configures the path to the `systemd-homework`
479 binary to invoke. If not specified defaults to
480 `/usr/lib/systemd/systemd-homework`.
482 Combining these four environment variables is pretty useful when
483 debugging/developing `systemd-homed`:
485 SYSTEMD_HOME_DEBUG_SUFFIX=foo \
486 SYSTEMD_HOMEWORK_PATH=/home/lennart/projects/systemd/build/systemd-homework \
487 SYSTEMD_HOME_ROOT=/home.foo/ \
488 SYSTEMD_HOME_RECORD_DIR=/var/lib/systemd/home.foo/ \
489 /home/lennart/projects/systemd/build/systemd-homed
492 * `$SYSTEMD_HOME_MOUNT_OPTIONS_BTRFS`, `$SYSTEMD_HOME_MOUNT_OPTIONS_EXT4`,
493 `$SYSTEMD_HOME_MOUNT_OPTIONS_XFS` – configure the default mount options to
494 use for LUKS home directories, overriding the built-in default mount
495 options. There's one variable for each of the supported file systems for the
496 LUKS home directory backend.
498 * `$SYSTEMD_HOME_MKFS_OPTIONS_BTRFS`, `$SYSTEMD_HOME_MKFS_OPTIONS_EXT4`,
499 `$SYSTEMD_HOME_MKFS_OPTIONS_XFS` – configure additional arguments to use for
500 `mkfs` when formatting LUKS home directories. There's one variable for each
501 of the supported file systems for the LUKS home directory backend.
505 * `$KERNEL_INSTALL_BYPASS` – If set to "1", execution of kernel-install is skipped
506 when kernel-install is invoked. This can be useful if kernel-install is invoked
507 unconditionally as a child process by another tool, such as package managers
508 running kernel-install in a postinstall script.
512 * `$SYSTEMD_JOURNAL_COMPACT` – Takes a boolean. If enabled, journal files are written
513 in a more compact format that reduces the amount of disk space required by the
514 journal. Note that journal files in compact mode are limited to 4G to allow use of
515 32-bit offsets. Enabled by default.
517 * `$SYSTEMD_JOURNAL_COMPRESS` – Takes a boolean, or one of the compression
518 algorithms "XZ", "LZ4", and "ZSTD". If enabled, the default compression
519 algorithm set at compile time will be used when opening a new journal file.
520 If disabled, the journal file compression will be disabled. Note that the
521 compression mode of existing journal files are not changed. To make the
522 specified algorithm takes an effect immediately, you need to explicitly run
523 `journalctl --rotate`.
525 `systemd-pcrphase`, `systemd-cryptsetup`:
527 * `$SYSTEMD_FORCE_MEASURE=1` — If set, force measuring of resources (which are
528 marked for measurement) even if not booted on a kernel equipped with
529 systemd-stub. Normally, requested measurement of resources is conditionalized
530 on kernels that have booted with `systemd-stub`. With this environment
531 variable the test for that my be bypassed, for testing purposes.
535 * `$SYSTEMD_REPART_MKFS_OPTIONS_<FSTYPE>` – configure additional arguments to use for
536 `mkfs` when formatting partition file systems. There's one variable for each
537 of the supported file systems.