]>
Commit | Line | Data |
---|---|---|
d1ab0ca0 | 1 | <?xml version='1.0'?> <!--*-nxml-*--> |
d1ab0ca0 | 2 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" |
12b42c76 | 3 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> |
d1ab0ca0 LP |
4 | |
5 | <!-- | |
6 | This file is part of systemd. | |
7 | ||
8 | Copyright 2010 Lennart Poettering | |
9 | ||
10 | systemd is free software; you can redistribute it and/or modify it | |
5430f7f2 LP |
11 | under the terms of the GNU Lesser General Public License as published by |
12 | the Free Software Foundation; either version 2.1 of the License, or | |
d1ab0ca0 LP |
13 | (at your option) any later version. |
14 | ||
15 | systemd is distributed in the hope that it will be useful, but | |
16 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
17 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
5430f7f2 | 18 | Lesser General Public License for more details. |
d1ab0ca0 | 19 | |
5430f7f2 | 20 | You should have received a copy of the GNU Lesser General Public License |
d1ab0ca0 LP |
21 | along with systemd; If not, see <http://www.gnu.org/licenses/>. |
22 | --> | |
23 | ||
24 | <refentry id="systemd.service"> | |
798d3a52 ZJS |
25 | <refentryinfo> |
26 | <title>systemd.service</title> | |
27 | <productname>systemd</productname> | |
28 | ||
29 | <authorgroup> | |
30 | <author> | |
31 | <contrib>Developer</contrib> | |
32 | <firstname>Lennart</firstname> | |
33 | <surname>Poettering</surname> | |
34 | <email>lennart@poettering.net</email> | |
35 | </author> | |
36 | </authorgroup> | |
37 | </refentryinfo> | |
38 | ||
39 | <refmeta> | |
40 | <refentrytitle>systemd.service</refentrytitle> | |
41 | <manvolnum>5</manvolnum> | |
42 | </refmeta> | |
43 | ||
44 | <refnamediv> | |
45 | <refname>systemd.service</refname> | |
46 | <refpurpose>Service unit configuration</refpurpose> | |
47 | </refnamediv> | |
48 | ||
49 | <refsynopsisdiv> | |
50 | <para><filename><replaceable>service</replaceable>.service</filename></para> | |
51 | </refsynopsisdiv> | |
52 | ||
53 | <refsect1> | |
54 | <title>Description</title> | |
55 | ||
56 | <para>A unit configuration file whose name ends in | |
57 | <filename>.service</filename> encodes information about a process | |
58 | controlled and supervised by systemd.</para> | |
59 | ||
60 | <para>This man page lists the configuration options specific to | |
61 | this unit type. See | |
62 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
63 | for the common options of all unit configuration files. The common | |
64 | configuration items are configured in the generic | |
65 | <literal>[Unit]</literal> and <literal>[Install]</literal> | |
66 | sections. The service specific configuration options are | |
67 | configured in the <literal>[Service]</literal> section.</para> | |
68 | ||
69 | <para>Additional options are listed in | |
70 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
71 | which define the execution environment the commands are executed | |
72 | in, and in | |
73 | <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
74 | which define the way the processes of the service are terminated, | |
75 | and in | |
76 | <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
77 | which configure resource control settings for the processes of the | |
78 | service.</para> | |
79 | ||
80 | <para>Unless <varname>DefaultDependencies=</varname> is set to | |
81 | <option>false</option>, service units will implicitly have | |
82 | dependencies of type <varname>Requires=</varname> and | |
83 | <varname>After=</varname> on <filename>basic.target</filename> as | |
84 | well as dependencies of type <varname>Conflicts=</varname> and | |
85 | <varname>Before=</varname> on | |
86 | <filename>shutdown.target</filename>. These ensure that normal | |
87 | service units pull in basic system initialization, and are | |
88 | terminated cleanly prior to system shutdown. Only services | |
89 | involved with early boot or late system shutdown should disable | |
90 | this option.</para> | |
91 | ||
92 | <para>If a service is requested under a certain name but no unit | |
93 | configuration file is found, systemd looks for a SysV init script | |
94 | by the same name (with the <filename>.service</filename> suffix | |
95 | removed) and dynamically creates a service unit from that script. | |
96 | This is useful for compatibility with SysV. Note that this | |
97 | compatibility is quite comprehensive but not 100%. For details | |
98 | about the incompatibilities, see the <ulink | |
99 | url="http://www.freedesktop.org/wiki/Software/systemd/Incompatibilities">Incompatibilities | |
100 | with SysV</ulink> document. | |
101 | </para> | |
102 | </refsect1> | |
103 | ||
104 | <refsect1> | |
105 | <title>Options</title> | |
106 | ||
107 | <para>Service files must include a <literal>[Service]</literal> | |
108 | section, which carries information about the service and the | |
109 | process it supervises. A number of options that may be used in | |
110 | this section are shared with other unit types. These options are | |
111 | documented in | |
112 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
113 | and | |
114 | <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>. | |
115 | The options specific to the <literal>[Service]</literal> section | |
116 | of service units are the following:</para> | |
117 | ||
118 | <variablelist class='unit-directives'> | |
119 | <varlistentry> | |
120 | <term><varname>Type=</varname></term> | |
121 | ||
122 | <listitem><para>Configures the process start-up type for this | |
123 | service unit. One of | |
124 | <option>simple</option>, | |
125 | <option>forking</option>, | |
126 | <option>oneshot</option>, | |
127 | <option>dbus</option>, | |
128 | <option>notify</option> or | |
129 | <option>idle</option>.</para> | |
130 | ||
131 | <para>If set to <option>simple</option> (the default if | |
132 | neither <varname>Type=</varname> nor | |
133 | <varname>BusName=</varname>, but <varname>ExecStart=</varname> | |
134 | are specified), it is expected that the process configured | |
135 | with <varname>ExecStart=</varname> is the main process of the | |
136 | service. In this mode, if the process offers functionality to | |
137 | other processes on the system, its communication channels | |
138 | should be installed before the daemon is started up (e.g. | |
139 | sockets set up by systemd, via socket activation), as systemd | |
140 | will immediately proceed starting follow-up units.</para> | |
141 | ||
142 | <para>If set to <option>forking</option>, it is expected that | |
143 | the process configured with <varname>ExecStart=</varname> will | |
144 | call <function>fork()</function> as part of its start-up. The | |
145 | parent process is expected to exit when start-up is complete | |
146 | and all communication channels are set up. The child continues | |
147 | to run as the main daemon process. This is the behavior of | |
148 | traditional UNIX daemons. If this setting is used, it is | |
149 | recommended to also use the <varname>PIDFile=</varname> | |
150 | option, so that systemd can identify the main process of the | |
151 | daemon. systemd will proceed with starting follow-up units as | |
152 | soon as the parent process exits.</para> | |
153 | ||
154 | <para>Behavior of <option>oneshot</option> is similar to | |
155 | <option>simple</option>; however, it is expected that the | |
156 | process has to exit before systemd starts follow-up units. | |
157 | <varname>RemainAfterExit=</varname> is particularly useful for | |
158 | this type of service. This is the implied default if neither | |
159 | <varname>Type=</varname> or <varname>ExecStart=</varname> are | |
160 | specified.</para> | |
161 | ||
162 | <para>Behavior of <option>dbus</option> is similar to | |
163 | <option>simple</option>; however, it is expected that the | |
164 | daemon acquires a name on the D-Bus bus, as configured by | |
165 | <varname>BusName=</varname>. systemd will proceed with | |
166 | starting follow-up units after the D-Bus bus name has been | |
167 | acquired. Service units with this option configured implicitly | |
168 | gain dependencies on the <filename>dbus.socket</filename> | |
169 | unit. This type is the default if <varname>BusName=</varname> | |
170 | is specified.</para> | |
171 | ||
172 | <para>Behavior of <option>notify</option> is similar to | |
173 | <option>simple</option>; however, it is expected that the | |
174 | daemon sends a notification message via | |
175 | <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry> | |
176 | or an equivalent call when it has finished starting up. | |
177 | systemd will proceed with starting follow-up units after this | |
178 | notification message has been sent. If this option is used, | |
179 | <varname>NotifyAccess=</varname> (see below) should be set to | |
180 | open access to the notification socket provided by systemd. If | |
181 | <varname>NotifyAccess=</varname> is not set, it will be | |
182 | implicitly set to <option>main</option>. Note that currently | |
183 | <varname>Type=</varname><option>notify</option> will not work | |
184 | if used in combination with | |
185 | <varname>PrivateNetwork=</varname><option>yes</option>.</para> | |
186 | ||
187 | <para>Behavior of <option>idle</option> is very similar to | |
188 | <option>simple</option>; however, actual execution of the | |
189 | service binary is delayed until all jobs are dispatched. This | |
190 | may be used to avoid interleaving of output of shell services | |
191 | with the status output on the console.</para> | |
192 | </listitem> | |
193 | </varlistentry> | |
194 | ||
195 | <varlistentry> | |
196 | <term><varname>RemainAfterExit=</varname></term> | |
197 | ||
198 | <listitem><para>Takes a boolean value that specifies whether | |
199 | the service shall be considered active even when all its | |
200 | processes exited. Defaults to <option>no</option>.</para> | |
201 | </listitem> | |
202 | </varlistentry> | |
203 | ||
204 | <varlistentry> | |
205 | <term><varname>GuessMainPID=</varname></term> | |
206 | ||
207 | <listitem><para>Takes a boolean value that specifies whether | |
208 | systemd should try to guess the main PID of a service if it | |
209 | cannot be determined reliably. This option is ignored unless | |
210 | <option>Type=forking</option> is set and | |
211 | <option>PIDFile=</option> is unset because for the other types | |
212 | or with an explicitly configured PID file, the main PID is | |
213 | always known. The guessing algorithm might come to incorrect | |
214 | conclusions if a daemon consists of more than one process. If | |
215 | the main PID cannot be determined, failure detection and | |
216 | automatic restarting of a service will not work reliably. | |
217 | Defaults to <option>yes</option>.</para> | |
218 | </listitem> | |
219 | </varlistentry> | |
220 | ||
221 | <varlistentry> | |
222 | <term><varname>PIDFile=</varname></term> | |
223 | ||
224 | <listitem><para>Takes an absolute file name pointing to the | |
225 | PID file of this daemon. Use of this option is recommended for | |
226 | services where <varname>Type=</varname> is set to | |
227 | <option>forking</option>. systemd will read the PID of the | |
228 | main process of the daemon after start-up of the service. | |
341db20b FS |
229 | systemd will not write to the file configured here, although |
230 | it will remove the file after the service has shut down if it | |
231 | still exists. | |
232 | </para> | |
798d3a52 ZJS |
233 | </listitem> |
234 | </varlistentry> | |
235 | ||
236 | <varlistentry> | |
237 | <term><varname>BusName=</varname></term> | |
238 | ||
239 | <listitem><para>Takes a D-Bus bus name that this service is | |
240 | reachable as. This option is mandatory for services where | |
241 | <varname>Type=</varname> is set to | |
242 | <option>dbus</option>.</para> | |
243 | </listitem> | |
244 | </varlistentry> | |
245 | ||
246 | <varlistentry> | |
247 | <term><varname>BusPolicy=</varname></term> | |
248 | ||
b8332e7a | 249 | <listitem><para>If specified, a custom kdbus |
798d3a52 ZJS |
250 | endpoint will be created and installed as the default bus node |
251 | for the service. Such a custom endpoint can hold an own set of | |
252 | policy rules that are enforced on top of the bus-wide ones. | |
253 | The custom endpoint is named after the service it was created | |
254 | for, and its node will be bind-mounted over the default bus | |
255 | node location, so the service can only access the bus through | |
256 | its own endpoint. Note that custom bus endpoints default to a | |
257 | 'deny all' policy. Hence, if at least one | |
258 | <varname>BusPolicy=</varname> directive is given, you have to | |
259 | make sure to add explicit rules for everything the service | |
260 | should be able to do.</para> | |
261 | <para>The value of this directive is comprised | |
262 | of two parts; the bus name, and a verb to | |
263 | specify to granted access, which is one of | |
264 | <option>see</option>, | |
265 | <option>talk</option>, or | |
266 | <option>own</option>. | |
267 | <option>talk</option> implies | |
268 | <option>see</option>, and <option>own</option> | |
269 | implies both <option>talk</option> and | |
270 | <option>see</option>. | |
271 | If multiple access levels are specified for the | |
272 | same bus name, the most powerful one takes | |
273 | effect. | |
274 | </para> | |
275 | <para>Examples:</para> | |
276 | <programlisting>BusPolicy=org.freedesktop.systemd1 talk</programlisting> | |
277 | <programlisting>BusPolicy=org.foo.bar see</programlisting> | |
278 | <para>This option is only available on kdbus enabled systems.</para> | |
279 | </listitem> | |
280 | </varlistentry> | |
281 | ||
282 | <varlistentry> | |
283 | <term><varname>ExecStart=</varname></term> | |
284 | <listitem><para>Commands with their arguments that are | |
285 | executed when this service is started. The value is split into | |
286 | zero or more command lines is according to the rules described | |
287 | below (see section "Command Lines" below). | |
288 | </para> | |
289 | ||
22065311 | 290 | <para>When <varname>Type=</varname> is not |
798d3a52 ZJS |
291 | <option>oneshot</option>, only one command may and must be |
292 | given. When <varname>Type=oneshot</varname> is used, zero or | |
293 | more commands may be specified. This can be specified by | |
294 | providing multiple command lines in the same directive, or | |
295 | alternatively, this directive may be specified more than once | |
296 | with the same effect. If the empty string is assigned to this | |
297 | option, the list of commands to start is reset, prior | |
298 | assignments of this option will have no effect. If no | |
299 | <varname>ExecStart=</varname> is specified, then the service | |
300 | must have <varname>RemainAfterExit=yes</varname> set.</para> | |
301 | ||
302 | <para>For each of the specified commands, the first argument | |
303 | must be an absolute path to an executable. Optionally, if this | |
304 | file name is prefixed with <literal>@</literal>, the second | |
305 | token will be passed as <literal>argv[0]</literal> to the | |
306 | executed process, followed by the further arguments specified. | |
307 | If the absolute filename is prefixed with | |
308 | <literal>-</literal>, an exit code of the command normally | |
309 | considered a failure (i.e. non-zero exit status or abnormal | |
310 | exit due to signal) is ignored and considered success. If both | |
311 | <literal>-</literal> and <literal>@</literal> are used, they | |
312 | can appear in either order.</para> | |
313 | ||
314 | <para>If more than one command is specified, the commands are | |
315 | invoked sequentially in the order they appear in the unit | |
316 | file. If one of the commands fails (and is not prefixed with | |
317 | <literal>-</literal>), other lines are not executed, and the | |
318 | unit is considered failed.</para> | |
319 | ||
320 | <para>Unless <varname>Type=forking</varname> is set, the | |
321 | process started via this command line will be considered the | |
322 | main process of the daemon.</para> | |
323 | </listitem> | |
324 | </varlistentry> | |
325 | ||
326 | <varlistentry> | |
327 | <term><varname>ExecStartPre=</varname></term> | |
328 | <term><varname>ExecStartPost=</varname></term> | |
329 | <listitem><para>Additional commands that are executed before | |
330 | or after the command in <varname>ExecStart=</varname>, | |
331 | respectively. Syntax is the same as for | |
332 | <varname>ExecStart=</varname>, except that multiple command | |
333 | lines are allowed and the commands are executed one after the | |
334 | other, serially.</para> | |
335 | ||
336 | <para>If any of those commands (not prefixed with | |
337 | <literal>-</literal>) fail, the rest are not executed and the | |
338 | unit is considered failed.</para> | |
b481de3b | 339 | |
12e2683d RM |
340 | <para><varname>ExecStart=</varname> commands are only run after |
341 | all <varname>ExecStartPre=</varname> commands that were not prefixed | |
342 | with a <literal>-</literal> exit successfully.</para> | |
343 | ||
344 | <para><varname>ExecStartPost=</varname> commands are only run after | |
345 | the service has started, as determined by <varname>Type=</varname> | |
346 | (i.e. The process has been started for <varname>Type=simple</varname> | |
347 | or <varname>Type=idle</varname>, the process exits successfully for | |
348 | <varname>Type=oneshot</varname>, the initial process exits successfully | |
349 | for <varname>Type=forking</varname>, <literal>READY=1</literal> is sent | |
350 | for <varname>Type=notify</varname>, or the <varname>BusName=</varname> | |
351 | has been taken for <varname>Type=dbus</varname>).</para> | |
352 | ||
b481de3b LP |
353 | <para>Note that <varname>ExecStartPre=</varname> may not be |
354 | used to start long-running processes. All processes forked | |
355 | off by processes invoked via <varname>ExecStartPre=</varname> will | |
356 | be killed before the next service process is run.</para> | |
798d3a52 ZJS |
357 | </listitem> |
358 | </varlistentry> | |
359 | ||
360 | <varlistentry> | |
361 | <term><varname>ExecReload=</varname></term> | |
362 | <listitem><para>Commands to execute to trigger a configuration | |
363 | reload in the service. This argument takes multiple command | |
364 | lines, following the same scheme as described for | |
365 | <varname>ExecStart=</varname> above. Use of this setting is | |
366 | optional. Specifier and environment variable substitution is | |
367 | supported here following the same scheme as for | |
368 | <varname>ExecStart=</varname>.</para> | |
369 | ||
370 | <para>One additional, special environment variable is set: if | |
371 | known, <varname>$MAINPID</varname> is set to the main process | |
372 | of the daemon, and may be used for command lines like the | |
373 | following:</para> | |
374 | ||
375 | <programlisting>/bin/kill -HUP $MAINPID</programlisting> | |
376 | ||
377 | <para>Note however that reloading a daemon by sending a signal | |
378 | (as with the example line above) is usually not a good choice, | |
379 | because this is an asynchronous operation and hence not | |
380 | suitable to order reloads of multiple services against each | |
381 | other. It is strongly recommended to set | |
382 | <varname>ExecReload=</varname> to a command that not only | |
383 | triggers a configuration reload of the daemon, but also | |
384 | synchronously waits for it to complete.</para> | |
385 | </listitem> | |
386 | </varlistentry> | |
387 | ||
388 | <varlistentry> | |
389 | <term><varname>ExecStop=</varname></term> | |
390 | <listitem><para>Commands to execute to stop the service | |
391 | started via <varname>ExecStart=</varname>. This argument takes | |
392 | multiple command lines, following the same scheme as described | |
393 | for <varname>ExecStart=</varname> above. Use of this setting | |
394 | is optional. After the commands configured in this option are | |
395 | run, all processes remaining for a service are terminated | |
396 | according to the <varname>KillMode=</varname> setting (see | |
397 | <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>). | |
cceb20c7 LP |
398 | If this option is not specified, the process is terminated by |
399 | sending the signal specified in <varname>KillSignal=</varname> | |
400 | when service stop is requested. Specifier and environment | |
401 | variable substitution is supported (including | |
402 | <varname>$MAINPID</varname>, see above).</para> | |
403 | ||
404 | <para>Note that it is usually not sufficient to specify a | |
405 | command for this setting that only asks the service to | |
406 | terminate (for example by queuing some form of termination | |
407 | signal for it), but does not wait for it to do so. Since the | |
408 | remaining processes of the services are killed using | |
409 | <constant>SIGKILL</constant> immediately after the command | |
410 | exited this would not result in a clean stop. The specified | |
411 | command should hence be a synchronous operation, not an | |
412 | asynchronous one.</para></listitem> | |
798d3a52 ZJS |
413 | </varlistentry> |
414 | ||
415 | <varlistentry> | |
416 | <term><varname>ExecStopPost=</varname></term> | |
417 | <listitem><para>Additional commands that are executed after | |
418 | the service was stopped. This includes cases where the | |
419 | commands configured in <varname>ExecStop=</varname> were used, | |
420 | where the service does not have any | |
421 | <varname>ExecStop=</varname> defined, or where the service | |
422 | exited unexpectedly. This argument takes multiple command | |
423 | lines, following the same scheme as described for | |
22065311 | 424 | <varname>ExecStart=</varname>. Use of these settings is |
798d3a52 ZJS |
425 | optional. Specifier and environment variable substitution is |
426 | supported.</para></listitem> | |
427 | </varlistentry> | |
428 | ||
429 | <varlistentry> | |
430 | <term><varname>RestartSec=</varname></term> | |
431 | <listitem><para>Configures the time to sleep before restarting | |
432 | a service (as configured with <varname>Restart=</varname>). | |
433 | Takes a unit-less value in seconds, or a time span value such | |
434 | as "5min 20s". Defaults to 100ms.</para></listitem> | |
435 | </varlistentry> | |
436 | ||
437 | <varlistentry> | |
438 | <term><varname>TimeoutStartSec=</varname></term> | |
439 | <listitem><para>Configures the time to wait for start-up. If a | |
440 | daemon service does not signal start-up completion within the | |
441 | configured time, the service will be considered failed and | |
442 | will be shut down again. Takes a unit-less value in seconds, | |
443 | or a time span value such as "5min 20s". Pass | |
444 | <literal>0</literal> to disable the timeout logic. Defaults to | |
445 | <varname>DefaultTimeoutStartSec=</varname> from the manager | |
446 | configuration file, except when | |
447 | <varname>Type=oneshot</varname> is used, in which case the | |
448 | timeout is disabled by default (see | |
449 | <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>). | |
450 | </para></listitem> | |
451 | </varlistentry> | |
452 | ||
453 | <varlistentry> | |
454 | <term><varname>TimeoutStopSec=</varname></term> | |
455 | <listitem><para>Configures the time to wait for stop. If a | |
456 | service is asked to stop, but does not terminate in the | |
457 | specified time, it will be terminated forcibly via | |
458 | <constant>SIGTERM</constant>, and after another timeout of | |
459 | equal duration with <constant>SIGKILL</constant> (see | |
460 | <varname>KillMode=</varname> in | |
461 | <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>). | |
462 | Takes a unit-less value in seconds, or a time span value such | |
463 | as "5min 20s". Pass <literal>0</literal> to disable the | |
464 | timeout logic. Defaults to | |
465 | <varname>DefaultTimeoutStopSec=</varname> from the manager | |
466 | configuration file (see | |
467 | <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>). | |
468 | </para></listitem> | |
469 | </varlistentry> | |
470 | ||
471 | <varlistentry> | |
472 | <term><varname>TimeoutSec=</varname></term> | |
473 | <listitem><para>A shorthand for configuring both | |
474 | <varname>TimeoutStartSec=</varname> and | |
475 | <varname>TimeoutStopSec=</varname> to the specified value. | |
476 | </para></listitem> | |
477 | </varlistentry> | |
478 | ||
479 | <varlistentry> | |
480 | <term><varname>WatchdogSec=</varname></term> | |
481 | <listitem><para>Configures the watchdog timeout for a service. | |
482 | The watchdog is activated when the start-up is completed. The | |
483 | service must call | |
484 | <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry> | |
485 | regularly with <literal>WATCHDOG=1</literal> (i.e. the | |
486 | "keep-alive ping"). If the time between two such calls is | |
487 | larger than the configured time, then the service is placed in | |
488 | a failed state and it will be terminated with | |
22065311 | 489 | <constant>SIGABRT</constant>. By setting |
798d3a52 ZJS |
490 | <varname>Restart=</varname> to <option>on-failure</option> or |
491 | <option>always</option>, the service will be automatically | |
492 | restarted. The time configured here will be passed to the | |
493 | executed service process in the | |
494 | <varname>WATCHDOG_USEC=</varname> environment variable. This | |
495 | allows daemons to automatically enable the keep-alive pinging | |
496 | logic if watchdog support is enabled for the service. If this | |
497 | option is used, <varname>NotifyAccess=</varname> (see below) | |
498 | should be set to open access to the notification socket | |
499 | provided by systemd. If <varname>NotifyAccess=</varname> is | |
500 | not set, it will be implicitly set to <option>main</option>. | |
501 | Defaults to 0, which disables this feature.</para></listitem> | |
502 | </varlistentry> | |
503 | ||
504 | <varlistentry> | |
505 | <term><varname>Restart=</varname></term> | |
506 | <listitem><para>Configures whether the service shall be | |
507 | restarted when the service process exits, is killed, or a | |
508 | timeout is reached. The service process may be the main | |
509 | service process, but it may also be one of the processes | |
510 | specified with <varname>ExecStartPre=</varname>, | |
511 | <varname>ExecStartPost=</varname>, | |
512 | <varname>ExecStop=</varname>, | |
513 | <varname>ExecStopPost=</varname>, or | |
514 | <varname>ExecReload=</varname>. When the death of the process | |
515 | is a result of systemd operation (e.g. service stop or | |
516 | restart), the service will not be restarted. Timeouts include | |
517 | missing the watchdog "keep-alive ping" deadline and a service | |
518 | start, reload, and stop operation timeouts.</para> | |
519 | ||
520 | <para>Takes one of | |
521 | <option>no</option>, | |
522 | <option>on-success</option>, | |
523 | <option>on-failure</option>, | |
524 | <option>on-abnormal</option>, | |
525 | <option>on-watchdog</option>, | |
526 | <option>on-abort</option>, or | |
527 | <option>always</option>. | |
528 | If set to <option>no</option> (the default), the service will | |
529 | not be restarted. If set to <option>on-success</option>, it | |
530 | will be restarted only when the service process exits cleanly. | |
531 | In this context, a clean exit means an exit code of 0, or one | |
532 | of the signals | |
533 | <constant>SIGHUP</constant>, | |
534 | <constant>SIGINT</constant>, | |
535 | <constant>SIGTERM</constant> or | |
536 | <constant>SIGPIPE</constant>, and | |
537 | additionally, exit statuses and signals specified in | |
538 | <varname>SuccessExitStatus=</varname>. If set to | |
539 | <option>on-failure</option>, the service will be restarted | |
540 | when the process exits with a non-zero exit code, is | |
541 | terminated by a signal (including on core dump, but excluding | |
ff9b60f3 | 542 | the aforementioned four signals), when an operation (such as |
798d3a52 ZJS |
543 | service reload) times out, and when the configured watchdog |
544 | timeout is triggered. If set to <option>on-abnormal</option>, | |
545 | the service will be restarted when the process is terminated | |
546 | by a signal (including on core dump, excluding the | |
547 | aforementioned four signals), when an operation times out, or | |
548 | when the watchdog timeout is triggered. If set to | |
549 | <option>on-abort</option>, the service will be restarted only | |
550 | if the service process exits due to an uncaught signal not | |
551 | specified as a clean exit status. If set to | |
552 | <option>on-watchdog</option>, the service will be restarted | |
553 | only if the watchdog timeout for the service expires. If set | |
554 | to <option>always</option>, the service will be restarted | |
555 | regardless of whether it exited cleanly or not, got terminated | |
556 | abnormally by a signal, or hit a timeout.</para> | |
557 | ||
558 | <table> | |
559 | <title>Exit causes and the effect of the <varname>Restart=</varname> settings on them</title> | |
560 | ||
561 | <tgroup cols='2'> | |
562 | <colspec colname='path' /> | |
563 | <colspec colname='expl' /> | |
564 | <thead> | |
565 | <row> | |
566 | <entry>Restart settings/Exit causes</entry> | |
567 | <entry><option>no</option></entry> | |
568 | <entry><option>always</option></entry> | |
569 | <entry><option>on-success</option></entry> | |
570 | <entry><option>on-failure</option></entry> | |
571 | <entry><option>on-abnormal</option></entry> | |
572 | <entry><option>on-abort</option></entry> | |
573 | <entry><option>on-watchdog</option></entry> | |
574 | </row> | |
575 | </thead> | |
576 | <tbody> | |
577 | <row> | |
578 | <entry>Clean exit code or signal</entry> | |
579 | <entry/> | |
580 | <entry>X</entry> | |
581 | <entry>X</entry> | |
582 | <entry/> | |
583 | <entry/> | |
584 | <entry/> | |
585 | <entry/> | |
586 | </row> | |
587 | <row> | |
588 | <entry>Unclean exit code</entry> | |
589 | <entry/> | |
590 | <entry>X</entry> | |
591 | <entry/> | |
592 | <entry>X</entry> | |
593 | <entry/> | |
594 | <entry/> | |
595 | <entry/> | |
596 | </row> | |
597 | <row> | |
598 | <entry>Unclean signal</entry> | |
599 | <entry/> | |
600 | <entry>X</entry> | |
601 | <entry/> | |
602 | <entry>X</entry> | |
603 | <entry>X</entry> | |
604 | <entry>X</entry> | |
605 | <entry/> | |
606 | </row> | |
607 | <row> | |
608 | <entry>Timeout</entry> | |
609 | <entry/> | |
610 | <entry>X</entry> | |
611 | <entry/> | |
612 | <entry>X</entry> | |
613 | <entry>X</entry> | |
614 | <entry/> | |
615 | <entry/> | |
616 | </row> | |
617 | <row> | |
618 | <entry>Watchdog</entry> | |
619 | <entry/> | |
620 | <entry>X</entry> | |
621 | <entry/> | |
622 | <entry>X</entry> | |
623 | <entry>X</entry> | |
624 | <entry/> | |
625 | <entry>X</entry> | |
626 | </row> | |
627 | </tbody> | |
628 | </tgroup> | |
629 | </table> | |
630 | ||
631 | <para>As exceptions to the setting above the service will not | |
632 | be restarted if the exit code or signal is specified in | |
633 | <varname>RestartPreventExitStatus=</varname> (see below). | |
634 | Also, the services will always be restarted if the exit code | |
635 | or signal is specified in | |
636 | <varname>RestartForceExitStatus=</varname> (see below).</para> | |
637 | ||
638 | <para>Setting this to <option>on-failure</option> is the | |
639 | recommended choice for long-running services, in order to | |
640 | increase reliability by attempting automatic recovery from | |
641 | errors. For services that shall be able to terminate on their | |
642 | own choice (and avoid immediate restarting), | |
643 | <option>on-abnormal</option> is an alternative choice.</para> | |
644 | </listitem> | |
645 | </varlistentry> | |
646 | ||
647 | <varlistentry> | |
648 | <term><varname>SuccessExitStatus=</varname></term> | |
649 | <listitem><para>Takes a list of exit status definitions that | |
650 | when returned by the main service process will be considered | |
651 | successful termination, in addition to the normal successful | |
652 | exit code 0 and the signals <constant>SIGHUP</constant>, | |
653 | <constant>SIGINT</constant>, <constant>SIGTERM</constant>, and | |
654 | <constant>SIGPIPE</constant>. Exit status definitions can | |
655 | either be numeric exit codes or termination signal names, | |
656 | separated by spaces. For example: | |
657 | <programlisting>SuccessExitStatus=1 2 8 | |
658 | SIGKILL</programlisting> ensures that exit codes 1, 2, 8 and | |
659 | the termination signal <constant>SIGKILL</constant> are | |
660 | considered clean service terminations. | |
661 | </para> | |
662 | ||
663 | <para>Note that if a process has a signal handler installed | |
664 | and exits by calling | |
665 | <citerefentry><refentrytitle>_exit</refentrytitle><manvolnum>2</manvolnum></citerefentry> | |
666 | in response to a signal, the information about the signal is | |
667 | lost. Programs should instead perform cleanup and kill | |
668 | themselves with the same signal instead. See | |
669 | <ulink url="http://www.cons.org/cracauer/sigint.html">Proper | |
670 | handling of SIGINT/SIGQUIT — How to be a proper | |
671 | program</ulink>.</para> | |
672 | ||
673 | <para>This option may appear more than once, in which case the | |
674 | list of successful exit statuses is merged. If the empty | |
675 | string is assigned to this option, the list is reset, all | |
676 | prior assignments of this option will have no | |
677 | effect.</para></listitem> | |
678 | </varlistentry> | |
679 | ||
680 | <varlistentry> | |
681 | <term><varname>RestartPreventExitStatus=</varname></term> | |
682 | <listitem><para>Takes a list of exit status definitions that | |
683 | when returned by the main service process will prevent | |
684 | automatic service restarts, regardless of the restart setting | |
685 | configured with <varname>Restart=</varname>. Exit status | |
686 | definitions can either be numeric exit codes or termination | |
687 | signal names, and are separated by spaces. Defaults to the | |
688 | empty list, so that, by default, no exit status is excluded | |
689 | from the configured restart logic. For example: | |
690 | <programlisting>RestartPreventExitStatus=1 6 | |
691 | SIGABRT</programlisting> ensures that exit codes 1 and 6 and | |
692 | the termination signal <constant>SIGABRT</constant> will not | |
693 | result in automatic service restarting. This option may appear | |
694 | more than once, in which case the list of restart-preventing | |
695 | statuses is merged. If the empty string is assigned to this | |
696 | option, the list is reset and all prior assignments of this | |
697 | option will have no effect.</para></listitem> | |
698 | </varlistentry> | |
699 | ||
700 | <varlistentry> | |
701 | <term><varname>RestartForceExitStatus=</varname></term> | |
702 | <listitem><para>Takes a list of exit status definitions that | |
703 | when returned by the main service process will force automatic | |
704 | service restarts, regardless of the restart setting configured | |
705 | with <varname>Restart=</varname>. The argument format is | |
706 | similar to | |
707 | <varname>RestartPreventExitStatus=</varname>.</para></listitem> | |
708 | </varlistentry> | |
709 | ||
710 | <varlistentry> | |
711 | <term><varname>PermissionsStartOnly=</varname></term> | |
712 | <listitem><para>Takes a boolean argument. If true, the | |
713 | permission-related execution options, as configured with | |
714 | <varname>User=</varname> and similar options (see | |
715 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
716 | for more information), are only applied to the process started | |
717 | with | |
718 | <varname>ExecStart=</varname>, and not to the various other | |
719 | <varname>ExecStartPre=</varname>, | |
720 | <varname>ExecStartPost=</varname>, | |
721 | <varname>ExecReload=</varname>, | |
722 | <varname>ExecStop=</varname>, and | |
723 | <varname>ExecStopPost=</varname> | |
724 | commands. If false, the setting is applied to all configured | |
725 | commands the same way. Defaults to false.</para></listitem> | |
726 | </varlistentry> | |
727 | ||
728 | <varlistentry> | |
729 | <term><varname>RootDirectoryStartOnly=</varname></term> | |
730 | <listitem><para>Takes a boolean argument. If true, the root | |
731 | directory, as configured with the | |
732 | <varname>RootDirectory=</varname> option (see | |
733 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
734 | for more information), is only applied to the process started | |
735 | with <varname>ExecStart=</varname>, and not to the various | |
736 | other <varname>ExecStartPre=</varname>, | |
737 | <varname>ExecStartPost=</varname>, | |
738 | <varname>ExecReload=</varname>, <varname>ExecStop=</varname>, | |
739 | and <varname>ExecStopPost=</varname> commands. If false, the | |
740 | setting is applied to all configured commands the same way. | |
741 | Defaults to false.</para></listitem> | |
742 | </varlistentry> | |
743 | ||
744 | <varlistentry> | |
745 | <term><varname>NonBlocking=</varname></term> | |
746 | <listitem><para>Set the <constant>O_NONBLOCK</constant> flag | |
747 | for all file descriptors passed via socket-based activation. | |
748 | If true, all file descriptors >= 3 (i.e. all except stdin, | |
749 | stdout, and stderr) will have the | |
750 | <constant>O_NONBLOCK</constant> flag set and hence are in | |
751 | non-blocking mode. This option is only useful in conjunction | |
752 | with a socket unit, as described in | |
753 | <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>. | |
754 | Defaults to false.</para></listitem> | |
755 | </varlistentry> | |
756 | ||
757 | <varlistentry> | |
758 | <term><varname>NotifyAccess=</varname></term> | |
759 | <listitem><para>Controls access to the service status | |
760 | notification socket, as accessible via the | |
761 | <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry> | |
762 | call. Takes one of <option>none</option> (the default), | |
763 | <option>main</option> or <option>all</option>. If | |
764 | <option>none</option>, no daemon status updates are accepted | |
765 | from the service processes, all status update messages are | |
766 | ignored. If <option>main</option>, only service updates sent | |
767 | from the main process of the service are accepted. If | |
768 | <option>all</option>, all services updates from all members of | |
769 | the service's control group are accepted. This option should | |
770 | be set to open access to the notification socket when using | |
771 | <varname>Type=notify</varname> or | |
772 | <varname>WatchdogSec=</varname> (see above). If those options | |
773 | are used but <varname>NotifyAccess=</varname> is not | |
774 | configured, it will be implicitly set to | |
775 | <option>main</option>.</para></listitem> | |
776 | </varlistentry> | |
777 | ||
778 | <varlistentry> | |
779 | <term><varname>Sockets=</varname></term> | |
780 | <listitem><para>Specifies the name of the socket units this | |
781 | service shall inherit socket file descriptors from when the | |
782 | service is started. Normally it should not be necessary to use | |
783 | this setting as all socket file descriptors whose unit shares | |
784 | the same name as the service (subject to the different unit | |
785 | name suffix of course) are passed to the spawned | |
786 | process.</para> | |
787 | ||
788 | <para>Note that the same socket file descriptors may be passed | |
789 | to multiple processes simultaneously. Also note that a | |
790 | different service may be activated on incoming socket traffic | |
791 | than the one which is ultimately configured to inherit the | |
792 | socket file descriptors. Or in other words: the | |
793 | <varname>Service=</varname> setting of | |
794 | <filename>.socket</filename> units does not have to match the | |
795 | inverse of the <varname>Sockets=</varname> setting of the | |
796 | <filename>.service</filename> it refers to.</para> | |
797 | ||
798 | <para>This option may appear more than once, in which case the | |
799 | list of socket units is merged. If the empty string is | |
800 | assigned to this option, the list of sockets is reset, and all | |
801 | prior uses of this setting will have no | |
802 | effect.</para></listitem> | |
803 | </varlistentry> | |
804 | ||
805 | <varlistentry> | |
806 | <term><varname>StartLimitInterval=</varname></term> | |
807 | <term><varname>StartLimitBurst=</varname></term> | |
808 | ||
809 | <listitem><para>Configure service start rate limiting. By | |
810 | default, services which are started more than 5 times within | |
811 | 10 seconds are not permitted to start any more times until the | |
812 | 10 second interval ends. With these two options, this rate | |
813 | limiting may be modified. Use | |
814 | <varname>StartLimitInterval=</varname> to configure the | |
815 | checking interval (defaults to | |
816 | <varname>DefaultStartLimitInterval=</varname> in manager | |
817 | configuration file, set to 0 to disable any kind of rate | |
818 | limiting). Use <varname>StartLimitBurst=</varname> to | |
819 | configure how many starts per interval are allowed (defaults | |
820 | to <varname>DefaultStartLimitBurst=</varname> in manager | |
821 | configuration file). These configuration options are | |
822 | particularly useful in conjunction with | |
823 | <varname>Restart=</varname>; however, they apply to all kinds | |
824 | of starts (including manual), not just those triggered by the | |
825 | <varname>Restart=</varname> logic. Note that units which are | |
826 | configured for <varname>Restart=</varname> and which reach the | |
827 | start limit are not attempted to be restarted anymore; | |
828 | however, they may still be restarted manually at a later | |
829 | point, from which point on, the restart logic is again | |
830 | activated. Note that <command>systemctl reset-failed</command> | |
831 | will cause the restart rate counter for a service to be | |
832 | flushed, which is useful if the administrator wants to | |
833 | manually start a service and the start limit interferes with | |
834 | that.</para></listitem> | |
835 | </varlistentry> | |
836 | ||
837 | <varlistentry> | |
838 | <term><varname>StartLimitAction=</varname></term> | |
839 | ||
840 | <listitem><para>Configure the action to take if the rate limit | |
841 | configured with <varname>StartLimitInterval=</varname> and | |
842 | <varname>StartLimitBurst=</varname> is hit. Takes one of | |
843 | <option>none</option>, | |
844 | <option>reboot</option>, | |
845 | <option>reboot-force</option>, | |
846 | <option>reboot-immediate</option>, | |
847 | <option>poweroff</option>, | |
848 | <option>poweroff-force</option> or | |
849 | <option>poweroff-immediate</option>. If | |
850 | <option>none</option> is set, hitting the rate limit will | |
851 | trigger no action besides that the start will not be | |
852 | permitted. <option>reboot</option> causes a reboot following | |
853 | the normal shutdown procedure (i.e. equivalent to | |
854 | <command>systemctl reboot</command>). | |
855 | <option>reboot-force</option> causes a forced reboot which | |
856 | will terminate all processes forcibly but should cause no | |
857 | dirty file systems on reboot (i.e. equivalent to | |
858 | <command>systemctl reboot -f</command>) and | |
859 | <option>reboot-immediate</option> causes immediate execution | |
860 | of the | |
861 | <citerefentry><refentrytitle>reboot</refentrytitle><manvolnum>2</manvolnum></citerefentry> | |
862 | system call, which might result in data loss. Similar, | |
863 | <option>poweroff</option>, <option>poweroff-force</option>, | |
864 | <option>poweroff-immediate</option> have the effect of | |
865 | powering down the system with similar semantics. Defaults to | |
866 | <option>none</option>.</para></listitem> | |
867 | </varlistentry> | |
868 | ||
869 | <varlistentry> | |
870 | <term><varname>FailureAction=</varname></term> | |
871 | <listitem><para>Configure the action to take when the service | |
872 | enters a failed state. Takes the same values as | |
873 | <varname>StartLimitAction=</varname> and executes the same | |
874 | actions. Defaults to <option>none</option>. </para></listitem> | |
875 | </varlistentry> | |
876 | ||
877 | <varlistentry> | |
878 | <term><varname>RebootArgument=</varname></term> | |
879 | <listitem><para>Configure the optional argument for the | |
880 | <citerefentry><refentrytitle>reboot</refentrytitle><manvolnum>2</manvolnum></citerefentry> | |
881 | system call if <varname>StartLimitAction=</varname> or | |
882 | <varname>FailureAction=</varname> is a reboot action. This | |
883 | works just like the optional argument to <command>systemctl | |
884 | reboot</command> command.</para></listitem> | |
885 | </varlistentry> | |
886 | ||
887 | <varlistentry> | |
888 | <term><varname>FileDescriptorStoreMax=</varname></term> | |
889 | <listitem><para>Configure how many file descriptors may be | |
890 | stored in the service manager for the service using | |
891 | <citerefentry><refentrytitle>sd_pid_notify_with_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>'s | |
892 | <literal>FDSTORE=1</literal> messages. This is useful for | |
893 | implementing service restart schemes where the state is | |
894 | serialized to <filename>/run</filename> and the file | |
895 | descriptors passed to the service manager, to allow restarts | |
896 | without losing state. Defaults to 0, i.e. no file descriptors | |
897 | may be stored in the service manager by default. All file | |
898 | descriptors passed to the service manager from a specific | |
899 | service are passed back to the service's main process on the | |
900 | next service restart. Any file descriptors passed to the | |
901 | service manager are automatically closed when POLLHUP or | |
902 | POLLERR is seen on them, or when the service is fully stopped | |
903 | and no job queued or being executed for it.</para></listitem> | |
904 | </varlistentry> | |
905 | ||
8c7c9839 PS |
906 | <varlistentry> |
907 | <term><varname>USBFunctionDescriptors=</varname></term> | |
81eb21b9 ZJS |
908 | <listitem><para>Configure the location of the file containing |
909 | <ulink url="https://www.kernel.org/doc/Documentation/usb/functionfs.txt">functionfs</ulink> | |
910 | descriptors. This is is used only when a socket with | |
22065311 | 911 | <varname>ListenUSBFunction=</varname> configured wants to |
81eb21b9 ZJS |
912 | activate this service. Content of this file is writen to |
913 | <filename>ep0</filename> file after it is opened. This is | |
914 | required for socket activation using | |
22065311 | 915 | <varname>ListenUSBFunction=</varname> (i.e. for passing all |
81eb21b9 | 916 | functionfs endpoints to the service).</para></listitem> |
8c7c9839 PS |
917 | </varlistentry> |
918 | ||
919 | <varlistentry> | |
920 | <term><varname>USBFunctionStrings=</varname></term> | |
921 | <listitem><para>Configure the location of file containing FunctionFS strings. | |
922 | Behavior is similar to <varname>USBFunctionDescriptors</varname>.</para></listitem> | |
923 | </varlistentry> | |
924 | ||
798d3a52 ZJS |
925 | </variablelist> |
926 | ||
927 | <para>Check | |
928 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
929 | and | |
930 | <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
931 | for more settings.</para> | |
932 | ||
933 | </refsect1> | |
934 | ||
935 | <refsect1> | |
936 | <title>Command lines</title> | |
937 | ||
938 | <para>This section describes command line parsing and | |
ff9b60f3 | 939 | variable and specifier substitutions for |
798d3a52 ZJS |
940 | <varname>ExecStart=</varname>, |
941 | <varname>ExecStartPre=</varname>, | |
942 | <varname>ExecStartPost=</varname>, | |
943 | <varname>ExecReload=</varname>, | |
944 | <varname>ExecStop=</varname>, and | |
945 | <varname>ExecStopPost=</varname> options.</para> | |
946 | ||
947 | <para>Multiple command lines may be concatenated in a single | |
948 | directive by separating them with semicolons (these semicolons | |
949 | must be passed as separate words). Lone semicolons may be escaped | |
950 | as <literal>\;</literal>.</para> | |
951 | ||
952 | <para>Each command line is split on whitespace, with the first | |
953 | item being the command to execute, and the subsequent items being | |
954 | the arguments. Double quotes ("...") and single quotes ('...') may | |
955 | be used, in which case everything until the next matching quote | |
956 | becomes part of the same argument. C-style escapes are also | |
388a91b0 ZJS |
957 | supported. The table below contains the list of allowed escape |
958 | patterns. Only patterns which match the syntax in the table are | |
959 | allowed; others will result in an error, and must be escaped by | |
960 | doubling the backslash. Quotes themselves are removed after | |
798d3a52 ZJS |
961 | parsing and escape sequences substituted. In addition, a trailing |
962 | backslash (<literal>\</literal>) may be used to merge lines. | |
963 | </para> | |
964 | ||
965 | <para>This syntax is intended to be very similar to shell syntax, | |
966 | but only the meta-characters and expansions described in the | |
967 | following paragraphs are understood. Specifically, redirection | |
968 | using | |
969 | <literal><</literal>, | |
970 | <literal><<</literal>, | |
971 | <literal>></literal>, and | |
972 | <literal>>></literal>, pipes using | |
973 | <literal>|</literal>, running programs in the background using | |
974 | <literal>&</literal>, and <emphasis>other elements of shell | |
975 | syntax are not supported</emphasis>.</para> | |
976 | ||
388a91b0 | 977 | <para>The command to execute must be an absolute path name. It may |
798d3a52 ZJS |
978 | contain spaces, but control characters are not allowed.</para> |
979 | ||
980 | <para>The command line accepts <literal>%</literal> specifiers as | |
981 | described in | |
982 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. | |
983 | Note that the first argument of the command line (i.e. the program | |
984 | to execute) may not include specifiers.</para> | |
985 | ||
986 | <para>Basic environment variable substitution is supported. Use | |
987 | <literal>${FOO}</literal> as part of a word, or as a word of its | |
988 | own, on the command line, in which case it will be replaced by the | |
989 | value of the environment variable including all whitespace it | |
990 | contains, resulting in a single argument. Use | |
991 | <literal>$FOO</literal> as a separate word on the command line, in | |
992 | which case it will be replaced by the value of the environment | |
993 | variable split at whitespace resulting in zero or more arguments. | |
994 | For this type of expansion, quotes and respected when splitting | |
995 | into words, and afterwards removed.</para> | |
996 | ||
997 | <para>Example:</para> | |
998 | ||
999 | <programlisting>Environment="ONE=one" 'TWO=two two' | |
5d9a2698 ZJS |
1000 | ExecStart=/bin/echo $ONE $TWO ${TWO}</programlisting> |
1001 | ||
798d3a52 ZJS |
1002 | <para>This will execute <command>/bin/echo</command> with four |
1003 | arguments: <literal>one</literal>, <literal>two</literal>, | |
1004 | <literal>two</literal>, and <literal>two two</literal>.</para> | |
5d9a2698 | 1005 | |
798d3a52 ZJS |
1006 | <para>Example:</para> |
1007 | <programlisting>Environment=ONE='one' "TWO='two two' too" THREE= | |
5d9a2698 ZJS |
1008 | ExecStart=/bin/echo ${ONE} ${TWO} ${THREE} |
1009 | ExecStart=/bin/echo $ONE $TWO $THREE</programlisting> | |
798d3a52 ZJS |
1010 | <para>This results in <filename>echo</filename> being |
1011 | called twice, the first time with arguments | |
1012 | <literal>'one'</literal>, | |
1013 | <literal>'two two' too</literal>, <literal></literal>, | |
1014 | and the second time with arguments | |
1015 | <literal>one</literal>, <literal>two two</literal>, | |
1016 | <literal>too</literal>. | |
1017 | </para> | |
1018 | ||
1019 | <para>To pass a literal dollar sign, use <literal>$$</literal>. | |
1020 | Variables whose value is not known at expansion time are treated | |
1021 | as empty strings. Note that the first argument (i.e. the program | |
1022 | to execute) may not be a variable.</para> | |
1023 | ||
1024 | <para>Variables to be used in this fashion may be defined through | |
1025 | <varname>Environment=</varname> and | |
1026 | <varname>EnvironmentFile=</varname>. In addition, variables listed | |
1027 | in the section "Environment variables in spawned processes" in | |
1028 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
1029 | which are considered "static configuration", may be used (this | |
1030 | includes e.g. <varname>$USER</varname>, but not | |
1031 | <varname>$TERM</varname>).</para> | |
1032 | ||
1033 | <para>Note that shell command lines are not directly supported. If | |
1034 | shell command lines are to be used, they need to be passed | |
1035 | explicitly to a shell implementation of some kind. Example:</para> | |
1036 | <programlisting>ExecStart=/bin/sh -c 'dmesg | tac'</programlisting> | |
1037 | ||
1038 | <para>Example:</para> | |
1039 | ||
1040 | <programlisting>ExecStart=/bin/echo one ; /bin/echo "two two"</programlisting> | |
1041 | ||
1042 | <para>This will execute <command>/bin/echo</command> two times, | |
1043 | each time with one argument: <literal>one</literal> and | |
1044 | <literal>two two</literal>, respectively. Because two commands are | |
1045 | specified, <varname>Type=oneshot</varname> must be used.</para> | |
1046 | ||
1047 | <para>Example:</para> | |
1048 | ||
1049 | <programlisting>ExecStart=/bin/echo / >/dev/null & \; \ | |
30d88d54 ZJS |
1050 | /bin/ls</programlisting> |
1051 | ||
798d3a52 ZJS |
1052 | <para>This will execute <command>/bin/echo</command> |
1053 | with five arguments: <literal>/</literal>, | |
1054 | <literal>>/dev/null</literal>, | |
1055 | <literal>&</literal>, <literal>;</literal>, and | |
1056 | <literal>/bin/ls</literal>.</para> | |
1057 | ||
1058 | <table> | |
1059 | <title>C escapes supported in command lines and environment variables</title> | |
1060 | <tgroup cols='2'> | |
1061 | <colspec colname='escape' /> | |
1062 | <colspec colname='meaning' /> | |
1063 | <thead> | |
1064 | <row> | |
1065 | <entry>Literal</entry> | |
1066 | <entry>Actual value</entry> | |
1067 | </row> | |
1068 | </thead> | |
1069 | <tbody> | |
1070 | <row> | |
1071 | <entry><literal>\a</literal></entry> | |
1072 | <entry>bell</entry> | |
1073 | </row> | |
1074 | <row> | |
1075 | <entry><literal>\b</literal></entry> | |
1076 | <entry>backspace</entry> | |
1077 | </row> | |
1078 | <row> | |
1079 | <entry><literal>\f</literal></entry> | |
1080 | <entry>form feed</entry> | |
1081 | </row> | |
1082 | <row> | |
1083 | <entry><literal>\n</literal></entry> | |
1084 | <entry>newline</entry> | |
1085 | </row> | |
1086 | <row> | |
1087 | <entry><literal>\r</literal></entry> | |
1088 | <entry>carriage return</entry> | |
1089 | </row> | |
1090 | <row> | |
1091 | <entry><literal>\t</literal></entry> | |
1092 | <entry>tab</entry> | |
1093 | </row> | |
1094 | <row> | |
1095 | <entry><literal>\v</literal></entry> | |
1096 | <entry>vertical tab</entry> | |
1097 | </row> | |
1098 | <row> | |
1099 | <entry><literal>\\</literal></entry> | |
1100 | <entry>backslash</entry> | |
1101 | </row> | |
1102 | <row> | |
1103 | <entry><literal>\"</literal></entry> | |
1104 | <entry>double quotation mark</entry> | |
1105 | </row> | |
1106 | <row> | |
1107 | <entry><literal>\'</literal></entry> | |
1108 | <entry>single quotation mark</entry> | |
1109 | </row> | |
1110 | <row> | |
1111 | <entry><literal>\s</literal></entry> | |
1112 | <entry>space</entry> | |
1113 | </row> | |
1114 | <row> | |
1115 | <entry><literal>\x<replaceable>xx</replaceable></literal></entry> | |
1116 | <entry>character number <replaceable>xx</replaceable> in hexadecimal encoding</entry> | |
1117 | </row> | |
1118 | <row> | |
1119 | <entry><literal>\<replaceable>nnn</replaceable></literal></entry> | |
1120 | <entry>character number <replaceable>nnn</replaceable> in octal encoding</entry> | |
1121 | </row> | |
1122 | </tbody> | |
1123 | </tgroup> | |
1124 | </table> | |
1125 | </refsect1> | |
1126 | ||
1127 | <refsect1> | |
1128 | <title>Examples</title> | |
1129 | ||
1130 | <example> | |
1131 | <title>Simple service</title> | |
1132 | ||
1133 | <para>The following unit file creates a service that will | |
1134 | execute <filename>/usr/sbin/foo-daemon</filename>. Since no | |
1135 | <varname>Type=</varname> is specified, the default | |
1136 | <varname>Type=</varname><option>simple</option> will be assumed. | |
1137 | systemd will assume the unit to be started immediately after the | |
1138 | program has begun executing.</para> | |
1139 | ||
1140 | <programlisting>[Unit] | |
d44efb62 CS |
1141 | Description=Foo |
1142 | ||
1143 | [Service] | |
1144 | ExecStart=/usr/sbin/foo-daemon | |
1145 | ||
1146 | [Install] | |
1147 | WantedBy=multi-user.target</programlisting> | |
1148 | ||
798d3a52 ZJS |
1149 | <para>Note that systemd assumes here that the process started by |
1150 | systemd will continue running until the service terminates. If | |
1151 | the program daemonizes itself (i.e. forks), please use | |
1152 | <varname>Type=</varname><option>forking</option> instead.</para> | |
1153 | ||
1154 | <para>Since no <varname>ExecStop=</varname> was specified, | |
1155 | systemd will send SIGTERM to all processes started from this | |
1156 | service, and after a timeout also SIGKILL. This behavior can be | |
1157 | modified, see | |
1158 | <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
1159 | for details.</para> | |
1160 | ||
1161 | <para>Note that this unit type does not include any type of | |
1162 | notification when a service has completed initialization. For | |
1163 | this, you should use other unit types, such as | |
1164 | <varname>Type=</varname><option>notify</option> if the service | |
1165 | understands systemd's notification protocol, | |
1166 | <varname>Type=</varname><option>forking</option> if the service | |
1167 | can background itself or | |
1168 | <varname>Type=</varname><option>dbus</option> if the unit | |
1169 | acquires a DBus name once initialization is complete. See | |
1170 | below.</para> | |
1171 | </example> | |
1172 | ||
1173 | <example> | |
1174 | <title>Oneshot service</title> | |
1175 | ||
1176 | <para>Sometimes units should just execute an action without | |
1177 | keeping active processes, such as a filesystem check or a | |
1178 | cleanup action on boot. For this, | |
1179 | <varname>Type=</varname><option>oneshot</option> exists. Units | |
1180 | of this type will wait until the process specified terminates | |
1181 | and then fall back to being inactive. The following unit will | |
ff9b60f3 | 1182 | perform a cleanup action:</para> |
798d3a52 ZJS |
1183 | |
1184 | <programlisting>[Unit] | |
d44efb62 CS |
1185 | Description=Cleanup old Foo data |
1186 | ||
1187 | [Service] | |
1188 | Type=oneshot | |
1189 | ExecStart=/usr/sbin/foo-cleanup | |
1190 | ||
1191 | [Install] | |
1192 | WantedBy=multi-user.target</programlisting> | |
1193 | ||
798d3a52 ZJS |
1194 | <para>Note that systemd will consider the unit to be in the |
1195 | state 'starting' until the program has terminated, so ordered | |
1196 | dependencies will wait for the program to finish before starting | |
1197 | themselves. The unit will revert to the 'inactive' state after | |
1198 | the execution is done, never reaching the 'active' state. That | |
1199 | means another request to start the unit will perform the action | |
1200 | again.</para> | |
1201 | ||
1202 | <para><varname>Type=</varname><option>oneshot</option> are the | |
1203 | only service units that may have more than one | |
1204 | <varname>ExecStart=</varname> specified. They will be executed | |
1205 | in order until either they are all successful or one of them | |
1206 | fails.</para> | |
1207 | </example> | |
1208 | ||
1209 | <example> | |
1210 | <title>Stoppable oneshot service</title> | |
1211 | ||
1212 | <para>Similarly to the oneshot services, there are sometimes | |
1213 | units that need to execute a program to set up something and | |
1214 | then execute another to shut it down, but no process remains | |
1215 | active while they are considered 'started'. Network | |
1216 | configuration can sometimes fall into this category. Another use | |
1217 | case is if a oneshot service shall not be executed a each time | |
1218 | when they are pulled in as a dependency, but only the first | |
1219 | time.</para> | |
1220 | ||
1221 | <para>For this, systemd knows the setting | |
1222 | <varname>RemainAfterExit=</varname><option>yes</option>, which | |
1223 | causes systemd to consider the unit to be active if the start | |
1224 | action exited successfully. This directive can be used with all | |
1225 | types, but is most useful with | |
1226 | <varname>Type=</varname><option>oneshot</option> and | |
1227 | <varname>Type=</varname><option>simple</option>. With | |
1228 | <varname>Type=</varname><option>oneshot</option> systemd waits | |
1229 | until the start action has completed before it considers the | |
1230 | unit to be active, so dependencies start only after the start | |
1231 | action has succeeded. With | |
1232 | <varname>Type=</varname><option>simple</option> dependencies | |
1233 | will start immediately after the start action has been | |
1234 | dispatched. The following unit provides an example for a simple | |
1235 | static firewall.</para> | |
1236 | ||
1237 | <programlisting>[Unit] | |
d44efb62 CS |
1238 | Description=Simple firewall |
1239 | ||
1240 | [Service] | |
1241 | Type=oneshot | |
1242 | RemainAfterExit=yes | |
1243 | ExecStart=/usr/local/sbin/simple-firewall-start | |
1244 | ExecStop=/usr/local/sbin/simple-firewall-stop | |
1245 | ||
1246 | [Install] | |
1247 | WantedBy=multi-user.target</programlisting> | |
1248 | ||
798d3a52 ZJS |
1249 | <para>Since the unit is considered to be running after the start |
1250 | action has exited, invoking <command>systemctl start</command> | |
1251 | on that unit again will cause no action to be taken.</para> | |
1252 | </example> | |
1253 | ||
1254 | <example> | |
1255 | <title>Traditional forking services</title> | |
1256 | ||
1257 | <para>Many traditional daemons/services background (i.e. fork, | |
1258 | daemonize) themselves when starting. Set | |
1259 | <varname>Type=</varname><option>forking</option> in the | |
1260 | service's unit file to support this mode of operation. systemd | |
1261 | will consider the service to be in the process of initialization | |
1262 | while the original program is still running. Once it exits | |
1263 | successfully and at least a process remains (and | |
1264 | <varname>RemainAfterExit=</varname><option>no</option>), the | |
1265 | service is considered started.</para> | |
1266 | ||
1267 | <para>Often a traditional daemon only consists of one process. | |
1268 | Therefore, if only one process is left after the original | |
1269 | process terminates, systemd will consider that process the main | |
1270 | process of the service. In that case, the | |
1271 | <varname>$MAINPID</varname> variable will be available in | |
1272 | <varname>ExecReload=</varname>, <varname>ExecStop=</varname>, | |
1273 | etc.</para> | |
1274 | ||
1275 | <para>In case more than one process remains, systemd will be | |
1276 | unable to determine the main process, so it will not assume | |
1277 | there is one. In that case, <varname>$MAINPID</varname> will not | |
1278 | expand to anything. However, if the process decides to write a | |
1279 | traditional PID file, systemd will be able to read the main PID | |
1280 | from there. Please set <varname>PIDFile=</varname> accordingly. | |
1281 | Note that the daemon should write that file before finishing | |
1282 | with its initialization, otherwise systemd might try to read the | |
1283 | file before it exists.</para> | |
1284 | ||
1285 | <para>The following example shows a simple daemon that forks and | |
1286 | just starts one process in the background:</para> | |
1287 | ||
1288 | <programlisting>[Unit] | |
d44efb62 CS |
1289 | Description=Some simple daemon |
1290 | ||
1291 | [Service] | |
1292 | Type=forking | |
1293 | ExecStart=/usr/sbin/my-simple-daemon -d | |
1294 | ||
1295 | [Install] | |
1296 | WantedBy=multi-user.target</programlisting> | |
1297 | ||
798d3a52 ZJS |
1298 | <para>Please see |
1299 | <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
1300 | for details on how you can influence the way systemd terminates | |
1301 | the service.</para> | |
1302 | </example> | |
1303 | ||
1304 | <example> | |
1305 | <title>DBus services</title> | |
1306 | ||
1307 | <para>For services that acquire a name on the DBus system bus, | |
1308 | use <varname>Type=</varname><option>dbus</option> and set | |
1309 | <varname>BusName=</varname> accordingly. The service should not | |
1310 | fork (daemonize). systemd will consider the service to be | |
1311 | initialized once the name has been acquired on the system bus. | |
1312 | The following example shows a typical DBus service:</para> | |
1313 | ||
1314 | <programlisting>[Unit] | |
d44efb62 CS |
1315 | Description=Simple DBus service |
1316 | ||
1317 | [Service] | |
1318 | Type=dbus | |
1319 | BusName=org.example.simple-dbus-service | |
1320 | ExecStart=/usr/sbin/simple-dbus-service | |
1321 | ||
1322 | [Install] | |
1323 | WantedBy=multi-user.target</programlisting> | |
1324 | ||
798d3a52 ZJS |
1325 | <para>For <emphasis>bus-activatable</emphasis> services, don't |
1326 | include a <literal>[Install]</literal> section in the systemd | |
1327 | service file, but use the <varname>SystemdService=</varname> | |
1328 | option in the corresponding DBus service file, for example | |
1329 | (<filename>/usr/share/dbus-1/system-services/org.example.simple-dbus-service.service</filename>):</para> | |
d44efb62 | 1330 | |
798d3a52 | 1331 | <programlisting>[D-BUS Service] |
d44efb62 CS |
1332 | Name=org.example.simple-dbus-service |
1333 | Exec=/usr/sbin/simple-dbus-service | |
1334 | User=root | |
1335 | SystemdService=simple-dbus-service.service</programlisting> | |
1336 | ||
798d3a52 ZJS |
1337 | <para>Please see |
1338 | <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
1339 | for details on how you can influence the way systemd terminates | |
1340 | the service.</para> | |
1341 | </example> | |
1342 | ||
1343 | <example> | |
1344 | <title>Services that notify systemd about their initialization</title> | |
1345 | ||
1346 | <para><varname>Type=</varname><option>simple</option> services | |
1347 | are really easy to write, but have the major disadvantage of | |
1348 | systemd not being able to tell when initialization of the given | |
1349 | service is complete. For this reason, systemd supports a simple | |
1350 | notification protocol that allows daemons to make systemd aware | |
1351 | that they are done initializing. Use | |
1352 | <varname>Type=</varname><option>notify</option> for this. A | |
1353 | typical service file for such a daemon would look like | |
1354 | this:</para> | |
1355 | ||
1356 | <programlisting>[Unit] | |
d44efb62 CS |
1357 | Description=Simple notifying service |
1358 | ||
1359 | [Service] | |
1360 | Type=notify | |
1361 | ExecStart=/usr/sbin/simple-notifying-service | |
1362 | ||
1363 | [Install] | |
1364 | WantedBy=multi-user.target</programlisting> | |
1365 | ||
798d3a52 ZJS |
1366 | <para>Note that the daemon has to support systemd's notification |
1367 | protocol, else systemd will think the service hasn't started yet | |
1368 | and kill it after a timeout. For an example of how to update | |
1369 | daemons to support this protocol transparently, take a look at | |
1370 | <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>. | |
1371 | systemd will consider the unit to be in the 'starting' state | |
1372 | until a readiness notification has arrived.</para> | |
1373 | ||
1374 | <para>Please see | |
1375 | <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
1376 | for details on how you can influence the way systemd terminates | |
1377 | the service.</para> | |
1378 | </example> | |
1379 | </refsect1> | |
1380 | ||
1381 | <refsect1> | |
1382 | <title>See Also</title> | |
1383 | <para> | |
1384 | <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
1385 | <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
1386 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
1387 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
1388 | <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
1389 | <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
1390 | <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry> | |
1391 | </para> | |
1392 | </refsect1> | |
d1ab0ca0 LP |
1393 | |
1394 | </refentry> |